diff options
Diffstat (limited to 'clang')
| -rw-r--r-- | clang/include/clang/Basic/DiagnosticSemaKinds.td | 3 | ||||
| -rw-r--r-- | clang/include/clang/Basic/Features.def | 1 | ||||
| -rw-r--r-- | clang/include/clang/Basic/LangOptions.def | 1 | ||||
| -rw-r--r-- | clang/include/clang/Basic/PointerAuthOptions.h | 3 | ||||
| -rw-r--r-- | clang/include/clang/Driver/Options.td | 2 | ||||
| -rw-r--r-- | clang/lib/CodeGen/CodeGenFunction.cpp | 2 | ||||
| -rw-r--r-- | clang/lib/Driver/ToolChains/Clang.cpp | 3 | ||||
| -rw-r--r-- | clang/lib/Frontend/CompilerInvocation.cpp | 6 | ||||
| -rw-r--r-- | clang/lib/Sema/SemaExpr.cpp | 17 | ||||
| -rw-r--r-- | clang/test/CodeGen/ptrauth-function-attributes.c | 5 | ||||
| -rw-r--r-- | clang/test/Sema/ptrauth-indirect-goto.c | 18 |
11 files changed, 60 insertions, 1 deletions
diff --git a/clang/include/clang/Basic/DiagnosticSemaKinds.td b/clang/include/clang/Basic/DiagnosticSemaKinds.td index c4a4e80..b8d97a6b 100644 --- a/clang/include/clang/Basic/DiagnosticSemaKinds.td +++ b/clang/include/clang/Basic/DiagnosticSemaKinds.td @@ -949,6 +949,9 @@ def note_ptrauth_virtual_function_pointer_incomplete_arg_ret : def note_ptrauth_virtual_function_incomplete_arg_ret_type : Note<"%0 is incomplete">; +def err_ptrauth_indirect_goto_addrlabel_arithmetic : Error< + "%select{subtraction|addition}0 of address-of-label expressions is not " + "supported with ptrauth indirect gotos">; /// main() // static main() is not an error in C, just in C++. diff --git a/clang/include/clang/Basic/Features.def b/clang/include/clang/Basic/Features.def index 14572bc..dc71ef8 100644 --- a/clang/include/clang/Basic/Features.def +++ b/clang/include/clang/Basic/Features.def @@ -112,6 +112,7 @@ FEATURE(ptrauth_type_info_vtable_pointer_discrimination, LangOpts.PointerAuthTyp FEATURE(ptrauth_member_function_pointer_type_discrimination, LangOpts.PointerAuthCalls) FEATURE(ptrauth_init_fini, LangOpts.PointerAuthInitFini) FEATURE(ptrauth_function_pointer_type_discrimination, LangOpts.PointerAuthFunctionTypeDiscrimination) +FEATURE(ptrauth_indirect_gotos, LangOpts.PointerAuthIndirectGotos) EXTENSION(swiftcc, PP.getTargetInfo().checkCallingConvention(CC_Swift) == clang::TargetInfo::CCCR_OK) diff --git a/clang/include/clang/Basic/LangOptions.def b/clang/include/clang/Basic/LangOptions.def index 8b09049b..834a6f6 100644 --- a/clang/include/clang/Basic/LangOptions.def +++ b/clang/include/clang/Basic/LangOptions.def @@ -165,6 +165,7 @@ LANGOPT(ExperimentalLibrary, 1, 0, "enable unstable and experimental library fea LANGOPT(PointerAuthIntrinsics, 1, 0, "pointer authentication intrinsics") LANGOPT(PointerAuthCalls , 1, 0, "function pointer authentication") LANGOPT(PointerAuthReturns, 1, 0, "return pointer authentication") +LANGOPT(PointerAuthIndirectGotos, 1, 0, "indirect gotos pointer authentication") LANGOPT(PointerAuthAuthTraps, 1, 0, "pointer authentication failure traps") LANGOPT(PointerAuthVTPtrAddressDiscrimination, 1, 0, "incorporate address discrimination in authenticated vtable pointers") LANGOPT(PointerAuthVTPtrTypeDiscrimination, 1, 0, "incorporate type discrimination in authenticated vtable pointers") diff --git a/clang/include/clang/Basic/PointerAuthOptions.h b/clang/include/clang/Basic/PointerAuthOptions.h index a09e115..417b4b0 100644 --- a/clang/include/clang/Basic/PointerAuthOptions.h +++ b/clang/include/clang/Basic/PointerAuthOptions.h @@ -159,6 +159,9 @@ public: }; struct PointerAuthOptions { + /// Do indirect goto label addresses need to be authenticated? + bool IndirectGotos = false; + /// The ABI for C function