Initial back-edge CFI implementation (#3606)

Give the user the option to sign and to authenticate function return addresses with the operations introduced by the Pointer Authentication extension to the Arm instruction set architecture. Copyright (c) 2021, Arm Limited.
2022-08-03 19:08:29 +01:00
parent 709716bb8e
commit a897742593
17 changed files with 319 additions and 43 deletions
--- a/cranelift/codegen/src/isa/aarch64/inst.isle
+++ b/cranelift/codegen/src/isa/aarch64/inst.isle
@@ -672,6 +672,16 @@
       (Ret
        (rets VecReg))

+       ;; A machine return instruction with pointer authentication using SP as the
+       ;; modifier. This instruction requires pointer authentication support
+       ;; (FEAT_PAuth) unless `is_hint` is true, in which case it is equivalent to
+       ;; the combination of a no-op and a return instruction on platforms without
+       ;; the relevant support.
+       (AuthenticatedRet
+        (key APIKey)
+        (is_hint bool)
+        (rets VecReg))
+
       ;; An unconditional branch.
       (Jump
        (dest BranchTarget))
@@ -746,6 +756,12 @@
        (rd WritableReg)
        (mem AMode))

+       ;; Pointer authentication code for instruction address with modifier in SP;
+       ;; equivalent to a no-op if Pointer authentication (FEAT_PAuth) is not
+       ;; supported.
+       (Pacisp
+        (key APIKey))
+
       ;; Marker, no-op in generated code: SP "virtual offset" is adjusted. This
       ;; controls how AMode::NominalSPOffset args are lowered.
       (VirtualSPOffsetAdj
@@ -1308,6 +1324,13 @@
    (Xchg)
 ))

+;; Keys for instruction address PACs
+(type APIKey
+  (enum
+    (A)
+    (B)
+))
+
 ;; Extractors for target features ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 (decl use_lse () Inst)
 (extern extractor use_lse use_lse)