- Add command line options for selecting the B key when enabling return address signing (also tidy up the msign_return_address tablegen definiton by suffixing the option with EQ)
- This expands the -msign-return-address=<scope> to now be -msign-return-address=<scope>[+<key>] where <key> is one of a_key or b_key. The default key is a_key.
- Generate the "sign-return-address-key" function attribute with the relevant key
- updated tests to check the default a_key attribute is included in functions that have the return address signing scope attribute
- setting the return-address-sign-key attribute of global static constructors
- Introduce the -mbranch-protection option. This is to be used for both pointer authentication and branch protection security features.
- The branch protection compiler support will follow later
- The options available are -mbranch-protection=<type>(+<type>)* where <type> ::= [bti,pac-ret[+leaf,b-key]*]
- This should be the primary way of using branch protection features and the -msign-return-address option should be deprecated
- Remove the b-key selection from the earlier patch for -msign-return-address
The driver code is emitting a separate -msign-return-address-key= option, but this is expecting the key to still be part of -msign-return-address=, so we can never end up selecting the B key. Out of the two approaches, I prefer having multiple simpler options in CC1, so that we don't have to repeat all of the parsing that happens in the driver.
Also, you're emitting the -mbranch-target-enforce option in the driver, but not handling it here. We should either reject it in the driver for now, or add the CC1 part of that in this patch.
LLVM style has the opening brace on the same line as the if. There's a git-clang-format script in the clang repo which can fix up style issues like this for a whole patch, changing touching lines you haven't changes.
I think we need to handle branch-target-enforcement here too.
Style nit: brace on same line as if.
Please add a comment about what the parts of the return value are.
I'm not sure what this is trying to say. Is it referring to the "standard" case below?
I'd make this 4, because that's the longest sensible argument ("pac-ret+leaf+b-key+bti").
Add a comment about the fact that "leaf" and "b-key" must follow "pac-ret", to explain why we don't just parse this in one loop.
Nit: brace on same line as if.
This should also test branch target enforcement (it's also missing from the code).