pointers. PointerAuthSchema FunctionPointers; diff --git a/clang/include/clang/Driver/Options.td b/clang/include/clang/Driver/Options.td index 5989a3b..69269cf 100644 --- a/clang/include/clang/Driver/Options.td +++ b/clang/include/clang/Driver/Options.td @@ -4254,6 +4254,8 @@ defm ptrauth_type_info_vtable_pointer_discrimination : defm ptrauth_init_fini : OptInCC1FFlag<"ptrauth-init-fini", "Enable signing of function pointers in init/fini arrays">; defm ptrauth_function_pointer_type_discrimination : OptInCC1FFlag<"ptrauth-function-pointer-type-discrimination", "Enable type discrimination on C function pointers">; +defm ptrauth_indirect_gotos : OptInCC1FFlag<"ptrauth-indirect-gotos", + "Enable signing and authentication of indirect goto targets">; } def fenable_matrix : Flag<["-"], "fenable-matrix">, Group<f_Group>, diff --git a/clang/lib/CodeGen/CodeGenFunction.cpp b/clang/lib/CodeGen/CodeGenFunction.cpp index 1e98bea..d607869 100644 --- a/clang/lib/CodeGen/CodeGenFunction.cpp +++ b/clang/lib/CodeGen/CodeGenFunction.cpp @@ -882,6 +882,8 @@ void CodeGenFunction::StartFunction(GlobalDecl GD, QualType RetTy, const CodeGenOptions &CodeGenOpts = CGM.getCodeGenOpts(); if (CodeGenOpts.PointerAuth.FunctionPointers) Fn->addFnAttr("ptrauth-calls"); + if (CodeGenOpts.PointerAuth.IndirectGotos) + Fn->addFnAttr("ptrauth-indirect-gotos"); // Apply xray attributes to the function (as a string, for now) bool AlwaysXRayAttr = false; diff --git a/clang/lib/Driver/ToolChains/Clang.cpp b/clang/lib/Driver/ToolChains/Clang.cpp index f240a475..78936fd 100644 --- a/clang/lib/Driver/ToolChains/Clang.cpp +++ b/clang/lib/Driver/ToolChains/Clang.cpp @@ -1848,6 +1848,9 @@ void Clang::AddAArch64TargetArgs(const ArgList &Args, Args.addOptInFlag( CmdArgs, options::OPT_fptrauth_function_pointer_type_discrimination, options::OPT_fno_ptrauth_function_pointer_type_discrimination); + + Args.addOptInFlag(CmdArgs, options::OPT_fptrauth_indirect_gotos, + options::OPT_fno_ptrauth_indirect_gotos); } void Clang::AddLoongArchTargetArgs(const ArgList &Args, diff --git a/clang/lib/Frontend/CompilerInvocation.cpp b/clang/lib/Frontend/CompilerInvocation.cpp index 78c47d8..f6b6c44 100644 --- a/clang/lib/Frontend/CompilerInvocation.cpp +++ b/clang/lib/Frontend/CompilerInvocation.cpp @@ -1504,13 +1504,14 @@ void CompilerInvocation::setDefaultPointerAuthOptions( Opts.CXXMemberFunctionPointers = PointerAuthSchema(Key::ASIA, false, Discrimination::Type); } + Opts.IndirectGotos = LangOpts.PointerAuthIndirectGotos; } static void parsePointerAuthOptions(PointerAuthOptions &Opts, const LangOptions &LangOpts, const llvm::Triple &Triple, DiagnosticsEngine &Diags) { - if (!LangOpts.PointerAuthCalls) + if (!LangOpts.PointerAuthCalls && !LangOpts.PointerAuthIndirectGotos) return; CompilerInvocation::setDefaultPointerAuthOptions(Opts, LangOpts, Triple); @@ -3414,6 +3415,8 @@ static void GeneratePointerAuthArgs(const LangOptions &Opts, GenerateArg(Consumer, OPT_fptrauth_calls); if (Opts.PointerAuthReturns) GenerateArg(Consumer, OPT_fptrauth_returns); + if (Opts.PointerAuthIndirectGotos) + GenerateArg(Consumer, OPT_fptrauth_indirect_gotos); if (Opts.PointerAuthAuthTraps) GenerateArg(Consumer, OPT_fptrauth_auth_traps); if (Opts.PointerAuthVTPtrAddressDiscrimination) @@ -3434,6 +3437,7 @@ static void ParsePointerAuthArgs(LangOptions &Opts, ArgList &Args, Opts.PointerAuthIntrinsics = Args.hasArg(OPT_fptrauth_intrinsics); Opts.PointerAuthCalls = Args.hasArg(OPT_fptrauth_calls); Opts.PointerAuthReturns = Args.hasArg(OPT_fptrauth_returns); + Opts.PointerAuthIndirectGotos = Args.hasArg(OPT_fptrauth_indirect_gotos); Opts.PointerAuthAuthTraps = Args.hasArg(OPT_fptrauth_auth_traps); Opts.PointerAuthVTPtrAddressDiscrimination = Args.hasArg(OPT_fptrauth_vtable_pointer_address_discrimination); diff --git a/clang/lib/Sema/SemaExpr.cpp b/clang/lib/Sema/SemaExpr.cpp index 1a441d9..439db55 100644 --- a/clang/lib/Sema/SemaExpr.cpp +++ b/clang/lib/Sema/SemaExpr.cpp @@ -10909,6 +10909,14 @@ QualType Sema::CheckAdditionOperands(ExprResult &LHS, ExprResult &RHS, if (isObjCPointer && checkArithmeticOnObjCPointer(*this, Loc, PExp)) return QualType(); + // Arithmetic on label addresses is normally allowed, except when we add + // a ptrauth signature to the addresses. + if (isa<AddrLabelExpr>(PExp) && getLangOpts().PointerAuthIndirectGotos) { + Diag(Loc, diag::err_ptrauth_indirect_goto_addrlabel_arithmetic) + << /*addition*/ 1; + return QualType(); + } + // Check array bounds for pointer arithemtic CheckArrayAccess(PExp, IExp); @@ -10983,6 +10991,15 @@ QualType Sema::CheckSubtractionOperands(ExprResult &LHS, ExprResult &RHS, checkArithmeticOnObjCPointer(*this, Loc, LHS.get())) return QualType(); + // Arithmetic on label addresses is normally allowed, except when we add + // a ptrauth signature to the addresses. + if (isa<AddrLabelExpr>(LHS.get()) && + getLangOpts().PointerAuthIndirectGotos) { + Diag(Loc, diag::err_ptrauth_indirect_goto_addrlabel_arithmetic) + << /*subtraction*/ 0; + return QualType(); + } + // The result type of a pointer-int computation is the pointer type. if (RHS.get()->getType()->isIntegerType()) { // Subtracting from a null pointer should produce a warning. diff --git a/clang/test/CodeGen/ptrauth-function-attributes.c b/clang/test/CodeGen/ptrauth-function-attributes.c index 7ec3049..7f93ccc7 100644 --- a/clang/test/CodeGen/ptrauth-function-attributes.c +++ b/clang/test/CodeGen/ptrauth-function-attributes.c @@ -4,10 +4,15 @@ // RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-calls -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,CALLS // RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-calls -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,CALLS +// RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-indirect-gotos -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,GOTOS +// RUN: %clang_cc1 -triple arm64e-apple-ios -fptrauth-indirect-gotos -emit-llvm %s -o - | FileCheck %s --check-prefixes=ALL,GOTOS + // ALL: define {{(dso_local )?}}void @test() #0 void test() { } // CALLS: attributes #0 = {{{.*}} "ptrauth-calls" {{.*}}} +// GOTOS: attributes #0 = {{{.*}} "ptrauth-indirect-gotos" {{.*}}} + // OFF-NOT: attributes {{.*}} "ptrauth- diff --git a/clang/test/Sema/ptrauth-indirect-goto.c b/clang/test/Sema/ptrauth-indirect-goto.c new file mode 100644 index 0000000..47bc767 --- /dev/null +++ b/clang/test/Sema/ptrauth-indirect-goto.c @@ -0,0 +1,18 @@ +// RUN: %clang_cc1 -triple arm64e-apple-darwin -fsyntax-only -verify %s -fptrauth-indirect-gotos + +int f() { + static void *addrs[] = { &&l1, &&l2 }; + + static int diffs[] = { + &&l1 - &&l1, // expected-error{{subtraction of address-of-label expressions is not supported with ptrauth indirect gotos}} + &&l1 - &&l2 // expected-error{{subtraction of address-of-label expressions is not supported with ptrauth indirect gotos}} + }; + + int diff_32 = &&l1 - &&l2; // expected-error{{subtraction of address-of-label expressions is not supported with ptrauth indirect gotos}} + goto *(&&l1 + diff_32); // expected-error{{addition of address-of-label expressions is not supported with ptrauth indirect gotos}} + +l1: + return 0; +l2: + return 1; +} |