llvm/llvm/lib/Target/AArch64/AArch64PointerAuth.h

//===-- AArch64PointerAuth.h -- Harden code using PAuth ---------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#ifndef LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H
#define LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H

#include "llvm/CodeGen/MachineBasicBlock.h"
#include "llvm/CodeGen/Register.h"

namespace llvm {
namespace AArch64PAuth {

/// Variants of check performed on an authenticated pointer.
///
/// In cases such as authenticating the LR value when performing a tail call
/// or when re-signing a signed pointer with a different signing schema,
/// a failed authentication may not generate an exception on its own and may
/// create an authentication or signing oracle if not checked explicitly.
///
/// A number of check methods modify control flow in a similar way by
/// rewriting the code
///
/// ```
///   <authenticate LR>
///   <more instructions>
/// ```
///
/// as follows:
///
/// ```
///   <authenticate LR>
///   <method-specific checker>
/// ret_block:
///   <more instructions>
///   ...
///
/// break_block:
///   brk <code>
/// ```
enum class AuthCheckMethod {};

#define AUTH_CHECK_METHOD_CL_VALUES_COMMON

#define AUTH_CHECK_METHOD_CL_VALUES_LR

/// Explicitly checks that pointer authentication succeeded.
///
/// Assuming AuthenticatedReg contains a value returned by one of the AUT*
/// instructions, check the value using Method just before the instruction
/// pointed to by MBBI. If the check succeeds, execution proceeds to the
/// instruction pointed to by MBBI, otherwise a CPU exception is generated.
///
/// Some of the methods may need to know if the pointer was authenticated
/// using an I-key or D-key and which register can be used as temporary.
/// If an explicit BRK instruction is used to generate an exception, BrkImm
/// specifies its immediate operand.
void checkAuthenticatedRegister(MachineBasicBlock::iterator MBBI,
                                AuthCheckMethod Method,
                                Register AuthenticatedReg, Register TmpReg,
                                bool UseIKey, unsigned BrkImm);

/// Returns the number of bytes added by checkAuthenticatedRegister.
unsigned getCheckerSizeInBytes(AuthCheckMethod Method);

} // end namespace AArch64PAuth
} // end namespace llvm

#endif