* [PATCH 0/5] SFrame: add support for .cfi_b_key_frame @ 2022-12-14 20:07 Indu Bhagat 2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat ` (5 more replies) 0 siblings, 6 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat Hello, This patchset adds support for handling the .cfi_b_key_frame assembler directive to the SFrame format: SFrame format representation now allows to encode which of the pauth A key / B key are used (for signing return addresses on aarch64), and gas, readelf/objdump now allow for generation and textual dump of this information. Testing notes: - Regression tested cross build of several targets on an x86_64 host and an aarch64 host using a regression script that checks for failures in gas, ld, binutils, libctf and libsframe. - Regression tested native builds on x86_64 and aarch64. - binutils/gdb try bot showed no new regressions. PS: This patchset assumes that the SFrame support for .cfi_negate_ra_state is in place already. Please apply the recently sent "[PATCH 0/6] SFrame: support for .cfi_negate_ra_state in aarch64" series prior to applying this series, if you intend to experiment with this patchset. Thanks, Indu Bhagat (5): [1/5] sframe.h: add support for .cfi_b_key_frame [2/5] gas: sframe: add support for .cfi_b_key_frame [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame [5/5] sframe: doc: update documentation for pauth key in SFrame FDE gas/gen-sframe.c | 26 +++++++++++--- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 ++ .../cfi-sframe-aarch64-pac-ab-key-1.d | 25 +++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + include/sframe.h | 25 +++++++++---- libsframe/doc/sframe-spec.texi | 8 ++++- libsframe/sframe-dump.c | 19 ++++++++++ 9 files changed, 133 insertions(+), 12 deletions(-) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat @ 2022-12-14 20:07 ` Indu Bhagat 2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat ` (4 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat ARM 8.3 provides five separate keys that can be used to authenticate pointers. There are two key for executable (instruction) pointers. The enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys: enum pointer_auth_key { AARCH64_PAUTH_KEY_A, AARCH64_PAUTH_KEY_B }; Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame FDE to indicate which key is used for signing the frame's return addresses: - SFRAME_AARCH64_PAUTH_KEY_A has a value of 0 - SFRAME_AARCH64_PAUTH_KEY_B has a value of 1 Note that the information in this bit will always be used along with the mangled_ra_p bit, the latter indicates whether the return addresses are mangled/contain PAC auth bits. include/ChangeLog: * sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition. (SFRAME_AARCH64_PAUTH_KEY_B): Likewise. (SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key. (SFRAME_V1_FUNC_PAUTH_KEY): New macro. (SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise. --- include/sframe.h | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/include/sframe.h b/include/sframe.h index b2bd41a724e..77071c99d90 100644 --- a/include/sframe.h +++ b/include/sframe.h @@ -165,6 +165,10 @@ typedef struct sframe_header #define SFRAME_V1_HDR_SIZE(sframe_hdr) \ ((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len)) +/* Two possible keys for executable (instruction) pointers signing. */ +#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */ +#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */ + typedef struct sframe_func_desc_entry { /* Function start address. Encoded as a signed offset, relative to the @@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry function. - 4-bits: Identify the FRE type used for the function. - 1-bit: Identify the FDE type of the function - mask or inc. - - 3-bits: Unused. - -------------------------------------------- - | Unused | FDE type | FRE type | - -------------------------------------------- - 8 5 4 0 */ + - 1-bit: PAC authorization A/B key (aarch64). + - 2-bits: Unused. + ------------------------------------------------------------------------ + | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type | + | | Unused (amd64) | | | + ------------------------------------------------------------------------ + 8 6 5 4 0 */ uint8_t sfde_func_info; } ATTRIBUTE_PACKED sframe_func_desc_entry; /* Macros to compose and decompose function info in FDE. */ +/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */ #define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \ - ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) + (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \ + (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) #define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf) #define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1) +#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1) + +/* Set the pauth key as indicated. */ +#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \ + ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf)) /* Size of stack frame offsets in an SFrame Frame Row Entry. A single SFrame FRE has all offsets of the same size. Offset size may vary -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat @ 2022-12-14 20:07 ` Indu Bhagat 2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat ` (3 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat Gather the information from the DWARF FDE on whether frame's return addresses are signed using the B key or A key. Reflect the information in the SFrame counterpart data structure, the SFrame FDE. ChangeLog: * gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition. (sframe_v1_set_func_info): Add new argument for pauth_key. (sframe_set_func_info): Likewise. (output_sframe_funcdesc): Likewise. * gas/gen-sframe.h (struct sframe_version_ops): Add new argument to the function pointer declaration. * gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key. --- gas/gen-sframe.c | 26 ++++++++++++++++++++++---- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 +++ 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c index f31a66da377..5a642f9a683 100644 --- a/gas/gen-sframe.c +++ b/gas/gen-sframe.c @@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde) return dw_fde->end_address; } +/* Get whether PAUTH B key is used. */ +static bool +get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED) +{ +#ifdef tc_fde_entry_extras + return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B); +#else + return false; +#endif +} + /* SFrame Frame Row Entry (FRE) related functions. */ static void @@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame (SFRAME_VERSION_1) set function info. */ static unsigned char -sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { unsigned char func_info; func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info); return func_info; } @@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame set func info. */ ATTRIBUTE_UNUSED static unsigned char -sframe_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { - return sframe_ver_ops.set_func_info (fde_type, fre_type); + return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key); } /* Get the number of SFrame FDEs for the current file. */ @@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, expressionS exp; unsigned int addr_size; symbolS *dw_fde_start_addrS, *dw_fde_end_addrS; + unsigned int pauth_key; addr_size = SFRAME_RELOC_SIZE; dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde); @@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, /* SFrame FDE function info. */ unsigned char func_info; + pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde) + ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A); func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC, - SFRAME_FRE_TYPE_ADDR4); + SFRAME_FRE_TYPE_ADDR4, + pauth_key); #if SFRAME_FRE_TYPE_SELECTION_OPT expressionS cexp; create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS, diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h index aa8be5df457..590bf7b505b 100644 --- a/gas/gen-sframe.h +++ b/gas/gen-sframe.h @@ -146,7 +146,7 @@ struct sframe_version_ops unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int, bool); /* set SFrame Func info. */ - unsigned char (*set_func_info) (unsigned int, unsigned int); + unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int); }; /* Generate SFrame unwind info and prepare contents for the output. diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c index f08a424fd88..cf7ca5c1893 100644 --- a/gas/sframe-opt.c +++ b/gas/sframe-opt.c @@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag) offsetT rest_of_data; uint8_t fde_type, fre_type; + uint8_t pauth_key; expressionS *exp; symbolS *dataS; @@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag) dataS = exp->X_add_symbol; rest_of_data = (symbol_get_value_expression(dataS))->X_add_number; fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data); + pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data); gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC); /* Calculate the applicable fre_type. */ @@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag) /* Create the new function info. */ value = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value); frag->fr_literal[frag->fr_fix] = value; } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat @ 2022-12-14 20:07 ` Indu Bhagat 2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat ` (2 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat ChangeLog: * libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New definition. (dump_sframe_func_with_fres): emit a string if B key is used. --- libsframe/sframe-dump.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c index 8e5cd6116ef..6c655655ab3 100644 --- a/libsframe/sframe-dump.c +++ b/libsframe/sframe-dump.c @@ -25,6 +25,21 @@ #define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50 +/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */ + +static bool +is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx) +{ + bool aarch64_p = false; + + unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx); + if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG) + || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE)) + aarch64_p = true; + + return aarch64_p; +} + static void dump_sframe_header (sframe_decoder_ctx *sfd_ctx) { @@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx, func_start_pc_vma, func_size); + if (is_sframe_abi_arch_aarch64 (sfd_ctx) + && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B)) + printf (", pauth = B key"); + char temp[100]; memset (temp, 0, 100); -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat ` (2 preceding siblings ...) 2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat @ 2022-12-14 20:07 ` Indu Bhagat 2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat This is actually a composite test that checks the behaviour of both the .cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64. ChangeLog: * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d: New test. * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s: Likewise. * testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test. --- .../cfi-sframe-aarch64-pac-ab-key-1.d | 25 +++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + 3 files changed, 62 insertions(+) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d new file mode 100644 index 00000000000..46d932f9db7 --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d @@ -0,0 +1,25 @@ +#as: --gsframe +#objdump: --sframe=.sframe +#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test +#... +Contents of the SFrame section .sframe: + + Header : + + Version: SFRAME_VERSION_1 + Flags: NONE + Num FDEs: 2 + Num FREs: 4 + + Function Index : + func idx \[0\]: pc = 0x0, size = 12 bytes + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + + func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + +#pass diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s new file mode 100644 index 00000000000..d9a408c668c --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s @@ -0,0 +1,36 @@ +## same as aarch64/pac_ab_key.s + .arch armv8-a + .text + .align 2 + .global _Z5foo_av + .type _Z5foo_av, %function +_Z5foo_av: +.LFB0: + .cfi_startproc + hint 25 // paciasp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + ret + .cfi_endproc +.LFE0: + .size _Z5foo_av, .-_Z5foo_av + .align 2 + .global _Z5foo_bv + .type _Z5foo_bv, %function +_Z5foo_bv: +.LFB1: + .cfi_startproc + .cfi_b_key_frame + hint 27 // pacibsp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + nop + nop + ret + .cfi_endproc diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp index f001fad0e8e..fa153fc52b3 100644 --- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp @@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then { if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then { run_dump_test "cfi-sframe-aarch64-1" run_dump_test "cfi-sframe-aarch64-2" + run_dump_test "cfi-sframe-aarch64-pac-ab-key-1" } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat ` (3 preceding siblings ...) 2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat @ 2022-12-14 20:07 ` Indu Bhagat 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw) To: binutils; +Cc: Indu Bhagat ChangeLog: * libsframe/doc/sframe-spec.texi --- libsframe/doc/sframe-spec.texi | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi index fa66d801dd3..345b8f93036 100644 --- a/libsframe/doc/sframe-spec.texi +++ b/libsframe/doc/sframe-spec.texi @@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB: @multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).} @headitem Bit offset @tab Name @tab Description -@item 7--5 +@item 7--6 @tab @code{unused} @tab Unused bits. +@item 5 +@tab @code{pauth_key} +@tab Specify which key is used for signing the return addresses in the SFrame +FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or +SFRAME_AARCH64_PAUTH_KEY_B (1). + @item 4 @tab @code{fdetype} @tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}. -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat ` (4 preceding siblings ...) 2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat @ 2022-12-19 15:36 ` Nick Clifton 2022-12-19 17:27 ` Indu Bhagat ` (2 more replies) 5 siblings, 3 replies; 23+ messages in thread From: Nick Clifton @ 2022-12-19 15:36 UTC (permalink / raw) To: Indu Bhagat, binutils Hi Indu, > - Regression tested cross build of several targets on an x86_64 host and an > aarch64 host using a regression script that checks for failures in gas, ld, > binutils, libctf and libsframe. With this patch series applied on top of today's (19 dec) sources I see one new failure in the gas testsuite for a toolchain configured as aarch64-linux-gnu: regexp_diff match failure regexp "^ Num FREs: 4$" line " Num FREs: 6" regexp_diff match failure regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$" line " 0000000000000004 sp+0 u u[s] " regexp_diff match failure regexp "^ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key$" line " 0000000000000008 sp+16 c-16 c-8[s] " regexp_diff match failure regexp "^ STARTPC + CFA + FP + RA +$" line " func idx [1]: pc = 0x0, size = 20 bytes, pauth = B key" regexp_diff match failure regexp "^ 0+0000 +sp\+0 +u +u +$" line " STARTPC CFA FP RA " regexp_diff match failure regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$" line " 0000000000000000 sp+0 u u " FAIL: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test Possibly this is because another patch needs to be applied first ? Please could you check and let me know. Cheers Nick ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton @ 2022-12-19 17:27 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat 2022-12-19 21:14 ` [PATCH, " Indu Bhagat 2 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 17:27 UTC (permalink / raw) To: Nick Clifton, binutils On 12/19/22 7:36 AM, Nick Clifton wrote: > Hi Indu, > >> - Regression tested cross build of several targets on an x86_64 host >> and an >> aarch64 host using a regression script that checks for failures in >> gas, ld, >> binutils, libctf and libsframe. > > With this patch series applied on top of today's (19 dec) sources I see one > new failure in the gas testsuite for a toolchain configured as > aarch64-linux-gnu: > > regexp_diff match failure > regexp "^ Num FREs: 4$" > line " Num FREs: 6" > regexp_diff match failure > regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$" > line " 0000000000000004 sp+0 u u[s] " > regexp_diff match failure > regexp "^ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key$" > line " 0000000000000008 sp+16 c-16 c-8[s] " > regexp_diff match failure > regexp "^ STARTPC + CFA + FP + RA +$" > line " func idx [1]: pc = 0x0, size = 20 bytes, pauth = B key" > regexp_diff match failure > regexp "^ 0+0000 +sp\+0 +u +u +$" > line " STARTPC CFA FP RA " > regexp_diff match failure > regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$" > line " 0000000000000000 sp+0 u u " > FAIL: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test > > Possibly this is because another patch needs to be applied first ? > Please could > you check and let me know. > This series now needs to be rebased with some changes to the testsuite necessary. This is because the V2 version of the series which added support for .cfi_negate_ra_state was committed with "[s]" being emitted when RA is in register or stack. Will rebase, post V2 after retesting. Thanks Indu ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton 2022-12-19 17:27 ` Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat ` (5 more replies) 2022-12-19 21:14 ` [PATCH, " Indu Bhagat 2 siblings, 6 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [Changes from V1] - Rebased on latest trunk. - Fixed the testcase as we now emit "[s]" marker for both mangled RA in register and stack. [End of changes in V1] Thanks ---------------------- Hello, This patchset adds support for handling the .cfi_b_key_frame assembler directive to the SFrame format: SFrame format representation now allows to encode which of the pauth A key / B key are used (for signing return addresses on aarch64), and gas, readelf/objdump now allow for generation and textual dump of this information. Testing notes: - Regression tested cross build of several targets on an x86_64 host and an aarch64 host using a regression script that checks for failures in gas, ld, binutils, libctf and libsframe. - Regression tested native builds on x86_64 and aarch64. - binutils/gdb try bot showed no new regressions. Thanks, Indu Bhagat (5): [1/5] sframe.h: add support for .cfi_b_key_frame [2/5] gas: sframe: add support for .cfi_b_key_frame [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame [5/5] sframe: doc: update documentation for pauth key in SFrame FDE gas/gen-sframe.c | 26 +++++++++++--- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 ++ .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + include/sframe.h | 25 +++++++++---- libsframe/doc/sframe-spec.texi | 8 ++++- libsframe/sframe-dump.c | 19 ++++++++++ 9 files changed, 135 insertions(+), 12 deletions(-) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat ` (4 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ARM 8.3 provides five separate keys that can be used to authenticate pointers. There are two keys for executable (instruction) pointers. The enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys: enum pointer_auth_key { AARCH64_PAUTH_KEY_A, AARCH64_PAUTH_KEY_B }; Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame FDE to indicate which key is used for signing the frame's return addresses: - SFRAME_AARCH64_PAUTH_KEY_A has a value of 0 - SFRAME_AARCH64_PAUTH_KEY_B has a value of 1 Note that the information in this bit will always be used along with the mangled_ra_p bit, the latter indicates whether the return addresses are mangled/contain PAC auth bits. include/ChangeLog: * sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition. (SFRAME_AARCH64_PAUTH_KEY_B): Likewise. (SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key. (SFRAME_V1_FUNC_PAUTH_KEY): New macro. (SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise. --- include/sframe.h | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/include/sframe.h b/include/sframe.h index b2bd41a724e..1d0c12058ac 100644 --- a/include/sframe.h +++ b/include/sframe.h @@ -165,6 +165,10 @@ typedef struct sframe_header #define SFRAME_V1_HDR_SIZE(sframe_hdr) \ ((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len)) +/* Two possible keys for executable (instruction) pointers signing. */ +#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */ +#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */ + typedef struct sframe_func_desc_entry { /* Function start address. Encoded as a signed offset, relative to the @@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry function. - 4-bits: Identify the FRE type used for the function. - 1-bit: Identify the FDE type of the function - mask or inc. - - 3-bits: Unused. - -------------------------------------------- - | Unused | FDE type | FRE type | - -------------------------------------------- - 8 5 4 0 */ + - 1-bit: PAC authorization A/B key (aarch64). + - 2-bits: Unused. + -------------------------------------------------------------------------- + | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type | + | | Unused (amd64) | | | + -------------------------------------------------------------------------- + 8 6 5 4 0 */ uint8_t sfde_func_info; } ATTRIBUTE_PACKED sframe_func_desc_entry; /* Macros to compose and decompose function info in FDE. */ +/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */ #define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \ - ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) + (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \ + (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) #define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf) #define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1) +#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1) + +/* Set the pauth key as indicated. */ +#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \ + ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf)) /* Size of stack frame offsets in an SFrame Frame Row Entry. A single SFrame FRE has all offsets of the same size. Offset size may vary -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat ` (3 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] Gather the information from the DWARF FDE on whether frame's return addresses are signed using the B key or A key. Reflect the information in the SFrame counterpart data structure, the SFrame FDE. ChangeLog: * gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition. (sframe_v1_set_func_info): Add new argument for pauth_key. (sframe_set_func_info): Likewise. (output_sframe_funcdesc): Likewise. * gas/gen-sframe.h (struct sframe_version_ops): Add new argument to the function pointer declaration. * gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key. --- gas/gen-sframe.c | 26 ++++++++++++++++++++++---- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 +++ 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c index 9baf20bd873..76f8529d740 100644 --- a/gas/gen-sframe.c +++ b/gas/gen-sframe.c @@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde) return dw_fde->end_address; } +/* Get whether PAUTH B key is used. */ +static bool +get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED) +{ +#ifdef tc_fde_entry_extras + return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B); +#else + return false; +#endif +} + /* SFrame Frame Row Entry (FRE) related functions. */ static void @@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame (SFRAME_VERSION_1) set function info. */ static unsigned char -sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { unsigned char func_info; func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info); return func_info; } @@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame set func info. */ ATTRIBUTE_UNUSED static unsigned char -sframe_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { - return sframe_ver_ops.set_func_info (fde_type, fre_type); + return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key); } /* Get the number of SFrame FDEs for the current file. */ @@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, expressionS exp; unsigned int addr_size; symbolS *dw_fde_start_addrS, *dw_fde_end_addrS; + unsigned int pauth_key; addr_size = SFRAME_RELOC_SIZE; dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde); @@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, /* SFrame FDE function info. */ unsigned char func_info; + pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde) + ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A); func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC, - SFRAME_FRE_TYPE_ADDR4); + SFRAME_FRE_TYPE_ADDR4, + pauth_key); #if SFRAME_FRE_TYPE_SELECTION_OPT expressionS cexp; create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS, diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h index 5d5702a57ca..eb43c3a07a5 100644 --- a/gas/gen-sframe.h +++ b/gas/gen-sframe.h @@ -146,7 +146,7 @@ struct sframe_version_ops unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int, bool); /* set SFrame Func info. */ - unsigned char (*set_func_info) (unsigned int, unsigned int); + unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int); }; /* Generate SFrame unwind info and prepare contents for the output. diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c index f08a424fd88..cf7ca5c1893 100644 --- a/gas/sframe-opt.c +++ b/gas/sframe-opt.c @@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag) offsetT rest_of_data; uint8_t fde_type, fre_type; + uint8_t pauth_key; expressionS *exp; symbolS *dataS; @@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag) dataS = exp->X_add_symbol; rest_of_data = (symbol_get_value_expression(dataS))->X_add_number; fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data); + pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data); gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC); /* Calculate the applicable fre_type. */ @@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag) /* Create the new function info. */ value = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value); frag->fr_literal[frag->fr_fix] = value; } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat ` (2 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ChangeLog: * libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New definition. (dump_sframe_func_with_fres): emit a string if B key is used. --- libsframe/sframe-dump.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c index 5f778bee338..c00ff401685 100644 --- a/libsframe/sframe-dump.c +++ b/libsframe/sframe-dump.c @@ -25,6 +25,21 @@ #define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50 +/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */ + +static bool +is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx) +{ + bool aarch64_p = false; + + unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx); + if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG) + || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE)) + aarch64_p = true; + + return aarch64_p; +} + static void dump_sframe_header (sframe_decoder_ctx *sfd_ctx) { @@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx, func_start_pc_vma, func_size); + if (is_sframe_abi_arch_aarch64 (sfd_ctx) + && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B)) + printf (", pauth = B key"); + char temp[100]; memset (temp, 0, 100); -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat ` (2 preceding siblings ...) 2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [Changes in V2] - Adjust the testcase as we now emit "[s]" marker when the return address in either reg / stack is mangled. [End of changes in V2] This is actually a composite test that checks the behaviour of both the .cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64. ChangeLog: * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d: New test. * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s: Likewise. * testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test. --- .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + 3 files changed, 64 insertions(+) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d new file mode 100644 index 00000000000..666a94101ab --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d @@ -0,0 +1,27 @@ +#as: --gsframe +#objdump: --sframe=.sframe +#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test +#... +Contents of the SFrame section .sframe: + + Header : + + Version: SFRAME_VERSION_1 + Flags: NONE + Num FDEs: 2 + Num FREs: 6 + + Function Index : + func idx \[0\]: pc = 0x0, size = 12 bytes + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0004 +sp\+0 +u +u\[s\] + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + + func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0004 +sp\+0 +u +u\[s\] + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + +#pass diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s new file mode 100644 index 00000000000..d9a408c668c --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s @@ -0,0 +1,36 @@ +## same as aarch64/pac_ab_key.s + .arch armv8-a + .text + .align 2 + .global _Z5foo_av + .type _Z5foo_av, %function +_Z5foo_av: +.LFB0: + .cfi_startproc + hint 25 // paciasp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + ret + .cfi_endproc +.LFE0: + .size _Z5foo_av, .-_Z5foo_av + .align 2 + .global _Z5foo_bv + .type _Z5foo_bv, %function +_Z5foo_bv: +.LFB1: + .cfi_startproc + .cfi_b_key_frame + hint 27 // pacibsp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + nop + nop + ret + .cfi_endproc diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp index f001fad0e8e..fa153fc52b3 100644 --- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp @@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then { if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then { run_dump_test "cfi-sframe-aarch64-1" run_dump_test "cfi-sframe-aarch64-2" + run_dump_test "cfi-sframe-aarch64-pac-ab-key-1" } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat ` (3 preceding siblings ...) 2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat @ 2022-12-19 20:23 ` Indu Bhagat 2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ChangeLog: * libsframe/doc/sframe-spec.texi --- libsframe/doc/sframe-spec.texi | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi index fa66d801dd3..345b8f93036 100644 --- a/libsframe/doc/sframe-spec.texi +++ b/libsframe/doc/sframe-spec.texi @@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB: @multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).} @headitem Bit offset @tab Name @tab Description -@item 7--5 +@item 7--6 @tab @code{unused} @tab Unused bits. +@item 5 +@tab @code{pauth_key} +@tab Specify which key is used for signing the return addresses in the SFrame +FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or +SFRAME_AARCH64_PAUTH_KEY_B (1). + @item 4 @tab @code{fdetype} @tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}. -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat ` (4 preceding siblings ...) 2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat @ 2022-12-19 21:11 ` Indu Bhagat 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:11 UTC (permalink / raw) To: binutils; +Cc: nickc Er..no. This series is not committed yet. I meant to send this as [PATCH, V2] for approval before commit. Sending another email with the correct subject. Sorry about this Indu On 12/19/22 12:23 PM, Indu Bhagat wrote: > [Changes from V1] > - Rebased on latest trunk. > - Fixed the testcase as we now emit "[s]" marker for both mangled RA in > register and stack. > [End of changes in V1] > > Thanks > > ---------------------- > > Hello, > > This patchset adds support for handling the .cfi_b_key_frame assembler > directive to the SFrame format: SFrame format representation now allows to > encode which of the pauth A key / B key are used (for signing return > addresses on aarch64), and gas, readelf/objdump now allow for generation > and textual dump of this information. > > Testing notes: > > - Regression tested cross build of several targets on an x86_64 host and an > aarch64 host using a regression script that checks for failures in gas, ld, > binutils, libctf and libsframe. > - Regression tested native builds on x86_64 and aarch64. > - binutils/gdb try bot showed no new regressions. > > Thanks, > Indu Bhagat (5): > [1/5] sframe.h: add support for .cfi_b_key_frame > [2/5] gas: sframe: add support for .cfi_b_key_frame > [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key > [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame > [5/5] sframe: doc: update documentation for pauth key in SFrame FDE > > gas/gen-sframe.c | 26 +++++++++++--- > gas/gen-sframe.h | 2 +- > gas/sframe-opt.c | 3 ++ > .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ > .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ > gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + > include/sframe.h | 25 +++++++++---- > libsframe/doc/sframe-spec.texi | 8 ++++- > libsframe/sframe-dump.c | 19 ++++++++++ > 9 files changed, 135 insertions(+), 12 deletions(-) > create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d > create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s > ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton 2022-12-19 17:27 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat ` (5 more replies) 2 siblings, 6 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [Changes from V1] - Rebased on latest trunk. - Fixed the testcase as we now emit "[s]" marker for both mangled RA in register and stack. [End of changes in V1] Thanks ---------------------- Hello, This patchset adds support for handling the .cfi_b_key_frame assembler directive to the SFrame format: SFrame format representation now allows to encode which of the pauth A key / B key are used (for signing return addresses on aarch64), and gas, readelf/objdump now allow for generation and textual dump of this information. Testing notes: - Regression tested cross build of several targets on an x86_64 host and an aarch64 host using a regression script that checks for failures in gas, ld, binutils, libctf and libsframe. - Regression tested native builds on x86_64 and aarch64. - binutils/gdb try bot showed no new regressions. Thanks, Indu Bhagat (5): [1/5] sframe.h: add support for .cfi_b_key_frame [2/5] gas: sframe: add support for .cfi_b_key_frame [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame [5/5] sframe: doc: update documentation for pauth key in SFrame FDE gas/gen-sframe.c | 26 +++++++++++--- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 ++ .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + include/sframe.h | 25 +++++++++---- libsframe/doc/sframe-spec.texi | 8 ++++- libsframe/sframe-dump.c | 19 ++++++++++ 9 files changed, 135 insertions(+), 12 deletions(-) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame 2022-12-19 21:14 ` [PATCH, " Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat ` (4 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ARM 8.3 provides five separate keys that can be used to authenticate pointers. There are two key for executable (instruction) pointers. The enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys: enum pointer_auth_key { AARCH64_PAUTH_KEY_A, AARCH64_PAUTH_KEY_B }; Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame FDE to indicate which key is used for signing the frame's return addresses: - SFRAME_AARCH64_PAUTH_KEY_A has a value of 0 - SFRAME_AARCH64_PAUTH_KEY_B has a value of 1 Note that the information in this bit will always be used along with the mangled_ra_p bit, the latter indicates whether the return addresses are mangled/contain PAC auth bits. include/ChangeLog: * sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition. (SFRAME_AARCH64_PAUTH_KEY_B): Likewise. (SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key. (SFRAME_V1_FUNC_PAUTH_KEY): New macro. (SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise. --- include/sframe.h | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/include/sframe.h b/include/sframe.h index b2bd41a724e..77071c99d90 100644 --- a/include/sframe.h +++ b/include/sframe.h @@ -165,6 +165,10 @@ typedef struct sframe_header #define SFRAME_V1_HDR_SIZE(sframe_hdr) \ ((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len)) +/* Two possible keys for executable (instruction) pointers signing. */ +#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */ +#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */ + typedef struct sframe_func_desc_entry { /* Function start address. Encoded as a signed offset, relative to the @@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry function. - 4-bits: Identify the FRE type used for the function. - 1-bit: Identify the FDE type of the function - mask or inc. - - 3-bits: Unused. - -------------------------------------------- - | Unused | FDE type | FRE type | - -------------------------------------------- - 8 5 4 0 */ + - 1-bit: PAC authorization A/B key (aarch64). + - 2-bits: Unused. + ------------------------------------------------------------------------ + | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type | + | | Unused (amd64) | | | + ------------------------------------------------------------------------ + 8 6 5 4 0 */ uint8_t sfde_func_info; } ATTRIBUTE_PACKED sframe_func_desc_entry; /* Macros to compose and decompose function info in FDE. */ +/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */ #define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \ - ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) + (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \ + (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) #define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf) #define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1) +#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1) + +/* Set the pauth key as indicated. */ +#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \ + ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf)) /* Size of stack frame offsets in an SFrame Frame Row Entry. A single SFrame FRE has all offsets of the same size. Offset size may vary -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame 2022-12-19 21:14 ` [PATCH, " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat ` (3 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] Gather the information from the DWARF FDE on whether frame's return addresses are signed using the B key or A key. Reflect the information in the SFrame counterpart data structure, the SFrame FDE. ChangeLog: * gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition. (sframe_v1_set_func_info): Add new argument for pauth_key. (sframe_set_func_info): Likewise. (output_sframe_funcdesc): Likewise. * gas/gen-sframe.h (struct sframe_version_ops): Add new argument to the function pointer declaration. * gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key. --- gas/gen-sframe.c | 26 ++++++++++++++++++++++---- gas/gen-sframe.h | 2 +- gas/sframe-opt.c | 3 +++ 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c index 9baf20bd873..76f8529d740 100644 --- a/gas/gen-sframe.c +++ b/gas/gen-sframe.c @@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde) return dw_fde->end_address; } +/* Get whether PAUTH B key is used. */ +static bool +get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED) +{ +#ifdef tc_fde_entry_extras + return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B); +#else + return false; +#endif +} + /* SFrame Frame Row Entry (FRE) related functions. */ static void @@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame (SFRAME_VERSION_1) set function info. */ static unsigned char -sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { unsigned char func_info; func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info); return func_info; } @@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets, /* SFrame set func info. */ ATTRIBUTE_UNUSED static unsigned char -sframe_set_func_info (unsigned int fde_type, unsigned int fre_type) +sframe_set_func_info (unsigned int fde_type, unsigned int fre_type, + unsigned int pauth_key) { - return sframe_ver_ops.set_func_info (fde_type, fre_type); + return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key); } /* Get the number of SFrame FDEs for the current file. */ @@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, expressionS exp; unsigned int addr_size; symbolS *dw_fde_start_addrS, *dw_fde_end_addrS; + unsigned int pauth_key; addr_size = SFRAME_RELOC_SIZE; dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde); @@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section, /* SFrame FDE function info. */ unsigned char func_info; + pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde) + ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A); func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC, - SFRAME_FRE_TYPE_ADDR4); + SFRAME_FRE_TYPE_ADDR4, + pauth_key); #if SFRAME_FRE_TYPE_SELECTION_OPT expressionS cexp; create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS, diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h index 5d5702a57ca..eb43c3a07a5 100644 --- a/gas/gen-sframe.h +++ b/gas/gen-sframe.h @@ -146,7 +146,7 @@ struct sframe_version_ops unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int, bool); /* set SFrame Func info. */ - unsigned char (*set_func_info) (unsigned int, unsigned int); + unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int); }; /* Generate SFrame unwind info and prepare contents for the output. diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c index f08a424fd88..cf7ca5c1893 100644 --- a/gas/sframe-opt.c +++ b/gas/sframe-opt.c @@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag) offsetT rest_of_data; uint8_t fde_type, fre_type; + uint8_t pauth_key; expressionS *exp; symbolS *dataS; @@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag) dataS = exp->X_add_symbol; rest_of_data = (symbol_get_value_expression(dataS))->X_add_number; fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data); + pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data); gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC); /* