- Add a command line options -msign-return-address to enable return address
signing
- Armv8.3a added instructions to sign the return address to help mitigate
against ROP attacks
- This patch adds command line options to generate function attributes that
signal to the back whether return address signing instructions should be
added
Differential revision: https://reviews.llvm.org/D49793
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@340019
91177308-0d34-0410-b5e6-
96231b3b80d8
def ffixed_x20 : Flag<["-"], "ffixed-x20">, Group<m_aarch64_Features_Group>,
HelpText<"Reserve the x20 register (AArch64 only)">;
+def msign_return_address : Joined<["-"], "msign-return-address=">,
+ Flags<[CC1Option]>, Group<m_Group>,
+ HelpText<"Select return address signing scope">, Values<"none,all,non-leaf">;
+
def msimd128 : Flag<["-"], "msimd128">, Group<m_wasm_Features_Group>;
def mno_simd128 : Flag<["-"], "mno-simd128">, Group<m_wasm_Features_Group>;
def mnontrapping_fptoint : Flag<["-"], "mnontrapping-fptoint">, Group<m_wasm_Features_Group>;
/// Whether to emit an address-significance table into the object file.
CODEGENOPT(Addrsig, 1, 0)
+ENUM_CODEGENOPT(SignReturnAddress, SignReturnAddressScope, 2, None)
#undef CODEGENOPT
#undef ENUM_CODEGENOPT
Embed_Marker // Embed a marker as a placeholder for bitcode.
};
+ enum SignReturnAddressScope {
+ None, // No signing for any function
+ NonLeaf, // Sign the return address of functions that spill LR
+ All // Sign the return address of all functions
+ };
+
/// The code model to use (-mcmodel).
std::string CodeModel;
}
bool doesReturnSlotInterfereWithArgs() const override { return false; }
+
+ void setTargetAttributes(const Decl *D, llvm::GlobalValue *GV,
+ CodeGen::CodeGenModule &CGM) const override {
+ const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(D);
+ if (!FD)
+ return;
+ llvm::Function *Fn = cast<llvm::Function>(GV);
+
+ auto Kind = CGM.getCodeGenOpts().getSignReturnAddress();
+ if (Kind == CodeGenOptions::SignReturnAddressScope::None)
+ return;
+
+ Fn->addFnAttr("sign-return-address",
+ Kind == CodeGenOptions::SignReturnAddressScope::All
+ ? "all"
+ : "non-leaf");
+ }
};
class WindowsAArch64TargetCodeGenInfo : public AArch64TargetCodeGenInfo {
else
CmdArgs.push_back("-aarch64-enable-global-merge=true");
}
+
+ if (Arg *A = Args.getLastArg(options::OPT_msign_return_address)) {
+ CmdArgs.push_back(
+ Args.MakeArgString(Twine("-msign-return-address=") + A->getValue()));
+ }
}
void Clang::AddMIPSTargetArgs(const ArgList &Args,
Opts.Addrsig = Args.hasArg(OPT_faddrsig);
+ if (Arg *A = Args.getLastArg(OPT_msign_return_address)) {
+ StringRef SignScope = A->getValue();
+ if (SignScope.equals_lower("none"))
+ Opts.setSignReturnAddress(CodeGenOptions::SignReturnAddressScope::None);
+ else if (SignScope.equals_lower("all"))
+ Opts.setSignReturnAddress(CodeGenOptions::SignReturnAddressScope::All);
+ else if (SignScope.equals_lower("non-leaf"))
+ Opts.setSignReturnAddress(
+ CodeGenOptions::SignReturnAddressScope::NonLeaf);
+ else
+ Diags.Report(diag::err_drv_invalid_value)
+ << A->getAsString(Args) << A->getValue();
+ }
+
return Success;
}
--- /dev/null
+// RUN: %clang -target aarch64-arm-none-eabi -S -emit-llvm -o - -msign-return-address=none %s | FileCheck %s --check-prefix=CHECK-NONE
+// RUN: %clang -target aarch64-arm-none-eabi -S -emit-llvm -o - -msign-return-address=non-leaf %s | FileCheck %s --check-prefix=CHECK-PARTIAL
+// RUN: %clang -target aarch64-arm-none-eabi -S -emit-llvm -o - -msign-return-address=all %s | FileCheck %s --check-prefix=CHECK-ALL
+
+// CHECK-NONE: @foo() #[[ATTR:[0-9]*]]
+// CHECK-NONE-NOT: attributes #[[ATTR]] = { {{.*}} "sign-return-address"={{.*}} }}
+
+// CHECK-PARTIAL: @foo() #[[ATTR:[0-9]*]]
+// CHECK-PARTIAL: attributes #[[ATTR]] = { {{.*}} "sign-return-address"="non-leaf" {{.*}}}
+
+// CHECK-ALL: @foo() #[[ATTR:[0-9]*]]
+// CHECK-ALL: attributes #[[ATTR]] = { {{.*}} "sign-return-address"="all" {{.*}} }
+
+void foo() {}
projects / clang / commitdiff