[PAC][clang] Add new features to pauthtest ABI #113150
Conversation
llvmbot
added
clang
|
@llvm/pr-subscribers-clang Author: Daniil Kovalev (kovdan01) ChangesEnable init/fini address discrimination, type info vtable pointer Full diff: https://github.com/llvm/llvm-project/pull/113150.diff 2 Files Affected:
diff --git a/clang/lib/Driver/ToolChains/Clang.cpp b/clang/lib/Driver/ToolChains/Clang.cpp
index 94175f81d4c24e..c3ad28ac388c61 100644
--- a/clang/lib/Driver/ToolChains/Clang.cpp
+++ b/clang/lib/Driver/ToolChains/Clang.cpp
@@ -1507,6 +1507,11 @@ static void handlePAuthABI(const ArgList &DriverArgs, ArgStringList &CC1Args) {
options::OPT_fno_ptrauth_vtable_pointer_type_discrimination))
CC1Args.push_back("-fptrauth-vtable-pointer-type-discrimination");
+ if (!DriverArgs.hasArg(
+ options::OPT_fptrauth_type_info_vtable_pointer_discrimination,
+ options::OPT_fno_ptrauth_type_info_vtable_pointer_discrimination))
+ CC1Args.push_back("-fptrauth-type-info-vtable-pointer-discrimination");
+
if (!DriverArgs.hasArg(options::OPT_fptrauth_indirect_gotos,
options::OPT_fno_ptrauth_indirect_gotos))
CC1Args.push_back("-fptrauth-indirect-gotos");
@@ -1514,6 +1519,15 @@ static void handlePAuthABI(const ArgList &DriverArgs, ArgStringList &CC1Args) {
if (!DriverArgs.hasArg(options::OPT_fptrauth_init_fini,
options::OPT_fno_ptrauth_init_fini))
CC1Args.push_back("-fptrauth-init-fini");
+
+ if (!DriverArgs.hasArg(
+ options::OPT_fptrauth_init_fini_address_discrimination,
+ options::OPT_fno_ptrauth_init_fini_address_discrimination))
+ CC1Args.push_back("-fptrauth-init-fini-address-discrimination");
+
+ if (!DriverArgs.hasArg(options::OPT_faarch64_jump_table_hardening,
+ options::OPT_fno_aarch64_jump_table_hardening))
+ CC1Args.push_back("-faarch64-jump-table-hardening");
}
static void CollectARMPACBTIOptions(const ToolChain &TC, const ArgList &Args,
diff --git a/clang/test/Driver/aarch64-ptrauth.c b/clang/test/Driver/aarch64-ptrauth.c
index d036189e614983..32acd83480849c 100644
--- a/clang/test/Driver/aarch64-ptrauth.c
+++ b/clang/test/Driver/aarch64-ptrauth.c
@@ -23,18 +23,23 @@
// RUN: %clang -### -c --target=aarch64-linux-pauthtest %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI1
// PAUTHABI1: "-cc1"{{.*}} "-triple" "aarch64-unknown-linux-pauthtest"
// PAUTHABI1-SAME: "-target-abi" "pauthtest"
-// PAUTHABI1-SAME: "-fptrauth-intrinsics" "-fptrauth-calls" "-fptrauth-returns" "-fptrauth-auth-traps" "-fptrauth-vtable-pointer-address-discrimination" "-fptrauth-vtable-pointer-type-discrimination" "-fptrauth-indirect-gotos" "-fptrauth-init-fini"
+// PAUTHABI1-SAME: "-fptrauth-intrinsics" "-fptrauth-calls" "-fptrauth-returns" "-fptrauth-auth-traps" "-fptrauth-vtable-pointer-address-discrimination" "-fptrauth-vtable-pointer-type-discrimination" "-fptrauth-type-info-vtable-pointer-discrimination" "-fptrauth-indirect-gotos" "-fptrauth-init-fini" "-fptrauth-init-fini-address-discrimination" "-faarch64-jump-table-hardening"
// RUN: %clang -### -c --target=aarch64 -mabi=pauthtest -fno-ptrauth-intrinsics \
// RUN: -fno-ptrauth-calls -fno-ptrauth-returns -fno-ptrauth-auth-traps \
// RUN: -fno-ptrauth-vtable-pointer-address-discrimination -fno-ptrauth-vtable-pointer-type-discrimination \
-// RUN: -fno-ptrauth-indirect-gotos -fno-ptrauth-init-fini %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
+// RUN: -fno-ptrauth-type-info-vtable-pointer-discrimination -fno-ptrauth-indirect-gotos \
+// RUN: -fno-ptrauth-init-fini -fno-ptrauth-init-fini-address-discrimination \
+// RUN: -fno-aarch64-jump-table-hardening %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
// RUN: %clang -### -c --target=aarch64-pauthtest -fno-ptrauth-intrinsics \
// RUN: -fno-ptrauth-calls -fno-ptrauth-returns -fno-ptrauth-auth-traps \
// RUN: -fno-ptrauth-vtable-pointer-address-discrimination -fno-ptrauth-vtable-pointer-type-discrimination \
-// RUN: -fno-ptrauth-indirect-gotos -fno-ptrauth-init-fini %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
+// RUN: -fno-ptrauth-type-info-vtable-pointer-discrimination -fno-ptrauth-indirect-gotos \
