Skip to content

Arm-64: Add initial support for PAC-RET #110472

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 79 commits into
base: main
Choose a base branch
from
Draft

Arm-64: Add initial support for PAC-RET #110472

wants to merge 79 commits into from

Conversation

@SwapnilGaikwad
Copy link
Contributor

@SwapnilGaikwad SwapnilGaikwad commented Dec 6, 2024
edited
Loading

This PR introduces initial support for Pointer Authentication (PAC) on Arm64. PAC is a hardware security feature designed to mitigate Return-Oriented Programming (ROP) attacks by cryptographically signing return addresses. The signed return address is stored on the stack and later authenticated before returning from a function, ensuring control flow returns to the intended caller.

More details on PAC and its role in software security can be found (here).

Enabling PAC involves inserting additional instructions into both the function prolog (for signing) and epilog (for authentication). This results in increased code size. For example, we observe a 1.8% increase in code size across System*.dll assemblies compiled using crossgen2.

The added instructions also introduce some runtime overhead. In our benchmark of Orchard CMS 9.0, we observe a 1.3% performance regression, which falls within the noise range (standard deviation: ~1.3%).

@kunalspathak @janvorli @a74nh

Contributes to #109457

@ghost ghost added the area-CodeGen-coreclr CLR JIT compiler in src/coreclr/src/jit and related components such as SuperPMI label Dec 6, 2024
@dotnet-policy-service dotnet-policy-service bot added the community-contribution Indicates that the PR has been added by a community member label Dec 6, 2024
This was referenced Dec 6, 2024
Open
Closed
Closed
Closed
Closed
@a74nh a74nh reopened this Jan 6, 2025
This was referenced Jan 6, 2025
Open
Open
Open
@kunalspathak
Copy link
Contributor

@SwapnilGaikwad - once you resolve the stack walking problem, can you also try something like this in a Foo() method?

paciasp
stp     fp, lr, [sp, #-0x10]!

mov x9, [sp] ;  overwrite lr value with random content
...
...
xpaclri  ; will fail and should give the call stack
...

janvorli
janvorli reviewed Jan 31, 2025
View reviewed changes
@build-analysis build-analysis bot mentioned this pull request Jan 31, 2025
Open
@build-analysis build-analysis bot mentioned this pull request Jul 2, 2025
Open
@risc-vv
Copy link

risc-vv commented Jul 4, 2025

@dotnet/samsung Could you please take a look? These changes may be related to riscv64.

SwapnilGaikwad
SwapnilGaikwad commented Jul 7, 2025
View reviewed changes
src/coreclr/inc/gcinfodecoder.h
return (PCODE)context->Pc;
#elif defined(TARGET_ARM64)
return (PCODE)context->Pc;
return (PCODE) PacStripPtr((void *)context->Pc);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll move these strip operations to the source while populating the context. These are temporarily added until we get all the CI issues fixed.

@AndyAyersMS
Copy link
Member

Have we tried running the diagnostic tests on this yet?

This was referenced Jul 7, 2025
Open
Open
Open
@risc-vv
Copy link

risc-vv commented Jul 8, 2025
edited
Loading

RISC-V Release-CLR-QEMU: 9080 / 9110 (99.67%) 
=======================
      passed: 9080
      failed: 2
     skipped: 599
      killed: 28
------------------------
 TOTAL tests: 9709
VIRTUAL time: 35h 9min 36s 335ms
   REAL time: 35min 56s 818ms
=======================

report.xml, report.md, failures.xml, testclr_details.tar.zst

Build information and commands

GIT: 34401fb08d91f230ca12b3ff311cdf67fd54c858
CI: 78e142fd33020d1c98d51294d2e82d7c5be9fbf2
REPO: dotnet/runtime
BRANCH: main
CONFIG: Release
LIB_CONFIG: Release

@risc-vv
Copy link

risc-vv commented Jul 11, 2025
edited
Loading

RISC-V Release-CLR-VF2: 9083 / 9113 (99.67%) 
=======================
      passed: 9083
      failed: 2
     skipped: 597
      killed: 28
------------------------
 TOTAL tests: 9710
VIRTUAL time: 11h 18min 11s 352ms
   REAL time: 45min 50s 923ms
=======================

report.xml, report.md, failures.xml, testclr_details.tar.zst

RISC-V Release-CLR-QEMU: 9082 / 9112 (99.67%) 
=======================
      passed: 9082
      failed: 2
     skipped: 597
      killed: 28
------------------------
 TOTAL tests: 9709
VIRTUAL time: 37h 32min 14s 532ms
   REAL time: 38min 25s 818ms
=======================

report.xml, report.md, failures.xml, testclr_details.tar.zst

Build information and commands

GIT: 0bc660ee660772ffd6445818cdae223c1345a9a4
CI: d6c9c1ab3a7411819463edc05ded301e89ba586a
REPO: dotnet/runtime
BRANCH: main
CONFIG: Release
LIB_CONFIG: Release

This was referenced Jul 11, 2025
Closed
Closed
Closed
Closed
Closed
@amanasifkhalid
Copy link
Contributor

Have we tried running the diagnostic tests on this yet?

@steveisok is doing this now

@SwapnilGaikwad SwapnilGaikwad mentioned this pull request Jul 17, 2025
Merged
@risc-vv
Copy link

risc-vv commented Jul 29, 2025

@dotnet/samsung Could you please take a look? These changes may be related to riscv64.

@JulieLeeMSFT JulieLeeMSFT added this to the 11.0.0 milestone Aug 11, 2025
@JulieLeeMSFT
Copy link
Member

Moved to .NET 11.

@risc-vv
Copy link

risc-vv commented Aug 17, 2025

@dotnet/samsung Could you please take a look? These changes may be related to riscv64.

@JulieLeeMSFT
Copy link
Member

We will resume the work in .NET 11.

@build-analysis build-analysis bot mentioned this pull request Oct 6, 2025
Open
@JulieLeeMSFT
Copy link
Member

@SwapnilGaikwad, I think this PR needs some work as discussed offline. Can we change this PR to draft until it is ready to review?

@SwapnilGaikwad SwapnilGaikwad marked this pull request as draft October 7, 2025 07:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkotas jkotas jkotas left review comments

@janvorli janvorli janvorli left review comments

@MichalStrehovsky MichalStrehovsky Awaiting requested review from MichalStrehovsky MichalStrehovsky is a code owner

+3 more reviewers

@filipnavara filipnavara filipnavara left review comments

@a74nh a74nh a74nh left review comments

@kunalspathak kunalspathak kunalspathak left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

area-CodeGen-coreclr CLR JIT compiler in src/coreclr/src/jit and related components such as SuperPMI community-contribution Indicates that the PR has been added by a community member

Projects

None yet

Milestone

11.0.0

Development

Successfully merging this pull request may close these issues.

10 participants

@SwapnilGaikwad @kunalspathak @filipnavara @a74nh @AndyAyersMS @jkotas @risc-vv @amanasifkhalid @JulieLeeMSFT @janvorli