diff options
author | Daniel Kiss <daniel.kiss@arm.com> | 2022-05-13 09:12:07 +0200 |
---|---|---|
committer | Daniel Kiss <daniel.kiss@arm.com> | 2022-05-13 10:05:59 +0200 |
commit | f6366ef7f4f3cf1182fd70e0c50a9fa54374b612 (patch) | |
tree | 9f64274ab073b29d58db5b4b1f1151925ecc4a3f | |
parent | 094fb13b88b36ecfa475cb877d2c6e9d90b4d1a5 (diff) | |
download | llvm-f6366ef7f4f3cf1182fd70e0c50a9fa54374b612.zip llvm-f6366ef7f4f3cf1182fd70e0c50a9fa54374b612.tar.gz llvm-f6366ef7f4f3cf1182fd70e0c50a9fa54374b612.tar.bz2 |
[libunwind][AArch64] Add support for DWARF expression for RA_SIGN_STATE.
Program may set the RA_SIGN_STATE pseudo register by expressions.
Libunwind expected only the DW_CFA_AARCH64_negate_ra_state could change the value
of the register which leads to runtime errors on PAC enabled systems.
In the recent version of the aadwarf64[1] a limitation is added[2] to forbid the mixing the
DW_CFA_AARCH64_negate_ra_state with other DWARF Register Rule Instructions.
[1] https://github.com/ARM-software/abi-aa/releases/tag/2022Q1
[2] https://github.com/ARM-software/abi-aa/pull/129
Reviewed By: #libunwind, MaskRay
Differential Revision: https://reviews.llvm.org/D123692
-rw-r--r-- | libunwind/src/DwarfInstructions.hpp | 21 | ||||
-rw-r--r-- | libunwind/test/aarch64.ra_sign_state.pass.cpp | 63 |
2 files changed, 83 insertions, 1 deletions
diff --git a/libunwind/src/DwarfInstructions.hpp b/libunwind/src/DwarfInstructions.hpp index ab83b0c..865a489 100644 --- a/libunwind/src/DwarfInstructions.hpp +++ b/libunwind/src/DwarfInstructions.hpp @@ -72,6 +72,10 @@ private: assert(0 && "getCFA(): unknown location"); __builtin_unreachable(); } +#if defined(_LIBUNWIND_TARGET_AARCH64) + static bool getRA_SIGN_STATE(A &addressSpace, R registers, pint_t cfa, + PrologInfo &prolog); +#endif }; template <typename R> @@ -166,6 +170,21 @@ v128 DwarfInstructions<A, R>::getSavedVectorRegister( } _LIBUNWIND_ABORT("unsupported restore location for vector register"); } +#if defined(_LIBUNWIND_TARGET_AARCH64) +template <typename A, typename R> +bool DwarfInstructions<A, R>::getRA_SIGN_STATE(A &addressSpace, R registers, + pint_t cfa, PrologInfo &prolog) { + pint_t raSignState; + auto regloc = prolog.savedRegisters[UNW_AARCH64_RA_SIGN_STATE]; + if (regloc.location == CFI_Parser<A>::kRegisterUnused) + raSignState = regloc.value; + else + raSignState = getSavedRegister(addressSpace, registers, cfa, regloc); + + // Only bit[0] is meaningful. + return raSignState & 0x01; +} +#endif template <typename A, typename R> int DwarfInstructions<A, R>::stepWithDwarf(A &addressSpace, pint_t pc, @@ -235,7 +254,7 @@ int DwarfInstructions<A, R>::stepWithDwarf(A &addressSpace, pint_t pc, // restored. autia1716 is used instead of autia as autia1716 assembles // to a NOP on pre-v8.3a architectures. if ((R::getArch() == REGISTERS_ARM64) && - prolog.savedRegisters[UNW_AARCH64_RA_SIGN_STATE].value && + getRA_SIGN_STATE(addressSpace, registers, cfa, prolog) && returnAddress != 0) { #if !defined(_LIBUNWIND_IS_NATIVE_ONLY) return UNW_ECROSSRASIGNING; diff --git a/libunwind/test/aarch64.ra_sign_state.pass.cpp b/libunwind/test/aarch64.ra_sign_state.pass.cpp new file mode 100644 index 0000000..1e09c93 --- /dev/null +++ b/libunwind/test/aarch64.ra_sign_state.pass.cpp @@ -0,0 +1,63 @@ +// -*- C++ -*- +//===----------------------------------------------------------------------===// +// +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception +// +//===----------------------------------------------------------------------===// + +// REQUIRES: linux && target={{aarch64-.+}} + +// This test ensures the .cfi_negate_ra_state the RA_SIGN_STATE pseudo register +// could be set directly set by a DWARF expression and the unwinder handles it +// correctly. The two directives can't be mixed in one CIE/FDE sqeuence. + +#include <stdlib.h> + +__attribute__((noinline, target("branch-protection=pac-ret+leaf"))) +void bar() { + // ".cfi_negate_ra_state" is emitted by the compiler. + throw 1; +} + +__attribute__((noinline, target("branch-protection=none"))) +void foo() { + // Here a DWARF expression sets RA_SIGN_STATE. + // The LR is signed manually and stored on the stack. + asm volatile( + ".cfi_escape 0x16," // DW_CFA_val_expression + "34," // REG_34(RA_SIGN_STATE) + "1," // expression_length(1) + "0x31\n" // DW_OP_lit1 + "add sp, sp, 16\n" // Restore SP's value before the stack frame is + // created. + "paciasp\n" // Sign the LR. + "str lr, [sp, -0x8]\n" // Overwrite LR on the stack. + "sub sp, sp, 16\n" // Restore SP's value. + ); + bar(); + _Exit(-1); +} + +__attribute__((noinline, target("branch-protection=pac-ret"))) +void bazz() { + // ".cfi_negate_ra_state" is emitted by the compiler. + try { + foo(); + } catch (int i) { + if (i == 1) + throw i; + throw 2; + } +} + +int main() { + try { + bazz(); + } catch (int i) { + if (i == 1) + _Exit(0); + } + return -1; +} |