Implement SoftPointerAuth prototype.

ahmedbougacha · ahmedbougacha · commit 6133884471c7 · 2023-09-19T13:05:53.000-07:00
diff --git a/clang/include/clang/Basic/LangOptions.def b/clang/include/clang/Basic/LangOptions.def
@@ -166,6 +166,7 @@ LANGOPT(PointerAuthReturns, 1, 0, "return pointer authentication")
 LANGOPT(PointerAuthAuthTraps, 1, 0, "pointer authentication failure traps")
 LANGOPT(PointerAuthVTPtrAddressDiscrimination, 1, 0, "incorporate address discrimination in authenticated vtable pointers")
 LANGOPT(PointerAuthVTPtrTypeDiscrimination, 1, 0, "incorporate type discrimination in authenticated vtable pointers")
+LANGOPT(SoftPointerAuth   , 1, 0, "software emulation of pointer authentication")
 LANGOPT(PointerAuthBlockDescriptorPointers, 1, 0, "enable signed block descriptors")
 VALUE_LANGOPT(PointerAuthABIVersion, 32, 0, "pointer authentication ABI version")
 LANGOPT(PointerAuthKernelABIVersion, 1, 0, "controls whether the pointer auth abi version represents a kernel ABI")
diff --git a/clang/include/clang/Basic/PointerAuthOptions.h b/clang/include/clang/Basic/PointerAuthOptions.h
@@ -39,9 +39,24 @@ class PointerAuthSchema {
 public:
   enum class Kind : unsigned {
     None,
+    Soft,
     ARM8_3,
   };
 
+  /// Software pointer-signing "keys". If you add a new key, make sure this->Key
+  /// has a large enough bit-width.
+  enum class SoftKey : unsigned {
+    FunctionPointers = 0,
+    BlockInvocationFunctionPointers = 1,
+    BlockHelperFunctionPointers = 2,
+    ObjCMethodListFunctionPointers = 3,
+    CXXVTablePointers = 4,
+    CXXVirtualFunctionPointers = 5,
+    CXXMemberFunctionPointers = 6,
+    ObjCMethodListPointer = 7,
+    BlockDescriptorPointers = 8,
+  };
+
   /// Hardware pointer-signing keys in ARM8.3.
   ///
   /// These values are the same used in ptrauth.h.
@@ -79,6 +94,22 @@ class PointerAuthSchema {
 public:
   PointerAuthSchema() : TheKind(Kind::None) {}
 
+  PointerAuthSchema(SoftKey key, bool isAddressDiscriminated,
+                    PointerAuthenticationMode authenticationMode,
+                    Discrimination otherDiscrimination,
+                    std::optional<uint16_t> constantDiscriminator = std::nullopt,
+                    bool authenticatesNullValues = false)
+      : TheKind(Kind::Soft), IsAddressDiscriminated(isAddressDiscriminated),
+        AuthenticatesNullValues(authenticatesNullValues),
+        SelectedAuthenticationMode(authenticationMode),
+        DiscriminationKind(otherDiscrimination), Key(unsigned(key)) {
+    assert((getOtherDiscrimination() != Discrimination::Constant ||
+            constantDiscriminator) &&
+           "constant discrimination requires a constant!");
+    if (constantDiscriminator)
+      ConstantDiscriminator = *constantDiscriminator;
+  }
+
   PointerAuthSchema(ARM8_3Key key, bool isAddressDiscriminated,
                     PointerAuthenticationMode authenticationMode,
                     Discrimination otherDiscrimination,
@@ -95,6 +126,16 @@ class PointerAuthSchema {
       ConstantDiscriminator = *constantDiscriminator;
   }
 
+  PointerAuthSchema(SoftKey key, bool isAddressDiscriminated,
+                    Discrimination otherDiscrimination,
+                    std::optional<uint16_t> constantDiscriminator = std::nullopt,
+                    bool isIsaPointer = false,
+                    bool authenticatesNullValues = false)
+      : PointerAuthSchema(key, isAddressDiscriminated,
+                          PointerAuthenticationMode::SignAndAuth,
+                          otherDiscrimination, constantDiscriminator,
+                          authenticatesNullValues) {}
+
   PointerAuthSchema(ARM8_3Key key, bool isAddressDiscriminated,
                     Discrimination otherDiscrimination,
                     std::optional<uint16_t> constantDiscriminator = std::nullopt,
@@ -138,6 +179,8 @@ class PointerAuthSchema {
     switch (getKind()) {
     case Kind::None:
       llvm_unreachable("calling getKey() on disabled schema");
+    case Kind::Soft:
+      return unsigned(getSoftKey());
     case Kind::ARM8_3:
       return unsigned(getARM8_3Key());
     }
@@ -148,6 +191,11 @@ class PointerAuthSchema {
     return SelectedAuthenticationMode;
   }
 
+  SoftKey getSoftKey() const {
+    assert(getKind() == Kind::Soft);
+    return SoftKey(Key);
+  }
+
   ARM8_3Key getARM8_3Key() const {
     assert(getKind() == Kind::ARM8_3);
     return ARM8_3Key(Key);
diff --git a/clang/include/clang/Driver/Options.td b/clang/include/clang/Driver/Options.td
@@ -3887,6 +3887,8 @@ let Group = f_Group in {
       HelpText<"Enable address discrimination of vtable pointers">;
     def fptrauth_vtable_pointer_type_discrimination : Flag<["-"], "fptrauth-vtable-pointer-type-discrimination">,
       HelpText<"Enable type discrimination of vtable pointers">;
+    def fptrauth_soft : Flag<["-"], "fptrauth-soft">,
+      HelpText<"Enable software lowering of pointer authentication">;
     def fptrauth_block_descriptor_pointers : Flag<["-"], "fptrauth-block-descriptor-pointers">,
       HelpText<"enable signing block descriptors">;
     def fptrauth_function_pointer_type_discrimination : Flag<["-"], "fptrauth-function-pointer-type-discrimination">,
@@ -3898,6 +3900,7 @@ let Group = f_Group in {
   def fno_ptrauth_auth_traps : Flag<["-"], "fno-ptrauth-auth-traps">;
   def fno_ptrauth_vtable_pointer_address_discrimination : Flag<["-"], "fno-ptrauth-vtable-pointer-address-discrimination">;
   def fno_ptrauth_vtable_pointer_type_discrimination : Flag<["-"], "fno-ptrauth-vtable-pointer-type-discrimination">;
+  def fno_ptrauth_soft : Flag<["-"], "fno-ptrauth-soft">;
   def fno_ptrauth_block_descriptor_pointers : Flag<["-"], "fno-ptrauth-block-descriptor-pointers">;
   def fno_ptrauth_function_pointer_type_discrimination : Flag<["-"], "fno-ptrauth-function-pointer-type-discrimination">;
 }
diff --git a/clang/lib/CodeGen/BackendUtil.cpp b/clang/lib/CodeGen/BackendUtil.cpp
@@ -72,6 +72,7 @@
 #include "llvm/Transforms/Instrumentation/MemorySanitizer.h"
 #include "llvm/Transforms/Instrumentation/SanitizerBinaryMetadata.h"
 #include "llvm/Transforms/Instrumentation/SanitizerCoverage.h"
+#include "llvm/Transforms/Instrumentation/SoftPointerAuth.h"
 #include "llvm/Transforms/Instrumentation/ThreadSanitizer.h"
 #include "llvm/Transforms/ObjCARC.h"
 #include "llvm/Transforms/Scalar/EarlyCSE.h"
@@ -995,6 +996,12 @@ void EmitAssemblyHelper::RunOptimizationPipeline(
       addKCFIPass(TargetTriple, LangOpts, PB);
     }
 
