Bring arm64e/ptrauth support to parity with main upstreaming branch

clang/include/clang/AST/ASTContext.h

@@ -476,6 +476,8 @@ class ASTContext : public RefCountedBase<ASTContext> {
   llvm::StringMap<const Module *> PrimaryModuleNameMap;
   llvm::DenseMap<const Module *, const Module *> SameModuleLookupSet;
 
+  mutable llvm::DenseMap<QualType, bool> ContainsAuthenticatedNullTypes;
+
   /// The include tree that is being built, if any.
   /// See \c FrontendOptions::CASIncludeTreeID.
   std::optional<std::string> CASIncludeTreeID;
@@ -1300,14 +1302,54 @@ class ASTContext : public RefCountedBase<ASTContext> {
   /// space.
   QualType removeAddrSpaceQualType(QualType T) const;
 
-  /// Return the "other" type-specific discriminator for the given type.
-  uint16_t getPointerAuthTypeDiscriminator(QualType T);
-
   /// Return the "other" discriminator used for the pointer auth schema used for
   /// vtable pointers in instances of the requested type.
   uint16_t
   getPointerAuthVTablePointerDiscriminator(const CXXRecordDecl *RD);
 
+  /// Return the "other" type-specific discriminator for the given type.
+  uint16_t getPointerAuthTypeDiscriminator(QualType T);
+
+  /// Return the key of attribute ptrauth_struct on the record. If the attribute
+  /// isn't on the record, return the none key. If the key argument is value
+  /// dependent, set the boolean flag to false.
+  std::pair<bool, unsigned> getPointerAuthStructKey(const RecordDecl *RD) const;
+
+  /// Return the discriminator of attribute ptrauth_struct on the record. If the
+  /// key argument is value dependent, set the boolean flag to false.
+  std::pair<bool, unsigned>
+  getPointerAuthStructDisc(const RecordDecl *RD) const;
+
+  // Determine whether the type can have qualifier __ptrauth with key
+  // ptrauth_key_none.
+  bool canQualifyWithPtrAuthKeyNone(QualType T) const {
+    QualType PointeeType = T->getPointeeType();
+
+    if (PointeeType.isNull())
+      return true;
+
+    // Disallow the qualifier on function pointers.
+    if (PointeeType->isFunctionType())
+      return false;
+
+    // Disallow the qualifer on classes annotated with attribute ptrauth_struct
+    // with a key that isn't the none key.
+    if (auto *RD = PointeeType->getAsRecordDecl()) {
+      std::pair<bool, unsigned> P = getPointerAuthStructKey(RD);
+      if (P.first && P.second != PointerAuthKeyNone)
+        return false;
+    }
+
+    return true;
+  }
+
+  bool hasPointerAuthStructMismatch(const RecordDecl *RD0,
+                                    const RecordDecl *RD1) const;
+
+  bool typeContainsAuthenticatedNull(QualType) const;
+  bool typeContainsAuthenticatedNull(const Type *) const;
+  std::optional<bool> tryTypeContainsAuthenticatedNull(QualType) const;
+
   /// Apply Objective-C protocol qualifiers to the given type.
   /// \param allowOnPointerType specifies if we can apply protocol
   /// qualifiers on ObjCObjectPointerType. It can be set to true when

clang/include/clang/AST/CXXRecordDeclDefinitionBits.def

@@ -249,4 +249,8 @@ FIELD(HasDeclaredCopyAssignmentWithConstParam, 1, MERGE_OR)
 /// base classes or fields have a no-return destructor
 FIELD(IsAnyDestructorNoReturn, 1, NO_MERGE)
 
+/// Whether this class or any of its direct or indirect base classes are
+/// annotated with `ptrauth_struct` that uses a key that isn't the none key.
+FIELD(HasSignedClassInHierarchy, 1, NO_MERGE)
+
 #undef FIELD

clang/include/clang/AST/DeclCXX.h

@@ -1018,6 +1018,14 @@ class CXXRecordDecl : public RecordDecl {
     return data().NeedOverloadResolutionForDestructor;
   }
 
