1//===-- AArch64PointerAuth.h -- Harden code using PAuth ---------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#ifndef LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H
10#define LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H
11
12#include "llvm/CodeGen/MachineBasicBlock.h"
13#include "llvm/CodeGen/Register.h"
14
15namespace llvm {
16namespace AArch64PAuth {
17
18/// Variants of check performed on an authenticated pointer.
19///
20/// In cases such as authenticating the LR value when performing a tail call
21/// or when re-signing a signed pointer with a different signing schema,
22/// a failed authentication may not generate an exception on its own and may
23/// create an authentication or signing oracle if not checked explicitly.
24///
25/// A number of check methods modify control flow in a similar way by
26/// rewriting the code
27///
28/// ```
29/// <authenticate LR>
30/// <more instructions>
31/// ```
32///
33/// as follows:
34///
35/// ```
36/// <authenticate LR>
37/// <method-specific checker>
38/// on_fail:
39/// brk <code>
40/// on_success:
41/// <more instructions>
42///
43/// ```
44enum class AuthCheckMethod {
45 /// Do not check the value at all
46 None,
47
48 /// Perform a load to a temporary register
49 DummyLoad,
50
51 /// Check by comparing bits 62 and 61 of the authenticated address.
52 ///
53 /// This method modifies control flow and inserts the following checker:
54 ///
55 /// ```
56 /// eor Xtmp, Xn, Xn, lsl #1
57 /// tbz Xtmp, #62, on_success
58 /// ```
59 HighBitsNoTBI,
60
61 /// Check by comparing the authenticated value with an XPAC-ed one without
62 /// using PAuth instructions not encoded as HINT. Can only be applied to LR.
63 ///
64 /// This method modifies control flow and inserts the following checker:
65 ///
66 /// ```
67 /// mov Xtmp, LR
68 /// xpaclri ; encoded as "hint #7"
69 /// ; Note: at this point, the LR register contains the address as if
70 /// ; the authentication succeeded and the temporary register contains the
71 /// ; *real* result of authentication.
72 /// cmp Xtmp, LR
73 /// b.eq on_success
74 /// ```
75 XPACHint,
76
77 /// Similar to XPACHint but using Armv8.3-only XPAC instruction, thus
78 /// not restricted to LR:
79 /// ```
80 /// mov Xtmp, Xn
81 /// xpac(i|d) Xn
82 /// cmp Xtmp, Xn
83 /// b.eq on_success
84 /// ```
85 XPAC,
86};
87
88#define AUTH_CHECK_METHOD_CL_VALUES_COMMON \
89 clEnumValN(AArch64PAuth::AuthCheckMethod::None, "none", \
90 "Do not check authenticated address"), \
91 clEnumValN(AArch64PAuth::AuthCheckMethod::DummyLoad, "load", \
92 "Perform dummy load from authenticated address"), \
93 clEnumValN( \
94 AArch64PAuth::AuthCheckMethod::HighBitsNoTBI, "high-bits-notbi", \
95 "Compare bits 62 and 61 of address (TBI should be disabled)"), \
96 clEnumValN(AArch64PAuth::AuthCheckMethod::XPAC, "xpac", \
97 "Compare with the result of XPAC (requires Armv8.3-a)")
98
99#define AUTH_CHECK_METHOD_CL_VALUES_LR \
100 AUTH_CHECK_METHOD_CL_VALUES_COMMON, \
101 clEnumValN(AArch64PAuth::AuthCheckMethod::XPACHint, "xpac-hint", \
102 "Compare with the result of XPACLRI")
103
104/// Returns the number of bytes added by checkAuthenticatedRegister.
105unsigned getCheckerSizeInBytes(AuthCheckMethod Method);
106
107} // end namespace AArch64PAuth
108} // end namespace llvm
109
110#endif
111