[PATCH, BFD, LD, AArch64, 0/4] Add support for AArch64 BTI and PAC in the linker

[Sudakshina Das <Sudi.Das@arm.com>]

Hi

This patch series is aimed at giving support for the new Armv8.3-A 
Pointer Authentication and Armv8.5-A Branch Target Identification 
feature in the linker.

In order to support these, we propose to make the following changes:
1) We have defined .note.gnu.property for AArch64.
2) We have defined a new Program Property type
GNU_PROPERTY_AARCH64_FEATURE_1_AND and used 2 bits to represent
BTI and PAC respectively.
   - GNU_PROPERTY_AARCH64_FEATURE_1_BTI
   - GNU_PROPERTY_AARCH64_FEATURE_1_PAC (We have only reserved this bit
     for now.)
3) We also need custom PLTs when these features are turned on and thus
we have defined the following processor-specific dynamic array tags:
   - DT_AARCH64_BTI_PLT
   - DT_AARCH64_PAC_PLT
Details of these can be found in the new AArch64 ELF documentation:
https://developer.arm.com/docs/ihi0056/latest/elf-for-the-arm-64-bit-architecture-aarch64-abi-2018q4

Command line options:
We introduce a new set of command line options for the linker in order 
to support the correct PLTs
1) --pac-plt : In the presence of this option, the linker uses a PAC 
enabled PLT. It also uses the dynamic tag DT_AARCH64_PAC_PLT to reflect 
the same. Other tools like Objdump can use this to determine the size of 
the PLTs.
2) --bti: In the presence of this option, the linker enables BTI with 
the GNU_PROPERTY_AARCH64_FEATURE_1_BTI feature and also uses a BTI 
enabled PLT. It also uses the dynamic tag DT_AARCH64_BTI_PLT to reflect 
the choice of the PLTs. Other tools like Objdump can use this to 
determine the size of the PLTs. Using this option can give a warning if 
not all input objects are marked with GNU_PROPERTY_AARCH64_FEATURE_1_BTI.
3)--bti-nowarn - Same as above but does not emit any warnings.

In terms of the PLTs, in the presence of both --pac-plt and 
--bti/--bti-nowarn, the linker chooses the PLTs protected with both BTI 
and PAC and uses both DT_AARCH64_PAC_PLT and DT_AARCH64_BTI_PLT.

Interaction between Command line arguments and GNU NOTE section
1) For PAC, in the presence of --pac-plt along with BIND_NOW, the linker 
can choose to ignore the pac-plt directive and use smaller PLTs without 
compromising on security,
2) For BTI, the linker must also check for the 
GNU_PROPERTY_AARCH64_FEATURE_1_BTI in its input. If all inputs have 
GNU_PROPERTY_AARCH64_FEATURE_1_BTI, the final output will also be marked 
as such. The PLT should also be protected with a BTI PLT in this case. 
Thus even if there is no linker option to use BTI PLT, the linker
should be able to use them depending on the NOTE section. The user can 
use the linker option --bti, to make sure that their intention of having 
all input objects (and hence the output) marked with BTI is not 
disrupted by any stray objects as this option will warn about it.


The following patches implement these changes as follows:
[1/4] Add support for GNU PROPERTIES in AArch64 for BTI and PAC:
[2/4] Add --bti-nowarn to enable BTI without warning and to select BTI 
enabled PLTs
[3/4] Add --bti to enable BTI and select BTI enabled PLTs but also warn 
for missing NOTE sections.
[4/4] Add --pac-plt to enable PLTs protected with PAC.

This is my first time making such intrusive changes to the linker. 
Please be kind :P

Thanks
Sudi