//===-- AArch64PointerAuth.h -- Harden code using PAuth ---------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

#ifndef LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H
#define LLVM_LIB_TARGET_AARCH64_AARCH64POINTERAUTH_H

#include "llvm/CodeGen/MachineBasicBlock.h"
#include "llvm/CodeGen/Register.h"

namespace llvm {
namespace AArch64PAuth {

/// Variants of check performed on an authenticated pointer.
///
/// In cases such as authenticating the LR value when performing a tail call
/// or when re-signing a signed pointer with a different signing schema,
/// a failed authentication may not generate an exception on its own and may
/// create an authentication or signing oracle if not checked explicitly.
///
/// A number of check methods modify control flow in a similar way by
/// rewriting the code
///
/// ```
///   <authenticate LR>
///   <more instructions>
/// ```
///
/// as follows:
///
/// ```
///   <authenticate LR>
///   <method-specific checker>
/// on_fail:
///   brk <code>
/// on_success:
///   <more instructions>
///
/// ```
enum class AuthCheckMethod {
  /// Do not check the value at all
  None,

  /// Perform a load to a temporary register
  DummyLoad,

  /// Check by comparing bits 62 and 61 of the authenticated address.
  ///
  /// This method modifies control flow and inserts the following checker:
  ///
  /// ```
  ///   eor Xtmp, Xn, Xn, lsl #1
  ///   tbz Xtmp, #62, on_success
  /// ```
  HighBitsNoTBI,

  /// Check by comparing the authenticated value with an XPAC-ed one without
  /// using PAuth instructions not encoded as HINT. Can only be applied to LR.
  ///
  /// This method modifies control flow and inserts the following checker:
  ///
  /// ```
  ///   mov Xtmp, LR
  ///   xpaclri           ; encoded as "hint #7"
  ///   ; Note: at this point, the LR register contains the address as if
  ///   ; the authentication succeeded and the temporary register contains the
  ///   ; *real* result of authentication.
  ///   cmp Xtmp, LR
  ///   b.eq on_success
  /// ```
  XPACHint,

  /// Similar to XPACHint but using Armv8.3-only XPAC instruction, thus
  /// not restricted to LR:
  /// ```
  ///   mov Xtmp, Xn
  ///   xpac(i|d) Xn
  ///   cmp Xtmp, Xn
  ///   b.eq on_success
  /// ```
  XPAC,
};

#define AUTH_CHECK_METHOD_CL_VALUES_COMMON                                     \
  clEnumValN(AArch64PAuth::AuthCheckMethod::None, "none",                      \
             "Do not check authenticated address"),                            \
      clEnumValN(AArch64PAuth::AuthCheckMethod::DummyLoad, "load",             \
                 "Perform dummy load from authenticated address"),             \
      clEnumValN(                                                              \
          AArch64PAuth::AuthCheckMethod::HighBitsNoTBI, "high-bits-notbi",     \
          "Compare bits 62 and 61 of address (TBI should be disabled)"),       \
      clEnumValN(AArch64PAuth::AuthCheckMethod::XPAC, "xpac",                  \
                 "Compare with the result of XPAC (requires Armv8.3-a)")

#define AUTH_CHECK_METHOD_CL_VALUES_LR                                         \
      AUTH_CHECK_METHOD_CL_VALUES_COMMON,                                      \
      clEnumValN(AArch64PAuth::AuthCheckMethod::XPACHint, "xpac-hint",         \
                 "Compare with the result of XPACLRI")

/// Returns the number of bytes added by checkAuthenticatedRegister.
unsigned getCheckerSizeInBytes(AuthCheckMethod Method);

} // end namespace AArch64PAuth
} // end namespace llvm

#endif