Merge remote-tracking branch 'origin/users/ahmedbougacha/ptrauth-sign-constant' into users/ahmedbougacha/ptrauth-function-pointers

Author: ahatanak

clang/docs/PointerAuthentication.rst

@@ -328,6 +328,21 @@ be done in a single instruction with an immediate integer.
 ``pointer`` must have pointer type, and ``integer`` must have integer type. The
 result has type ``ptrauth_extra_data_t``.
 
+``ptrauth_string_discriminator``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: c
+
+  ptrauth_string_discriminator(string)
+
+Produce a discriminator value for the given string.  ``string`` must be
+a string literal of ``char`` character type.  The result has type
+``ptrauth_extra_data_t``.
+
+The result is always a constant expression.  The result value is never zero and
+always within range for both the ``__ptrauth`` qualifier and
+``ptrauth_blend_discriminator``.
+
 ``ptrauth_strip``
 ^^^^^^^^^^^^^^^^^
 
@@ -339,6 +354,23 @@ Given that ``signedPointer`` matches the layout for signed pointers signed with
 the given key, extract the raw pointer from it.  This operation does not trap
 and cannot fail, even if the pointer is not validly signed.
 
+``ptrauth_sign_constant``
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: c
+
+  ptrauth_sign_constant(pointer, key, discriminator)
+
+Return a signed pointer for a constant address in a manner which guarantees
+a non-attackable sequence.
+
+``pointer`` must be a constant expression of pointer type which evaluates to
+a non-null pointer.  The result will have the same type as ``discriminator``.
+
+Calls to this are constant expressions if the discriminator is a null-pointer
+constant expression or an integer constant expression. Implementations may
+allow other pointer expressions as well.
+
 ``ptrauth_sign_unauthenticated``
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

clang/include/clang/CodeGen/CodeGenABITypes.h

@@ -106,10 +106,10 @@ unsigned getLLVMFieldNumber(CodeGenModule &CGM,
 
 /// Return a signed constant pointer.
 llvm::Constant *getConstantSignedPointer(CodeGenModule &CGM,
-                                         llvm::Constant *pointer,
-                                         unsigned key,
-                                         llvm::Constant *storageAddress,
-                                         llvm::Constant *otherDiscriminator);
+                                         llvm::Constant *Pointer, unsigned Key,
+                                         llvm::Constant *StorageAddress,
+                                         llvm::Constant *OtherDiscriminator);
+
 /// Given the language and code-generation options that Clang was configured
 /// with, set the default LLVM IR attributes for a function definition.
 /// The attributes set here are mostly global target-configuration and

clang/lib/AST/ExprConstant.cpp

@@ -12586,9 +12586,10 @@ bool IntExprEvaluator::VisitBuiltinCallExpr(const CallExpr *E,
     return Visit(E->getArg(0));
 
   case Builtin::BI__builtin_ptrauth_string_discriminator: {
-    auto literal = cast<StringLiteral>(E->getArg(0)->IgnoreParenImpCasts());
-    auto result = getPointerAuthStableSipHash16(literal->getString());
-    return Success(result, E);
+    const auto *Literal =
+        cast<StringLiteral>(E->getArg(0)->IgnoreParenImpCasts());
+    uint64_t Result = getPointerAuthStableSipHash16(Literal->getString());
+    return Success(Result, E);
   }
 
   case Builtin::BI__builtin_ffs:

clang/lib/CodeGen/CGExprConstant.cpp

@@ -2090,54 +2090,54 @@ ConstantLValueEmitter::VisitCallExpr(const CallExpr *E) {
 
 ConstantLValue
 ConstantLValueEmitter::emitPointerAuthSignConstant(const CallExpr *E) {
-  auto unsignedPointer = emitPointerAuthPointer(E->getArg(0));
-  auto key = emitPointerAuthKey(E->getArg(1));
-  llvm::Constant *storageAddress;
-  llvm::Constant *otherDiscriminator;
-  std::tie(storageAddress, otherDiscriminator) =
-    emitPointerAuthDiscriminator(E->getArg(2));
+  llvm::Constant *UnsignedPointer = emitPointerAuthPointer(E->getArg(0));
+  unsigned Key = emitPointerAuthKey(E->getArg(1));
+  llvm::Constant *StorageAddress;
+  llvm::Constant *OtherDiscriminator;
+  std::tie(StorageAddress, OtherDiscriminator) =
+      emitPointerAuthDiscriminator(E->getArg(2));
 