+  bool hasSignedClassInHierarchy() const {
+    return data().HasSignedClassInHierarchy;
+  }
+
+  void setHasSignedClassInHierarchy() {
+    data().HasSignedClassInHierarchy = true;
+  }
+
   /// Determine whether this class describes a lambda function object.
   bool isLambda() const {
     // An update record can't turn a non-lambda into a lambda.

clang/include/clang/AST/Stmt.h

@@ -530,7 +530,7 @@ class alignas(void *) Stmt {
     unsigned : NumExprBits;
 
     LLVM_PREFERRED_TYPE(UnaryExprOrTypeTrait)
-    unsigned Kind : 3;
+    unsigned Kind : 4;
     LLVM_PREFERRED_TYPE(bool)
     unsigned IsType : 1; // true if operand is a type, false if an expression.
   };

clang/include/clang/AST/Type.h

@@ -165,8 +165,11 @@ class PointerAuthQualifier {
     AuthenticatesNullValuesBits = 1,
     AuthenticatesNullValuesMask = ((1 << AuthenticatesNullValuesBits) - 1)
                                   << AuthenticatesNullValuesShift,
-    KeyShift = AuthenticatesNullValuesShift + AuthenticatesNullValuesBits,
-    KeyBits = 10,
+    RestrictedIntegralShift = AuthenticatesNullValuesShift + AuthenticatesNullValuesBits,
+    RestrictedIntegralBits = 1,
+    RestrictedIntegralMask = ((1 << RestrictedIntegralBits) - 1) << RestrictedIntegralShift,
+    KeyShift = RestrictedIntegralShift + RestrictedIntegralBits,
+    KeyBits = 9,
     KeyMask = ((1 << KeyBits) - 1) << KeyShift,
     DiscriminatorShift = KeyShift + KeyBits,
     DiscriminatorBits = 16,
@@ -175,32 +178,36 @@ class PointerAuthQualifier {
 
   // bits:     |0      |1      |2..3              |4          |
   //           |Enabled|Address|AuthenticationMode|ISA pointer|
-  // bits:     |5                |6..15|   16...31   |
-  //           |AuthenticatesNull|Key  |Discriminator|
+  // bits:     |5                |6                 |7..15|   16...31   |
+  //           |AuthenticatesNull|RestrictedIntegral|Key  |Discriminator|
   uint32_t Data = 0;
 
   // The following static assertions check that each of the 32 bits is present
   // exactly in one of the constants.
   static_assert((EnabledBits + AddressDiscriminatedBits +
                  AuthenticationModeBits + IsaPointerBits +
-                 AuthenticatesNullValuesBits + KeyBits + DiscriminatorBits) ==
+                 AuthenticatesNullValuesBits + RestrictedIntegralBits +
+                 KeyBits + DiscriminatorBits) ==
                     32,
                 "PointerAuthQualifier should be exactly 32 bits");
   static_assert((EnabledMask + AddressDiscriminatedMask +
                  AuthenticationModeMask + IsaPointerMask +
-                 AuthenticatesNullValuesMask + KeyMask + DiscriminatorMask) ==
+                 AuthenticatesNullValuesMask + RestrictedIntegralMask +
+                 KeyMask + DiscriminatorMask) ==
                     0xFFFFFFFF,
                 "All masks should cover the entire bits");
   static_assert((EnabledMask ^ AddressDiscriminatedMask ^
                  AuthenticationModeMask ^ IsaPointerMask ^
-                 AuthenticatesNullValuesMask ^ KeyMask ^ DiscriminatorMask) ==
+                 AuthenticatesNullValuesMask ^ RestrictedIntegralMask ^
+                 KeyMask ^ DiscriminatorMask) ==
                     0xFFFFFFFF,
                 "All masks should cover the entire bits");
 