+// RUN: -fno-ptrauth-init-fini -fno-ptrauth-init-fini-address-discrimination \
+// RUN: -fno-aarch64-jump-table-hardening %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
// PAUTHABI2: "-cc1"
// PAUTHABI2-NOT: "-fptrauth-
+// PAUTHABI2-NOT: "-faarch64-jump-table-hardening"
// RUN: not %clang -### -c --target=x86_64 -fptrauth-intrinsics -fptrauth-calls -fptrauth-returns -fptrauth-auth-traps \
// RUN: -fptrauth-vtable-pointer-address-discrimination -fptrauth-vtable-pointer-type-discrimination \
|
|
@llvm/pr-subscribers-clang-driver Author: Daniil Kovalev (kovdan01) ChangesEnable init/fini address discrimination, type info vtable pointer Full diff: https://github.com/llvm/llvm-project/pull/113150.diff 2 Files Affected:
diff --git a/clang/lib/Driver/ToolChains/Clang.cpp b/clang/lib/Driver/ToolChains/Clang.cpp
index 94175f81d4c24e..c3ad28ac388c61 100644
--- a/clang/lib/Driver/ToolChains/Clang.cpp
+++ b/clang/lib/Driver/ToolChains/Clang.cpp
@@ -1507,6 +1507,11 @@ static void handlePAuthABI(const ArgList &DriverArgs, ArgStringList &CC1Args) {
options::OPT_fno_ptrauth_vtable_pointer_type_discrimination))
CC1Args.push_back("-fptrauth-vtable-pointer-type-discrimination");
+ if (!DriverArgs.hasArg(
+ options::OPT_fptrauth_type_info_vtable_pointer_discrimination,
+ options::OPT_fno_ptrauth_type_info_vtable_pointer_discrimination))
+ CC1Args.push_back("-fptrauth-type-info-vtable-pointer-discrimination");
+
if (!DriverArgs.hasArg(options::OPT_fptrauth_indirect_gotos,
options::OPT_fno_ptrauth_indirect_gotos))
CC1Args.push_back("-fptrauth-indirect-gotos");
@@ -1514,6 +1519,15 @@ static void handlePAuthABI(const ArgList &DriverArgs, ArgStringList &CC1Args) {
if (!DriverArgs.hasArg(options::OPT_fptrauth_init_fini,
options::OPT_fno_ptrauth_init_fini))
CC1Args.push_back("-fptrauth-init-fini");
+
+ if (!DriverArgs.hasArg(
+ options::OPT_fptrauth_init_fini_address_discrimination,
+ options::OPT_fno_ptrauth_init_fini_address_discrimination))
+ CC1Args.push_back("-fptrauth-init-fini-address-discrimination");
+
+ if (!DriverArgs.hasArg(options::OPT_faarch64_jump_table_hardening,
+ options::OPT_fno_aarch64_jump_table_hardening))
+ CC1Args.push_back("-faarch64-jump-table-hardening");
}
static void CollectARMPACBTIOptions(const ToolChain &TC, const ArgList &Args,
diff --git a/clang/test/Driver/aarch64-ptrauth.c b/clang/test/Driver/aarch64-ptrauth.c
index d036189e614983..32acd83480849c 100644
--- a/clang/test/Driver/aarch64-ptrauth.c
+++ b/clang/test/Driver/aarch64-ptrauth.c
@@ -23,18 +23,23 @@
// RUN: %clang -### -c --target=aarch64-linux-pauthtest %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI1
// PAUTHABI1: "-cc1"{{.*}} "-triple" "aarch64-unknown-linux-pauthtest"
// PAUTHABI1-SAME: "-target-abi" "pauthtest"
-// PAUTHABI1-SAME: "-fptrauth-intrinsics" "-fptrauth-calls" "-fptrauth-returns" "-fptrauth-auth-traps" "-fptrauth-vtable-pointer-address-discrimination" "-fptrauth-vtable-pointer-type-discrimination" "-fptrauth-indirect-gotos" "-fptrauth-init-fini"
+// PAUTHABI1-SAME: "-fptrauth-intrinsics" "-fptrauth-calls" "-fptrauth-returns" "-fptrauth-auth-traps" "-fptrauth-vtable-pointer-address-discrimination" "-fptrauth-vtable-pointer-type-discrimination" "-fptrauth-type-info-vtable-pointer-discrimination" "-fptrauth-indirect-gotos" "-fptrauth-init-fini" "-fptrauth-init-fini-address-discrimination" "-faarch64-jump-table-hardening"
// RUN: %clang -### -c --target=aarch64 -mabi=pauthtest -fno-ptrauth-intrinsics \
// RUN: -fno-ptrauth-calls -fno-ptrauth-returns -fno-ptrauth-auth-traps \
// RUN: -fno-ptrauth-vtable-pointer-address-discrimination -fno-ptrauth-vtable-pointer-type-discrimination \
-// RUN: -fno-ptrauth-indirect-gotos -fno-ptrauth-init-fini %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
+// RUN: -fno-ptrauth-type-info-vtable-pointer-discrimination -fno-ptrauth-indirect-gotos \
+// RUN: -fno-ptrauth-init-fini -fno-ptrauth-init-fini-address-discrimination \
+// RUN: -fno-aarch64-jump-table-hardening %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
// RUN: %clang -### -c --target=aarch64-pauthtest -fno-ptrauth-intrinsics \