-  auto signedPointer =
-    CGM.getConstantSignedPointer(unsignedPointer, key, storageAddress,
-                                 otherDiscriminator);
-  return signedPointer;
+  llvm::Constant *SignedPointer = CGM.getConstantSignedPointer(
+      UnsignedPointer, Key, StorageAddress, OtherDiscriminator);
+  return SignedPointer;
 }
 
 llvm::Constant *ConstantLValueEmitter::emitPointerAuthPointer(const Expr *E) {
-  Expr::EvalResult result;
-  bool succeeded = E->EvaluateAsRValue(result, CGM.getContext());
-  assert(succeeded); (void) succeeded;
+  Expr::EvalResult Result;
+  bool Succeeded = E->EvaluateAsRValue(Result, CGM.getContext());
+  assert(Succeeded);
+  (void)Succeeded;
 
   // The assertions here are all checked by Sema.
-  assert(result.Val.isLValue());
+  assert(Result.Val.isLValue());
   return ConstantEmitter(CGM, Emitter.CGF)
-           .emitAbstract(E->getExprLoc(), result.Val, E->getType());
+      .emitAbstract(E->getExprLoc(), Result.Val, E->getType());
 }
 
 unsigned ConstantLValueEmitter::emitPointerAuthKey(const Expr *E) {
   return E->EvaluateKnownConstInt(CGM.getContext()).getZExtValue();
 }
 
-std::pair<llvm::Constant*, llvm::Constant*>
+std::pair<llvm::Constant *, llvm::Constant *>
 ConstantLValueEmitter::emitPointerAuthDiscriminator(const Expr *E) {
   E = E->IgnoreParens();
 
-  if (auto call = dyn_cast<CallExpr>(E)) {
-    if (call->getBuiltinCallee() ==
-          Builtin::BI__builtin_ptrauth_blend_discriminator) {
-      auto pointer = ConstantEmitter(CGM).emitAbstract(call->getArg(0),
-                                            call->getArg(0)->getType());
-      auto extra = ConstantEmitter(CGM).emitAbstract(call->getArg(1),
-                                            call->getArg(1)->getType());
-      return { pointer, extra };
+  if (auto *Call = dyn_cast<CallExpr>(E)) {
+    if (Call->getBuiltinCallee() ==
+        Builtin::BI__builtin_ptrauth_blend_discriminator) {
+      llvm::Constant *Pointer = ConstantEmitter(CGM).emitAbstract(
+          Call->getArg(0), Call->getArg(0)->getType());
+      llvm::Constant *Extra = ConstantEmitter(CGM).emitAbstract(
+          Call->getArg(1), Call->getArg(1)->getType());
+      return {Pointer, Extra};
     }
   }
 
-  auto result = ConstantEmitter(CGM).emitAbstract(E, E->getType());
-  if (result->getType()->isPointerTy())
-    return { result, nullptr };
+  llvm::Constant *Result = ConstantEmitter(CGM).emitAbstract(E, E->getType());
+  if (Result->getType()->isPointerTy())
+    return {Result, nullptr};
   else
-    return { nullptr, result };
+    return {nullptr, Result};
 }
 
 ConstantLValue

clang/lib/CodeGen/CGPointerAuth.cpp

@@ -11,19 +11,8 @@
 //
 //===----------------------------------------------------------------------===//
 
-#include "CGCXXABI.h"
-#include "CGCall.h"
-#include "CodeGenFunction.h"
 #include "CodeGenModule.h"
-#include "clang/AST/Attr.h"
-#include "clang/Basic/PointerAuthOptions.h"
 #include "clang/CodeGen/CodeGenABITypes.h"
-#include "clang/CodeGen/ConstantInitBuilder.h"
-
-#include "llvm/ADT/DenseMap.h"
-#include "llvm/IR/ValueMap.h"
-#include "llvm/Analysis/ValueTracking.h"
-#include <vector>
 
 using namespace clang;
 using namespace CodeGen;
@@ -48,50 +37,47 @@ CGPointerAuthInfo CodeGenModule::getFunctionPointerAuthInfo(QualType T) {
 
