This is an archive of the discontinued LLVM Phabricator instance.

[ARM][libunwind] add PACBTI-M support for libunwind
ClosedPublic

Authored by stuij on Oct 25 2021, 3:35 AM.

Details

Summary

This patch implements the following:

  • Emit PACBTI-M build attributes in libunwind asm files
  • Authenticate LR in DWARF32 using PACBTI

Use Armv8.1-M.Main PACBTI extension to authenticate the return address
(stored in the LR register) before moving it to the PC (IP) register.

The AUTG instruction is used with the candidate return address, the CFA,
and the authentication code that is retrieved from the saved
pseudo-register RA_AUTH_CODE.

  • Authenticate LR in EHABI using PACBTI

Authenticate the contents of the LR register using Armv8.1-M.Main PACBTI
extension.

A new frame unwinding instruction is introduced (0xb4). This
instruction pops out of the stack the return address authentication
code, which is then used in conjunction with the SP and the next-to-be
instruction pointer to perform authentication.

This authentication code is popped into a new register,
UNW_ARM_PSEUDO_PAC, which is a pseudo-register.

This patch is part of a series that adds support for the PACBTI-M extension of
the Armv8.1-M architecture, as detailed here:

https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/armv8-1-m-pointer-authentication-and-branch-target-identification-extension

The PACBTI-M specification can be found in the Armv8-M Architecture Reference
Manual:

https://developer.arm.com/documentation/ddi0553/latest

The following people contributed to this patch:

  • Momchil Velikov
  • Victor Campos
  • Ties Stuij

Diff Detail

Event Timeline

stuij created this revision.Oct 25 2021, 3:35 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 25 2021, 3:35 AM
Herald added a reviewer: Restricted Project. · View Herald Transcript
stuij requested review of this revision.Oct 25 2021, 3:35 AM
Herald added a project: Restricted Project. · View Herald TranscriptOct 25 2021, 3:35 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
danielkiss added inline comments.
libunwind/src/Registers.hpp
2245–2246

Maybe we could gate this on __ARM_FEATURE_PAUTH because it won't work anyway without the feature enabled for libunwind.

2274–2275

ditto, maybe better to run into a _LIBUNWIND_ABORT instead debugging a silently skipping the authentication.

stuij updated this revision to Diff 387237.Nov 15 2021, 6:32 AM

addressed review comments

stuij marked 2 inline comments as done.Nov 15 2021, 6:36 AM
danielkiss accepted this revision.Nov 15 2021, 7:43 AM

LGTM, Thanks.

Looks overall ok, without diving in very deep, except for this one change that seemed unrelated.

libunwind/src/Unwind-EHABI.cpp
312

This particular change looks unrelated to the rest, on a quick glance

chill added a subscriber: chill.Nov 24 2021, 4:44 AM
chill added inline comments.
libunwind/src/Unwind-EHABI.cpp
312

Indeed, that change is a leftover from when the encoding of the instruction to pop return address authentication code was <0xb1,0x00>

stuij updated this revision to Diff 389481.Nov 24 2021, 6:18 AM

address review comments

stuij marked an inline comment as done.Nov 24 2021, 6:19 AM
mstorsjo accepted this revision.Nov 25 2021, 1:45 PM

I guess this is ok then. I can't say I've followed every bit in detail, but it looks sensible overall.

This revision is now accepted and ready to land.Nov 25 2021, 1:45 PM

Please rebase onto main and re-upload before submitting, so that the CI runs. There was a flaky failure previously, but I'd like to see it run before merging.

stuij updated this revision to Diff 390333.Nov 29 2021, 6:20 AM

uploading after rebase as per reviewer request (no changes in the patch itself)

This revision was landed with ongoing or failed builds.Dec 8 2021, 2:05 AM
This revision was automatically updated to reflect the committed changes.