// RUN: -fno-ptrauth-calls -fno-ptrauth-returns -fno-ptrauth-auth-traps \
// RUN: -fno-ptrauth-vtable-pointer-address-discrimination -fno-ptrauth-vtable-pointer-type-discrimination \
-// RUN: -fno-ptrauth-indirect-gotos -fno-ptrauth-init-fini %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
+// RUN: -fno-ptrauth-type-info-vtable-pointer-discrimination -fno-ptrauth-indirect-gotos \
+// RUN: -fno-ptrauth-init-fini -fno-ptrauth-init-fini-address-discrimination \
+// RUN: -fno-aarch64-jump-table-hardening %s 2>&1 | FileCheck %s --check-prefix=PAUTHABI2
// PAUTHABI2: "-cc1"
// PAUTHABI2-NOT: "-fptrauth-
+// PAUTHABI2-NOT: "-faarch64-jump-table-hardening"
// RUN: not %clang -### -c --target=x86_64 -fptrauth-intrinsics -fptrauth-calls -fptrauth-returns -fptrauth-auth-traps \
// RUN: -fptrauth-vtable-pointer-address-discrimination -fptrauth-vtable-pointer-type-discrimination \
|
|
Would be glad to see everyone's feedback on the changes. |
2 similar comments
|
Would be glad to see everyone's feedback on the changes. |
|
Would be glad to see everyone's feedback on the changes. |
kovdan01
force-pushed
the
users/kovdan01/add-aarch64-jump-table-hardening-flag
branch
from
63c44ae to
270fa9e
Compare
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
from
872c8b9 to
c1ad05b
Compare
kovdan01
force-pushed
the
users/kovdan01/add-aarch64-jump-table-hardening-flag
branch
from
270fa9e to
099996b
Compare
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
from
c1ad05b to
7abf7b7
Compare
kovdan01
force-pushed
the
users/kovdan01/add-aarch64-jump-table-hardening-flag
branch
from
099996b to
c4c6657
Compare
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
from
7abf7b7 to
3de3592
Compare
|
@MaskRay Would be glad to see your feedback on the changes |
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
2 times, most recently
from
f670756 to
74814fd
Compare
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
from
74814fd to
8384b1d
Compare
Enable init/fini address discrimination, type info vtable pointer discrimination and AArch64 jump table hardening as part of pauthtest ABI.
kovdan01
force-pushed
the
users/kovdan01/pauthtest-new-features
branch
from
8384b1d to
838b0d0
Compare
|
@MaskRay Would be glad to see your feedback on the changes. It would be nice if we could merge this before release. |
|
Sorry, I haven't closely followed the AArch64 PAuth work. Driver options need to have some stability guarantee, while CC1 options can be more freely changed. So I'd be concerned if we commit to certain forms of driver options with known ergonomics issues. The Clang driver options should come last in the patch stack, with other patches reviewed first. If cc1 options are already available, it's not a blocker for end users to use them (experimental feature). For driver options, I don't know whether a bunch of |
@MaskRay I totally get your point, but the actual option implementation, cc1 flags and even driver flags are already available in mainline for pretty long time. The only thing this patch does is making several options (which are already implemented at all the stages) enabled as part of pauthtest ABI.
We have an old issue for discussing that #97320, but it seems that there was no actual discussion. I don't mind using the approach you've suggested, but it needs to be discussed with guys from Apple since they are a big user of pauth stuff. Given that this particular patch changes behavior only for pauthtest ABI (which is, by definition, intended to be used in test purposes), I believe it should be safe to merge that. I would be happy to discuss different approaches to implementing driver options in #97320, it just seems a bit unrelated to this particular PR. |
|
@MaskRay Could you please give a feedback (considering my latest comment above)? |
|
@MaskRay Would be glad to see your feedback considering the info from my comments above |
1 similar comment
|
@MaskRay Would be glad to see your feedback considering the info from my comments above |
Enable init/fini address discrimination, type info vtable pointer
discrimination and AArch64 jump table hardening as part of pauthtest ABI.