projects / platform / upstream / llvm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1a37705) | patch
[AArch64] Avoid incompatibility between SLSBLR mitigation and BTI codegen.
authorKristof Beyls <kristof.beyls@arm.com>
Fri, 22 May 2020 20:00:46 +0000 (21:00 +0100)
committerKristof Beyls <kristof.beyls@arm.com>
Fri, 19 Jun 2020 05:21:54 +0000 (06:21 +0100)
commitd938ec4509c47d461377527fc2877ae14b91275c
tree59618f8c153cdf1b28291c45fa07d9a24fe7476etree | snapshot
parent1a377055a71a8508042e75d3feffb3bd016c1088commit | diff
[AArch64] Avoid incompatibility between SLSBLR mitigation and BTI codegen.

A "BTI c" instruction only allows jumping/calling to using a BLR* instruction.
However, the SLSBLR mitigation changes a BLR to a BR to implement the
function call. Therefore, a "BTI c" check that passed before could
trigger after the BLR->BL change done by the SLSBLR mitigation.
However, if the register used in BR is X16 or X17, this trigger will not
fire (see ArmARM for further details).

Therefore, this patch simply changes the function stubs for the SLSBLR
mitigation from
__llvm_slsblr_thunk_x<N>:
    br x<N>
    SpeculationBarrier
to
__llvm_slsblr_thunk_x<N>:
    mov x16, x<N>
    br  x16
    SpeculationBarrier

Differential Revision: https://reviews.llvm.org/D81405
llvm/lib/Target/AArch64/AArch64SLSHardening.cpp diff | blob | history
llvm/test/CodeGen/AArch64/speculation-hardening-sls.ll diff | blob | history
Domain: System / Toolchain;