Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[clang] Wire -fptrauth-returns to "ptrauth-returns" fn attribute. #102416

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions clang/include/clang/Basic/PointerAuthOptions.h
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,9 @@ class PointerAuthSchema {
};

struct PointerAuthOptions {
/// Should return addresses be authenticated?
bool ReturnAddresses = false;

/// Do indirect goto label addresses need to be authenticated?
bool IndirectGotos = false;

Expand Down
2 changes: 2 additions & 0 deletions clang/lib/CodeGen/CodeGenFunction.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -880,6 +880,8 @@ void CodeGenFunction::StartFunction(GlobalDecl GD, QualType RetTy,

// Add pointer authentication attributes.
const CodeGenOptions &CodeGenOpts = CGM.getCodeGenOpts();
if (CodeGenOpts.PointerAuth.ReturnAddresses)
Fn->addFnAttr("ptrauth-returns");
if (CodeGenOpts.PointerAuth.FunctionPointers)
Fn->addFnAttr("ptrauth-calls");
if (CodeGenOpts.PointerAuth.IndirectGotos)
Expand Down
4 changes: 3 additions & 1 deletion clang/lib/Frontend/CompilerInvocation.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -1511,13 +1511,15 @@ void CompilerInvocation::setDefaultPointerAuthOptions(
}
}
Opts.IndirectGotos = LangOpts.PointerAuthIndirectGotos;
Opts.ReturnAddresses = LangOpts.PointerAuthReturns;
}

static void parsePointerAuthOptions(PointerAuthOptions &Opts,
const LangOptions &LangOpts,
const llvm::Triple &Triple,
DiagnosticsEngine &Diags) {
if (!LangOpts.PointerAuthCalls && !LangOpts.PointerAuthIndirectGotos)
if (!LangOpts.PointerAuthCalls && !LangOpts.PointerAuthIndirectGotos &&
!LangOpts.PointerAuthReturns)
return;

CompilerInvocation::setDefaultPointerAuthOptions(Opts, LangOpts, Triple);
Expand Down
6 changes: 6 additions & 0 deletions clang/lib/Headers/ptrauth.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,12 @@ typedef enum {
/* A process-specific key which can be used to sign data pointers. */
ptrauth_key_process_dependent_data = ptrauth_key_asdb,

/* The key used to sign return addresses on the stack.
The extra data is based on the storage address of the return address.
On AArch64, that is always the storage address of the return address + 8
(or, in other words, the value of the stack pointer on function entry) */
ptrauth_key_return_address = ptrauth_key_process_dependent_code,

/* The key used to sign C function pointers.
The extra data is always 0. */
ptrauth_key_function_pointer = ptrauth_key_process_independent_code,
Expand Down
9 changes: 7 additions & 2 deletions clang/test/CodeGen/ptrauth-function-attributes.c
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
// RUN: %clang_cc1 -triple arm64-apple-ios -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,OFF
// RUN: %clang_cc1 -triple arm64e-apple-ios -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,OFF
// RUN: %clang_cc1 -triple aarch64-linux-gnu -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,OFF

// RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-calls -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,CALLS
// RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-calls -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,CALLS
// RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-calls -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,CALLS

// RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-returns -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,RETS
// RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-returns -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,RETS

// RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-indirect-gotos -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,GOTOS
// RUN: %clang_cc1 -triple arm64e-apple-ios -fptrauth-indirect-gotos -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,GOTOS
// RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-indirect-gotos -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,GOTOS

// ALL: define {{(dso_local )?}}void @test() #0
Expand All @@ -14,6 +17,8 @@ void test() {

// CALLS: attributes #0 = {{{.*}} "ptrauth-calls" {{.*}}}

// RETS: attributes #0 = {{{.*}} "ptrauth-returns" {{.*}}}

// GOTOS: attributes #0 = {{{.*}} "ptrauth-indirect-gotos" {{.*}}}

// OFF-NOT: attributes {{.*}} "ptrauth-
Loading