+    if (LangOpts.SoftPointerAuth)
+      PB.registerOptimizerLastEPCallback(
+          [](ModulePassManager &MPM, OptimizationLevel Level) {
+            MPM.addPass(SoftPointerAuthPass());
+          });
+
     if (std::optional<GCOVOptions> Options =
             getGCOVOptions(CodeGenOpts, LangOpts))
       PB.registerPipelineStartEPCallback(
diff --git a/clang/lib/CodeGen/CGPointerAuth.cpp b/clang/lib/CodeGen/CGPointerAuth.cpp
@@ -731,12 +731,16 @@ CodeGenModule::computeVTPointerAuthentication(const CXXRecordDecl *thisClass) {
       return std::nullopt;
     }
     if (explicitKey != VTablePointerAuthenticationAttr::DefaultKey) {
-      if (explicitKey == VTablePointerAuthenticationAttr::ProcessIndependent)
-        key = (unsigned)PointerAuthSchema::ARM8_3Key::ASDA;
-      else {
-        assert(explicitKey ==
-               VTablePointerAuthenticationAttr::ProcessDependent);
-        key = (unsigned)PointerAuthSchema::ARM8_3Key::ASDB;
+      if (Context.getLangOpts().SoftPointerAuth) {
+        key = (unsigned)PointerAuthSchema::SoftKey::CXXVirtualFunctionPointers;
+      } else {
+        if (explicitKey == VTablePointerAuthenticationAttr::ProcessIndependent)
+          key = (unsigned)PointerAuthSchema::ARM8_3Key::ASDA;
+        else {
+          assert(explicitKey ==
+                 VTablePointerAuthenticationAttr::ProcessDependent);
+          key = (unsigned)PointerAuthSchema::ARM8_3Key::ASDB;
+        }
       }
     }
 
diff --git a/clang/lib/Driver/ToolChains/Clang.cpp b/clang/lib/Driver/ToolChains/Clang.cpp
@@ -7006,6 +7006,10 @@ void Clang::ConstructJob(Compilation &C, const JobAction &JA,
                    false))
     CmdArgs.push_back("-fptrauth-vtable-pointer-type-discrimination");
 
+  if (Args.hasFlag(options::OPT_fptrauth_soft,
+                   options::OPT_fno_ptrauth_soft, false))
+    CmdArgs.push_back("-fptrauth-soft");
+
   if (Args.hasFlag(options::OPT_fptrauth_block_descriptor_pointers,
                    options::OPT_fno_ptrauth_block_descriptor_pointers, false))
     CmdArgs.push_back("-fptrauth-block-descriptor-pointers");
diff --git a/clang/lib/Frontend/CompilerInvocation.cpp b/clang/lib/Frontend/CompilerInvocation.cpp
@@ -1442,6 +1442,51 @@ static void setPGOUseInstrumentor(CodeGenOptions &Opts,
 bool CompilerInvocation::setDefaultPointerAuthOptions(
     PointerAuthOptions &Opts, const LangOptions &LangOpts,
     const llvm::Triple &Triple) {
+  if (LangOpts.SoftPointerAuth) {
+    if (LangOpts.PointerAuthCalls) {
+      using Key = PointerAuthSchema::SoftKey;
+      using Discrimination = PointerAuthSchema::Discrimination;
+      Opts.FunctionPointers =
+          PointerAuthSchema(Key::FunctionPointers, false,
+                            LangOpts.FunctionPointerTypeDiscrimination
+                                ? Discrimination::Type
+                                : Discrimination::None);
+      Opts.BlockInvocationFunctionPointers = PointerAuthSchema(
+          Key::BlockInvocationFunctionPointers, true, Discrimination::None);
+      Opts.BlockHelperFunctionPointers = PointerAuthSchema(
+          Key::BlockHelperFunctionPointers, true, Discrimination::None);
+      Opts.BlockByrefHelperFunctionPointers = PointerAuthSchema(
+          Key::BlockHelperFunctionPointers, true, Discrimination::None);
+      if (LangOpts.PointerAuthBlockDescriptorPointers) {
+        Opts.BlockDescriptorPointers = PointerAuthSchema(
+            Key::BlockDescriptorPointers, true, Discrimination::Constant,
+            BlockDescriptorConstantDiscriminator);
+      }
+      Opts.ObjCMethodListFunctionPointers = PointerAuthSchema(
+          Key::ObjCMethodListFunctionPointers, true, Discrimination::None);
+      Opts.ObjCMethodListPointer = PointerAuthSchema(
+          Key::ObjCMethodListPointer, true, Discrimination::Constant,
+          MethodListPointerConstantDiscriminator);
+      Opts.CXXVTablePointers = PointerAuthSchema(
+          Key::CXXVTablePointers,
+          LangOpts.PointerAuthVTPtrAddressDiscrimination,
+          LangOpts.PointerAuthVTPtrTypeDiscrimination ? Discrimination::Type
+                                                      : Discrimination::None);
+      Opts.CXXTypeInfoVTablePointer = PointerAuthSchema(
+          Key::CXXVTablePointers, false, Discrimination::None);
+      Opts.CXXVTTVTablePointers = PointerAuthSchema(
+          Key::CXXVTablePointers, false, Discrimination::None);
+      Opts.CXXVirtualFunctionPointers =
+          Opts.CXXVirtualVariadicFunctionPointers = PointerAuthSchema(
+              Key::CXXVirtualFunctionPointers, true, Discrimination::Decl);
+      Opts.CXXMemberFunctionPointers = PointerAuthSchema(
+          Key::CXXMemberFunctionPointers, false, Discrimination::Type);
+    }
+    Opts.ReturnAddresses = LangOpts.PointerAuthReturns;
+    Opts.AuthTraps = LangOpts.PointerAuthAuthTraps;
+    return true;
+  }
+
   if (Triple.getArch() == llvm::Triple::aarch64) {
     if (LangOpts.PointerAuthCalls) {
       using Key = PointerAuthSchema::ARM8_3Key;
@@ -3346,6 +3391,8 @@ static void GeneratePointerAuthArgs(const LangOptions &Opts,
     GenerateArg(Consumer, OPT_fptrauth_vtable_pointer_type_discrimination);
   if (Opts.FunctionPointerTypeDiscrimination)
     GenerateArg(Consumer, OPT_fptrauth_function_pointer_type_discrimination);
+  if (Opts.SoftPointerAuth)
+    GenerateArg(Consumer, OPT_fptrauth_soft);
   if (Opts.PointerAuthBlockDescriptorPointers)
     GenerateArg(Consumer, OPT_fptrauth_block_descriptor_pointers);
 
@@ -3367,6 +3414,7 @@ static void ParsePointerAuthArgs(LangOptions &Opts, ArgList &Args,
       Args.hasArg(OPT_fptrauth_vtable_pointer_address_discrimination);
   Opts.PointerAuthVTPtrTypeDiscrimination =
       Args.hasArg(OPT_fptrauth_vtable_pointer_type_discrimination);
+  Opts.SoftPointerAuth = Args.hasArg(OPT_fptrauth_soft);
   Opts.PointerAuthBlockDescriptorPointers =
       Args.hasArg(OPT_fptrauth_block_descriptor_pointers);
 
diff --git a/clang/test/Driver/arch-arm64e.c b/clang/test/Driver/arch-arm64e.c
@@ -6,6 +6,7 @@
 // NONE-NOT: "-fptrauth-calls"
 // NONE-NOT: "-fptrauth-returns"
 // NONE-NOT: "-fptrauth-auth-traps"
+// NONE-NOT: "-fptrauth-soft"
 
 // RUN: %clang -target arm64-apple-ios -fptrauth-calls -c %s -### 2>&1 | FileCheck %s --check-prefix CALL
 // CALL: "-cc1"{{.*}} {{.*}} "-fptrauth-calls"
@@ -19,6 +20,9 @@
 // RUN: %clang -target arm64-apple-ios -fptrauth-auth-traps -c %s -### 2>&1 | FileCheck %s --check-prefix TRAPS
 // TRAPS: "-cc1"{{.*}} {{.*}} "-fptrauth-auth-traps"
 
+// RUN: %clang -target arm64-apple-ios -fptrauth-soft -c %s -### 2>&1 | FileCheck %s --check-prefix SOFT
+// SOFT: "-cc1"{{.*}} {{.*}} "-fptrauth-soft"
+
 
 // Check the arm64e defaults.
 
diff --git a/llvm/include/llvm/InitializePasses.h b/llvm/include/llvm/InitializePasses.h
@@ -305,6 +305,7 @@ void initializeSingleLoopExtractorPass(PassRegistry&);
 void initializeSinkingLegacyPassPass(PassRegistry&);
 void initializeSjLjEHPreparePass(PassRegistry&);
 void initializeSlotIndexesPass(PassRegistry&);
+void initializeSoftPointerAuthLegacyPassPass(PassRegistry&);
 void initializeSpeculativeExecutionLegacyPassPass(PassRegistry&);
 void initializeSpillPlacementPass(PassRegistry&);
 void initializeStackColoringPass(PassRegistry&);
diff --git a/llvm/include/llvm/Transforms/Instrumentation/SoftPointerAuth.h b/llvm/include/llvm/Transforms/Instrumentation/SoftPointerAuth.h
@@ -0,0 +1,22 @@
+//===- SoftPointerAuth.h - Software lowering of ptrauth intrins -*- C++ -*-===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+#ifndef LLVM_TRANSFORMS_INSTRUMENTATION_SOFTPOINTERAUTH_H
+#define LLVM_TRANSFORMS_INSTRUMENTATION_SOFTPOINTERAUTH_H
+
+#include "llvm/IR/PassManager.h"
+
+namespace llvm {
+
+struct SoftPointerAuthPass : public PassInfoMixin<SoftPointerAuthPass> {
+  PreservedAnalyses run(Module &M, ModuleAnalysisManager &AM);
+};
+
+} // end namespace llvm
+
+#endif // LLVM_TRANSFORMS_INSTRUMENTATION_SOFTPOINTERAUTH_H
diff --git a/llvm/lib/Passes/PassBuilder.cpp b/llvm/lib/Passes/PassBuilder.cpp
@@ -148,6 +148,7 @@
 #include "llvm/Transforms/Instrumentation/PoisonChecking.h"
 #include "llvm/Transforms/Instrumentation/SanitizerBinaryMetadata.h"
 #include "llvm/Transforms/Instrumentation/SanitizerCoverage.h"
+#include "llvm/Transforms/Instrumentation/SoftPointerAuth.h"
 #include "llvm/Transforms/Instrumentation/ThreadSanitizer.h"
 #include "llvm/Transforms/ObjCARC.h"
 #include "llvm/Transforms/Scalar/ADCE.h"
diff --git a/llvm/lib/Passes/PassRegistry.def b/llvm/lib/Passes/PassRegistry.def
@@ -112,6 +112,7 @@ MODULE_PASS("scc-oz-module-inliner",
 MODULE_PASS("strip", StripSymbolsPass())
 MODULE_PASS("strip-dead-debug-info", StripDeadDebugInfoPass())
 MODULE_PASS("pseudo-probe", SampleProfileProbePass(TM))
+MODULE_PASS("soft-ptrauth", SoftPointerAuthPass())
 MODULE_PASS("strip-dead-prototypes", StripDeadPrototypesPass())
 MODULE_PASS("strip-debug-declare", StripDebugDeclarePass())
 MODULE_PASS("strip-nondebug", StripNonDebugSymbolsPass())
diff --git a/llvm/lib/Transforms/Instrumentation/CMakeLists.txt b/llvm/lib/Transforms/Instrumentation/CMakeLists.txt
@@ -18,6 +18,7 @@ add_llvm_component_library(LLVMInstrumentation
   PoisonChecking.cpp
   SanitizerCoverage.cpp
   SanitizerBinaryMetadata.cpp
+  SoftPointerAuth.cpp
   ValueProfileCollector.cpp
   ThreadSanitizer.cpp
   HWAddressSanitizer.cpp
diff --git a/llvm/lib/Transforms/Instrumentation/Instrumentation.cpp b/llvm/lib/Transforms/Instrumentation/Instrumentation.cpp
@@ -84,4 +84,3 @@ Comdat *llvm::getOrCreateFunctionComdat(Function &F, Triple &T) {
   F.setComdat(C);
   return C;
 }
-
diff --git a/llvm/lib/Transforms/Instrumentation/SoftPointerAuth.cpp b/llvm/lib/Transforms/Instrumentation/SoftPointerAuth.cpp
diff --git a/llvm/test/Transforms/SoftPointerAuth/intrinsics.ll b/llvm/test/Transforms/SoftPointerAuth/intrinsics.ll
diff --git a/llvm/test/Transforms/SoftPointerAuth/relocs.ll b/llvm/test/Transforms/SoftPointerAuth/relocs.ll