 /// Build a signed-pointer "ptrauth" constant.
 static llvm::ConstantPtrAuth *
-buildConstantAddress(CodeGenModule &CGM, llvm::Constant *pointer, unsigned key,
-                     llvm::Constant *storageAddress,
-                     llvm::Constant *otherDiscriminator) {
-  llvm::Constant *addressDiscriminator = nullptr;
-  if (storageAddress) {
-    addressDiscriminator = storageAddress;
-    assert(storageAddress->getType() == CGM.UnqualPtrTy);
+buildConstantAddress(CodeGenModule &CGM, llvm::Constant *Pointer, unsigned Key,
+                     llvm::Constant *StorageAddress,
+                     llvm::Constant *OtherDiscriminator) {
+  llvm::Constant *AddressDiscriminator = nullptr;
+  if (StorageAddress) {
+    AddressDiscriminator = StorageAddress;
+    assert(StorageAddress->getType() == CGM.UnqualPtrTy);
   } else {
-    addressDiscriminator = llvm::Constant::getNullValue(CGM.UnqualPtrTy);
+    AddressDiscriminator = llvm::Constant::getNullValue(CGM.UnqualPtrTy);
   }
 
-  llvm::ConstantInt *integerDiscriminator = nullptr;
-  if (otherDiscriminator) {
-    assert(otherDiscriminator->getType() == CGM.Int64Ty);
-    integerDiscriminator = cast<llvm::ConstantInt>(otherDiscriminator);
+  llvm::ConstantInt *IntegerDiscriminator = nullptr;
+  if (OtherDiscriminator) {
+    assert(OtherDiscriminator->getType() == CGM.Int64Ty);
+    IntegerDiscriminator = cast<llvm::ConstantInt>(OtherDiscriminator);
   } else {
-    integerDiscriminator = llvm::ConstantInt::get(CGM.Int64Ty, 0);
+    IntegerDiscriminator = llvm::ConstantInt::get(CGM.Int64Ty, 0);
   }
 
-  return llvm::ConstantPtrAuth::get(
-    pointer, llvm::ConstantInt::get(CGM.Int32Ty, key), integerDiscriminator,
-    addressDiscriminator);
+  return llvm::ConstantPtrAuth::get(Pointer,
+                                    llvm::ConstantInt::get(CGM.Int32Ty, Key),
+                                    IntegerDiscriminator, AddressDiscriminator);
 }
 
 llvm::Constant *
-CodeGenModule::getConstantSignedPointer(llvm::Constant *pointer,
-                                        unsigned key,
-                                        llvm::Constant *storageAddress,
-                                        llvm::Constant *otherDiscriminator) {
-  // Unique based on the underlying value, not a signing of it.
-  auto stripped = pointer->stripPointerCasts();
+CodeGenModule::getConstantSignedPointer(llvm::Constant *Pointer, unsigned Key,
+                                        llvm::Constant *StorageAddress,
+                                        llvm::Constant *OtherDiscriminator) {
+  llvm::Constant *Stripped = Pointer->stripPointerCasts();
 
   // Build the constant.
-  return buildConstantAddress(*this, stripped, key, storageAddress,
-                              otherDiscriminator);
+  return buildConstantAddress(*this, Stripped, Key, StorageAddress,
+                              OtherDiscriminator);
 }
 
 llvm::Constant *
-CodeGen::getConstantSignedPointer(CodeGenModule &CGM,
-                                  llvm::Constant *pointer, unsigned key,
-                                  llvm::Constant *storageAddress,
-                                  llvm::Constant *otherDiscriminator) {
-  return CGM.getConstantSignedPointer(pointer, key, storageAddress,
-                                      otherDiscriminator);
+CodeGen::getConstantSignedPointer(CodeGenModule &CGM, llvm::Constant *Pointer,
+                                  unsigned Key, llvm::Constant *StorageAddress,
+                                  llvm::Constant *OtherDiscriminator) {
+  return CGM.getConstantSignedPointer(Pointer, Key, StorageAddress,
+                                      OtherDiscriminator);
 }
 
 /// If applicable, sign a given constant function pointer with the ABI rules for

clang/lib/CodeGen/CodeGenModule.h

@@ -965,10 +965,10 @@ class CodeGenModule : public CodeGenTypeCache {
                                            GlobalDecl SchemaDecl,
                                            QualType SchemaType);
 
-  llvm::Constant *getConstantSignedPointer(llvm::Constant *pointer,
-                                           unsigned key,
-                                           llvm::Constant *storageAddress,
-                                           llvm::Constant *extraDiscrim);
+  llvm::Constant *getConstantSignedPointer(llvm::Constant *Pointer,
+                                           unsigned Key,
+                                           llvm::Constant *StorageAddress,
+                                           llvm::Constant *ExtraDiscrim);
 
   // Return whether RTTI information should be emitted for this target.
   bool shouldEmitRTTI(bool ForEH = false) {