Index: lib/Target/AArch64/AArch64FrameLowering.cpp =================================================================== --- lib/Target/AArch64/AArch64FrameLowering.cpp +++ lib/Target/AArch64/AArch64FrameLowering.cpp @@ -279,6 +279,31 @@ return MBB.erase(I); } +static bool ShouldSignReturnAddress(MachineFunction &MF) { + // The function should be signed in the following situations: + // - sign-return-address=all + // - sign-return-address=non-leaf and the functions spills the LR + + const Function &F = MF.getFunction(); + if(!F.hasFnAttribute("sign-return-address")) + return false; + + StringRef Scope = F.getFnAttribute("sign-return-address").getValueAsString(); + if(Scope.equals("none")) + return false; + + if(Scope.equals("all")) + return true; + + assert(Scope.equals("non-leaf") && "Expected all, none or non-leaf"); + + for (const auto &Info : MF.getFrameInfo().getCalleeSavedInfo()) + if (Info.getReg() == AArch64::LR) + return true; + + return false; +} + void AArch64FrameLowering::emitCalleeSavedFrameMoves( MachineBasicBlock &MBB, MachineBasicBlock::iterator MBBI) const { MachineFunction &MF = *MBB.getParent(); @@ -568,6 +593,11 @@ // to determine the end of the prologue. DebugLoc DL; + if (ShouldSignReturnAddress(MF)) { + BuildMI(MBB, MBBI, DL, TII->get(AArch64::PACIASP)) + .setMIFlag(MachineInstr::FrameSetup); + } + // All calls are tail calls in GHC calling conv, and functions have no // prologue/epilogue. if (MF.getFunction().getCallingConv() == CallingConv::GHC) @@ -832,6 +862,35 @@ } } +static void InsertReturnAddressAuth(MachineFunction &MF, + MachineBasicBlock &MBB) { + if (!ShouldSignReturnAddress(MF)) + return; + const AArch64Subtarget &Subtarget = MF.getSubtarget(); + const TargetInstrInfo *TII = Subtarget.getInstrInfo(); + + MachineBasicBlock::iterator MBBI = MBB.getFirstTerminator(); + DebugLoc DL; + if (MBBI == MBB.end()) + return; + + DL = MBBI->getDebugLoc(); + + // The AUTIASP instruction assembles to a hint instruction before v8.3a so + // this instruction can safely used for any v8a architecture. + // From v8.3a onwards there are optimised authenticate LR and return + // instructions, namely RETA{A,B}, that can be used instead. + if (Subtarget.hasV8_3aOps() && MBBI != MBB.end() && + MBBI->getOpcode() == AArch64::RET_ReallyLR) { + BuildMI(MBB, MBBI, DL, TII->get(AArch64::RETAA)) + .copyImplicitOps(*MBBI); + MBB.erase(MBBI); + } else { + BuildMI(MBB, MBBI, DL, TII->get(AArch64::AUTIASP)) + .setMIFlag(MachineInstr::FrameDestroy); + } +} + void AArch64FrameLowering::emitEpilogue(MachineFunction &MF, MachineBasicBlock &MBB) const { MachineBasicBlock::iterator MBBI = MBB.getLastNonDebugInstr(); @@ -945,6 +1004,7 @@ emitFrameOffset(MBB, MBB.getFirstTerminator(), DL, AArch64::SP, AArch64::SP, NumBytes + AfterCSRPopSize, TII, MachineInstr::FrameDestroy); + InsertReturnAddressAuth(MF, MBB); return; } @@ -955,8 +1015,10 @@ bool RedZone = canUseRedZone(MF); // If this was a redzone leaf function, we don't need to restore the // stack pointer (but we may need to pop stack args for fastcc). - if (RedZone && AfterCSRPopSize == 0) + if (RedZone && AfterCSRPopSize == 0) { + InsertReturnAddressAuth(MF, MBB); return; + } bool NoCalleeSaveRestore = PrologueSaveSize == 0; int StackRestoreBytes = RedZone ? 0 : NumBytes; @@ -973,8 +1035,10 @@ emitFrameOffset(MBB, LastPopI, DL, AArch64::SP, AArch64::SP, StackRestoreBytes, TII, MachineInstr::FrameDestroy); - if (Done) + if (Done) { + InsertReturnAddressAuth(MF, MBB); return; + } NumBytes = 0; } @@ -1012,6 +1076,8 @@ emitFrameOffset(MBB, FirstSPPopI, DL, AArch64::SP, AArch64::SP, AfterCSRPopSize, TII, MachineInstr::FrameDestroy); } + + InsertReturnAddressAuth(MF, MBB); } /// getFrameIndexReference - Provide a base+offset reference to an FI slot for Index: test/CodeGen/AArch64/sign-return-address.ll =================================================================== --- /dev/null +++ test/CodeGen/AArch64/sign-return-address.ll @@ -0,0 +1,89 @@ +; RUN: llc -mtriple=aarch64-none-eabi < %s | FileCheck %s + +; CHECK-LABEL: @leaf +define dso_local i32 @leaf(i32 %x) { +entry: + ret i32 %x +} +; CHECK-NOT: paci{{[a,b]}}sp +; CHECK-NOT: auti{{[a,b]}}sp + +; CHECK-LABEL: @leaf_sign_none +define dso_local i32 @leaf_sign_none(i32 %x) "sign-return-address"="none" { +entry: + ret i32 %x +} +; CHECK-NOT: paci{{[a,b]}}sp +; CHECK-NOT: auti{{[a,b]}}sp + +; CHECK-LABEL: @leaf_sign_non_leaf +define dso_local i32 @leaf_sign_non_leaf(i32 %x) "sign-return-address"="non-leaf" { +entry: + ret i32 %x +} +; CHECK-NOT: paci{{[a,b]}}sp +; CHECK-NOT: auti{{[a,b]}}sp + +; CHECK-LABEL: @leaf_sign_all +define dso_local i32 @leaf_sign_all(i32 %x) "sign-return-address"="all" { +entry: + ret i32 %x +} +; CHECK: paciasp +; CHECK: autiasp +; CHECK: ret + +; CHECK: @leaf_clobbers_lr +define dso_local i64 @leaf_clobbers_lr(i64 %x) "sign-return-address"="non-leaf" { +entry: + call void asm sideeffect "mov x30, $0", "r,~{lr}"(i64 %x) #1 + ret i64 %x +} +; CHECK: paciasp +; CHECK: autiasp +; CHECK: ret + +declare i32 @foo(i32) + +; CHECK: @non_leaf_sign_all +define dso_local i32 @non_leaf_sign_all(i32 %x) "sign-return-address"="all" { +entry: + %call = call i32 @foo(i32 %x) + ret i32 %call +} +; CHECK: paciasp +; CHECK: autiasp +; CHECK: ret + +; CHECK: @non_leaf_sign_non_leaf +define dso_local i32 @non_leaf_sign_non_leaf(i32 %x) "sign-return-address"="non-leaf" { +entry: + %call = call i32 @foo(i32 %x) + ret i32 %call +} +; CHECK: paciasp +; CHECK: autiasp +; CHECK: ret + +; CHECK-LABEL: @leaf_sign_all_v83 +define dso_local i32 @leaf_sign_all_v83(i32 %x) "sign-return-address"="all" "target-features"="+v8.3a" { +entry: + ret i32 %x +} +; CHECK: paciasp +; CHECK-NOT: ret +; CHECK: retaa +; CHECK-NOT: ret + +declare fastcc i64 @bar(i64) + +; CHECK-LABEL: @spill_lr_and_tail_call +define fastcc void @spill_lr_and_tail_call(i64 %x) "sign-return-address"="all" { + call void asm sideeffect "mov x30, $0", "r,~{lr}"(i64 %x) #1 + tail call fastcc i64 @bar(i64 %x) + ret void +} + +; CHECK: paciasp +; CHECK: autiasp +; CHECK: b bar \ No newline at end of file