   PointerAuthQualifier(unsigned Key, bool IsAddressDiscriminated,
                        unsigned ExtraDiscriminator,
                        PointerAuthenticationMode AuthenticationMode,
-                       bool IsIsaPointer, bool AuthenticatesNullValues)
+                       bool IsIsaPointer, bool AuthenticatesNullValues,
+                       bool IsRestrictedIntegral)
       : Data(EnabledMask |
              (IsAddressDiscriminated
                   ? llvm::to_underlying(AddressDiscriminatedMask)
@@ -210,7 +217,8 @@ class PointerAuthQualifier {
               << AuthenticationModeShift) |
              (ExtraDiscriminator << DiscriminatorShift) |
              (IsIsaPointer << IsaPointerShift) |
-             (AuthenticatesNullValues << AuthenticatesNullValuesShift)) {
+             (AuthenticatesNullValues << AuthenticatesNullValuesShift) |
+             (IsRestrictedIntegral << RestrictedIntegralShift)) {
     assert(Key <= KeyNoneInternal);
     assert(ExtraDiscriminator <= MaxDiscriminator);
     assert((Data == 0) ==
@@ -234,13 +242,13 @@ class PointerAuthQualifier {
   static PointerAuthQualifier
   Create(unsigned Key, bool IsAddressDiscriminated, unsigned ExtraDiscriminator,
          PointerAuthenticationMode AuthenticationMode, bool IsIsaPointer,
-         bool AuthenticatesNullValues) {
+         bool AuthenticatesNullValues, bool IsRestrictedIntegral) {
     if (Key == PointerAuthKeyNone)
       Key = KeyNoneInternal;
     assert(Key <= KeyNoneInternal && "out-of-range key value");
     return PointerAuthQualifier(Key, IsAddressDiscriminated, ExtraDiscriminator,
                                 AuthenticationMode, IsIsaPointer,
-                                AuthenticatesNullValues);
+                                AuthenticatesNullValues, IsRestrictedIntegral);
   }
 
   bool isPresent() const {
@@ -287,6 +295,10 @@ class PointerAuthQualifier {
     return hasKeyNone() ? PointerAuthQualifier() : *this;
   }
 
+  bool isRestrictedIntegral() const {
+    return (Data & RestrictedIntegralMask) >> RestrictedIntegralShift;
+  }
+
   friend bool operator==(PointerAuthQualifier Lhs, PointerAuthQualifier Rhs) {
     return Lhs.Data == Rhs.Data;
   }
@@ -828,17 +840,18 @@ class Qualifiers {
   static_assert(sizeof(PointerAuthQualifier) == sizeof(uint32_t),
                 "PointerAuthQualifier must be 32 bits");
 
+  static constexpr uint64_t PtrAuthShift = 32;
+  static constexpr uint64_t PtrAuthMask = uint64_t(0xffffffff) << PtrAuthShift;
+
   static constexpr uint64_t UMask = 0x8;
   static constexpr uint64_t UShift = 3;
   static constexpr uint64_t GCAttrMask = 0x30;
   static constexpr uint64_t GCAttrShift = 4;
   static constexpr uint64_t LifetimeMask = 0x1C0;
   static constexpr uint64_t LifetimeShift = 6;
-  static constexpr uint64_t AddressSpaceShift = 9;
-  static constexpr uint64_t PtrAuthShift = 32;
-  static constexpr uint64_t PtrAuthMask = uint64_t(0xffffffff) << PtrAuthShift;
   static constexpr uint64_t AddressSpaceMask =
       ~(CVRMask | UMask | GCAttrMask | LifetimeMask | PtrAuthMask);
+  static constexpr uint64_t AddressSpaceShift = 9;
 };
 
 class QualifiersAndAtomic {
@@ -1477,7 +1490,7 @@ class QualType {
   }
 
   bool hasAddressDiscriminatedPointerAuth() const {
-    if (auto ptrauth = getPointerAuth())
+    if (auto ptrauth = getPointerAuth().withoutKeyNone())
       return ptrauth.isAddressDiscriminated();
     return false;
   }
@@ -2530,6 +2543,9 @@ class alignas(TypeAlignment) Type : public ExtQualsTypeCommonBase {
   bool isFunctionNoProtoType() const { return getAs<FunctionNoProtoType>(); }
   bool isFunctionProtoType() const { return getAs<FunctionProtoType>(); }
   bool isPointerType() const;
+  bool isSignableType(const ASTContext &Ctx) const;
+  bool isSignablePointerType() const;
+  bool isSignableIntegerType(const ASTContext &Ctx) const;
   bool isAnyPointerType() const;   // Any C pointer or ObjC object pointer
   bool isCountAttributedType() const;
   bool isBlockPointerType() const;
@@ -8019,6 +8035,14 @@ inline bool Type::isAnyPointerType() const {
   return isPointerType() || isObjCObjectPointerType();
 }
 
