[PAC][InstCombine] Replace auth+sign with resign

atrosinenko · atrosinenko · commit 52f39137a233 · 2025-07-01T16:36:34.000+03:00
Prevent introducing signing oracles by increasing the chances that
pointer resign pattern is detected and kept as a single operation until
it is expanded in AsmPrinter.

With separate auth and sign intrinsics, it is possible that intermediate
authenticated pointer is spilled to stack and reloaded before it is
signed again, thus making it possible for the attacker to trick the PAC*
instruction into signing an arbitrary pointer.
diff --git a/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp b/llvm/lib/Transforms/InstCombine/InstCombineCalls.cpp
@@ -3048,6 +3048,29 @@ Instruction *InstCombinerImpl::visitCallInst(CallInst &CI) {
         Intrinsic::getOrInsertDeclaration(II->getModule(), NewIntrin);
     return CallInst::Create(NewFn, CallArgs);
   }
+  case Intrinsic::ptrauth_sign: {
+    // auth + sign can be replaced with resign, which prevents unsafe
+    // spills and reloads of intermediate authenticated value.
+    Value *Ptr = II->getArgOperand(0);
+    Value *SignKey = II->getArgOperand(1);
+    Value *SignDisc = II->getArgOperand(2);
+
+    const auto *CI = dyn_cast<CallBase>(Ptr);
+    if (!CI || CI->getIntrinsicID() != Intrinsic::ptrauth_auth)
+      break;
+
+    Value *BasePtr = CI->getOperand(0);
+    Value *AuthKey = CI->getArgOperand(1);
+    Value *AuthDisc = CI->getArgOperand(2);
+
+    // Not replacing auth+sign using the same schema with nop, as auth+sign
+    // pair traps on authentication failure.
+
+    Function *NewFn = Intrinsic::getOrInsertDeclaration(
+        II->getModule(), Intrinsic::ptrauth_resign);
+    return CallInst::Create(NewFn,
+                            {BasePtr, AuthKey, AuthDisc, SignKey, SignDisc});
+  }
   case Intrinsic::arm_neon_vtbl1:
   case Intrinsic::aarch64_neon_tbl1:
     if (Value *V = simplifyNeonTbl1(*II, Builder))
diff --git a/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll b/llvm/test/Transforms/InstCombine/ptrauth-intrinsics.ll
@@ -163,8 +163,7 @@ define i64 @test_ptrauth_resign_ptrauth_constant(ptr %p) {
 define i64 @test_ptrauth_auth_sign_same_schema(ptr %p) {
 ; CHECK-LABEL: @test_ptrauth_auth_sign_same_schema(
 ; CHECK-NEXT:    [[P_INT:%.*]] = ptrtoint ptr [[P:%.*]] to i64
-; CHECK-NEXT:    [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 [[P_INT]], i32 1, i64 1234)
-; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.sign(i64 [[AUTHED]], i32 1, i64 1234)
+; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.resign(i64 [[P_INT]], i32 1, i64 1234, i32 1, i64 1234)
 ; CHECK-NEXT:    ret i64 [[RESIGNED]]
 ;
   %p.int = ptrtoint ptr %p to i64
@@ -176,8 +175,7 @@ define i64 @test_ptrauth_auth_sign_same_schema(ptr %p) {
 define i64 @test_ptrauth_auth_sign_opaque_disc_same_schema(ptr %p, i64 %disc) {
 ; CHECK-LABEL: @test_ptrauth_auth_sign_opaque_disc_same_schema(
 ; CHECK-NEXT:    [[P_INT:%.*]] = ptrtoint ptr [[P:%.*]] to i64
-; CHECK-NEXT:    [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 [[P_INT]], i32 1, i64 [[DISC:%.*]])
-; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.sign(i64 [[AUTHED]], i32 1, i64 [[DISC]])
+; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.resign(i64 [[P_INT]], i32 1, i64 [[DISC:%.*]], i32 1, i64 [[DISC]])
 ; CHECK-NEXT:    ret i64 [[RESIGNED]]
 ;
   %p.int = ptrtoint ptr %p to i64
@@ -189,8 +187,7 @@ define i64 @test_ptrauth_auth_sign_opaque_disc_same_schema(ptr %p, i64 %disc) {
 define i64 @test_ptrauth_auth_sign_different_disc(ptr %p, i64 %disc) {
 ; CHECK-LABEL: @test_ptrauth_auth_sign_different_disc(
 ; CHECK-NEXT:    [[P_INT:%.*]] = ptrtoint ptr [[P:%.*]] to i64
-; CHECK-NEXT:    [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 [[P_INT]], i32 1, i64 [[DISC:%.*]])
-; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.sign(i64 [[AUTHED]], i32 1, i64 1234)
+; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.resign(i64 [[P_INT]], i32 1, i64 [[DISC:%.*]], i32 1, i64 1234)
 ; CHECK-NEXT:    ret i64 [[RESIGNED]]
 ;
   %p.int = ptrtoint ptr %p to i64
@@ -202,8 +199,7 @@ define i64 @test_ptrauth_auth_sign_different_disc(ptr %p, i64 %disc) {
 define i64 @test_ptrauth_auth_sign_different_key(ptr %p) {
 ; CHECK-LABEL: @test_ptrauth_auth_sign_different_key(
 ; CHECK-NEXT:    [[P_INT:%.*]] = ptrtoint ptr [[P:%.*]] to i64
-; CHECK-NEXT:    [[AUTHED:%.*]] = call i64 @llvm.ptrauth.auth(i64 [[P_INT]], i32 0, i64 1234)
-; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.sign(i64 [[AUTHED]], i32 1, i64 1234)
+; CHECK-NEXT:    [[RESIGNED:%.*]] = call i64 @llvm.ptrauth.resign(i64 [[P_INT]], i32 0, i64 1234, i32 1, i64 1234)
 ; CHECK-NEXT:    ret i64 [[RESIGNED]]
 ;
   %p.int = ptrtoint ptr %p to i64
