@@ -5750,7 +5750,6 @@ void IRGenSILFunction::visitBeginAccessInst(BeginAccessInst *access) {
5750
5750
5751
5751
case SILAccessEnforcement::Static:
5752
5752
case SILAccessEnforcement::Unsafe:
5753
- case SILAccessEnforcement::Signed:
5754
5753
// nothing to do
5755
5754
setLoweredAddress (access, addr);
5756
5755
return ;
@@ -5773,6 +5772,44 @@ void IRGenSILFunction::visitBeginAccessInst(BeginAccessInst *access) {
5773
5772
setLoweredDynamicallyEnforcedAddress (access, addr, scratch);
5774
5773
return ;
5775
5774
}
5775
+ case SILAccessEnforcement::Signed: {
5776
+ auto &ti = getTypeInfo (access->getType ());
5777
+ auto *sea = cast<StructElementAddrInst>(access->getOperand ());
5778
+ auto *Int64PtrTy = llvm::Type::getInt64PtrTy (IGM.getLLVMContext ());
5779
+ auto *Int64PtrPtrTy = Int64PtrTy->getPointerTo ();
5780
+ if (access->getAccessKind () == SILAccessKind::Read) {
5781
+ // When we see a signed read access, generate code to:
5782
+ // authenticate the signed pointer, and store the authenticated value to a
5783
+ // shadow stack location. Set the lowered address of the access to this
5784
+ // stack location.
5785
+ auto pointerAuthQual = sea->getField ()->getPointerAuthQualifier ();
5786
+ auto *pointerToSignedFptr = getLoweredAddress (sea).getAddress ();
5787
+ auto *pointerToIntPtr =
5788
+ Builder.CreateBitCast (pointerToSignedFptr, Int64PtrPtrTy);
5789
+ auto *signedFptr = Builder.CreateLoad (pointerToIntPtr, Int64PtrTy,
5790
+ IGM.getPointerAlignment ());
5791
+ auto *resignedFptr = emitPointerAuthResign (
5792
+ *this , signedFptr, PointerAuthInfo::emit (IGM, pointerAuthQual),
5793
+ PointerAuthInfo::emit (*this ,
5794
+ IGM.getOptions ().PointerAuth .FunctionPointers ,
5795
+ pointerToSignedFptr, PointerAuthEntity ()));
5796
+ auto temp = ti.allocateStack (*this , access->getType (), " ptrauth.temp" );
5797
+ auto *tempAddressToIntPtr =
5798
+ Builder.CreateBitCast (temp.getAddressPointer (), Int64PtrPtrTy);
5799
+ Builder.CreateStore (resignedFptr, tempAddressToIntPtr,
5800
+ IGM.getPointerAlignment ());
5801
+ setLoweredAddress (access, temp.getAddress ());
5802
+ return ;
5803
+ }
5804
+ if (access->getAccessKind () == SILAccessKind::Modify) {
5805
+ // When we see a signed modify access, create a shadow stack location and
5806
+ // set the lowered address of the access to this stack location.
5807
+ auto temp = ti.allocateStack (*this , access->getType (), " ptrauth.temp" );
5808
+ setLoweredAddress (access, temp.getAddress ());
5809
+ return ;
5810
+ }
5811
+ llvm_unreachable (" Incompatible access kind with begin_access [signed]" );
5812
+ }
5776
5813
}
5777
5814
llvm_unreachable (" bad access enforcement" );
5778
5815
}
@@ -5837,7 +5874,6 @@ void IRGenSILFunction::visitEndAccessInst(EndAccessInst *i) {
5837
5874
5838
5875
case SILAccessEnforcement::Static:
5839
5876
case SILAccessEnforcement::Unsafe:
5840
- case SILAccessEnforcement::Signed:
5841
5877
// nothing to do
5842
5878
return ;
5843
5879
@@ -5854,6 +5890,39 @@ void IRGenSILFunction::visitEndAccessInst(EndAccessInst *i) {
5854
5890
Builder.CreateLifetimeEnd (scratch);
5855
5891
return ;
5856
5892
}
5893
+
5894
+ case SILAccessEnforcement::Signed: {
5895
+ if (access->getAccessKind () != SILAccessKind::Modify) {
5896
+ // nothing to do.
5897
+ return ;
5898
+ }
5899
+ // When we see a signed modify access, get the lowered address of the
5900
+ // access which is the shadow stack slot, sign the value and write back to
5901
+ // the struct field.
5902
+ auto *Int64PtrTy = llvm::Type::getInt64PtrTy (IGM.getLLVMContext ());
5903
+ auto *Int64PtrPtrTy = Int64PtrTy->getPointerTo ();
5904
+ auto pointerAuthQual = cast<StructElementAddrInst>(access->getOperand ())
5905
+ ->getField ()
5906
+ ->getPointerAuthQualifier ();
5907
+ auto tempAddress = getLoweredAddress (access);
5908
+ auto *tempAddressToIntPtr =
5909
+ Builder.CreateBitCast (tempAddress.getAddress (), Int64PtrPtrTy);
5910
+ auto *tempAddressValue = Builder.CreateLoad (tempAddressToIntPtr, Int64PtrTy,
5911
+ IGM.getPointerAlignment ());
5912
+ auto *signedFptr = emitPointerAuthResign (
5913
+ *this , tempAddressValue,
5914
+ PointerAuthInfo::emit (*this ,
5915
+ IGM.getOptions ().PointerAuth .FunctionPointers ,
5916
+ tempAddress.getAddress (), PointerAuthEntity ()),
5917
+ PointerAuthInfo::emit (IGM, pointerAuthQual));
5918
+
5919
+ auto *pointerToSignedFptr =
5920
+ getLoweredAddress (access->getOperand ()).getAddress ();
5921
+ auto *pointerToIntPtr =
5922
+ Builder.CreateBitCast (pointerToSignedFptr, Int64PtrPtrTy);
5923
+ Builder.CreateStore (signedFptr, pointerToIntPtr, IGM.getPointerAlignment ());
5924
+ return ;
5925
+ }
5857
5926
}
5858
5927
llvm_unreachable (" bad access enforcement" );
5859
5928
}
0 commit comments