Andrea Corallo via Gcc-patches <gcc-patches@gcc.gnu.org> writes:
> Andrea Corallo via Gcc-patches <gcc-patches@gcc.gnu.org> writes:
>
>> Hi all,
>>
>> this patch enables address return signature and verification based on
>> Armv8.1-M Pointer Authentication [1].
>>
>> To sign the return address, we use the PAC R12, LR, SP instruction
>> upon function entry. This is signing LR using SP and storing the
>> result in R12. R12 will be pushed into the stack.
>>
>> During function epilogue R12 will be popped and AUT R12, LR, SP will
>> be used to verify that the content of LR is still valid before return.
>>
>> Here an example of PAC instrumented function prologue and epilogue:
>>
>> pac r12, lr, sp
>> push {r3, r7, lr}
>> push {r12}
>> sub sp, sp, #4
>> [...] function body
>> add sp, sp, #4
>> pop {r12}
>> pop {r3, r7, lr}
>> aut r12, lr, sp
>> bx lr
>>
>> The patch also takes care of generating a PACBTI instruction in place
>> of the sequence BTI+PAC when Branch Target Identification is enabled
>> contextually.
>>
>> These two patches apply on top of Tejas series posted here [2].
>>
>> Regressioned and arm-linux-gnu aarch64-linux-gnu bootstraped.
>>
>> Best Regards
>>
>> Andrea
>>
>> [1]
>> <https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/armv8-1-m-pointer-authentication-and-branch-target-identification-extension>
>> [2] <https://gcc.gnu.org/pipermail/gcc-patches/2021-October/581176.html>
>
> Ping
>
> Best Regards
>
> Andrea
Hi all,
pinging this and 2/2.
Thanks
Andrea