+inline bool Type::isSignableType(const ASTContext &Ctx) const {
+  return isSignablePointerType() || isSignableIntegerType(Ctx);
+}
+
+inline bool Type::isSignablePointerType() const {
+  return isPointerType() || isObjCClassType() || isObjCQualifiedClassType();
+}
+
 inline bool Type::isBlockPointerType() const {
   return isa<BlockPointerType>(CanonicalType);
 }

clang/include/clang/Basic/Attr.td

@@ -3326,13 +3326,22 @@ def ObjCRequiresPropertyDefs : InheritableAttr {
 }
 
 def PointerAuth : TypeAttr {
-  let Spellings = [CustomKeyword<"__ptrauth">];
+  let Spellings = [CustomKeyword<"__ptrauth">,
+                   CustomKeyword<"__ptrauth_restricted_intptr">];
   let Args = [IntArgument<"Key">,
               BoolArgument<"AddressDiscriminated", 1>,
-              IntArgument<"ExtraDiscriminator", 1>];
+              IntArgument<"ExtraDiscriminator", 1>,
+              StringArgument<"AuthenticationMode", 1>];
   let Documentation = [PtrAuthDocs];
 }
 
+def PointerAuthStruct : InheritableAttr {
+  let Spellings = [Clang<"ptrauth_struct">];
+  let Args = [ExprArgument<"Key">, ExprArgument<"Discriminator">];
+  let Subjects = SubjectList<[Record]>;
+  let Documentation = [PointerAuthStructDocs];
+}
+
 def Unused : InheritableAttr {
   let Spellings = [CXX11<"", "maybe_unused", 201603>, GCC<"unused">,
                    C23<"", "maybe_unused", 202106>];

clang/include/clang/Basic/AttrDocs.td

@@ -1760,6 +1760,7 @@ Also see the documentation for `@available
 
 def PtrAuthDocs : Documentation {
   let Category = DocCatVariable;
+  let Heading = "__ptrauth, __ptrauth_restricted_intptr";
   let Content = [{
 The ``__ptrauth`` qualifier allows the programmer to directly control
 how pointers are signed when they are stored in a particular variable.
@@ -1917,6 +1918,47 @@ features that implicitly use pointer authentication.
   }];
 }
 
+def PointerAuthStructDocs : Documentation {
+  let Category = DocCatDecl;
+  let Content = [{
+The ``ptrauth_struct`` attribute allows programmers to opt in to using signed
+pointers for all pointers to a particular struct, union, or C++ class type. In
+C++, this also includes references to the type.
+
+The attribute takes two arguments:
+
+- The first argument is the abstract signing key, which should be a constant
+  from ``<ptrauth.h>``.
+- The second argument is a constant discriminator.
+
+These arguments are identical to the arguments to the ``__ptrauth`` qualifier
+except that ``ptrauth_struct`` does not take an argument for enabling address
+diversity.
+
+.. code-block:: c++
+
+  // key=ptrauth_key_process_dependent_data,discriminator=100
+  struct __attribute__((ptrauth_struct(ptrauth_key_process_dependent_data,100))) S0 {
+    int f0[4];
+  };
+
+If a particular pointer to the type is qualified with a ``__ptrauth`` qualifier,
+that qualifier takes precedence over ptrauth_struct:
+
+.. code-block:: c++
+
+  struct __attribute__((ptrauth_struct(ptrauth_key_process_dependent_data,100))) S0 {
+    int f0[4];
+  };
+
+  void test(S0 *s0) {
+    // `p` is signed using `__ptrauth(ptrauth_key_process_dependent_data, 1, 200)`.
+    S0 * __ptrauth(ptrauth_key_process_dependent_data, 1, 200) p = s0;
+  }
+
+  }];
+}
+
 def ExternalSourceSymbolDocs : Documentation {
   let Category = DocCatDecl;
   let Content = [{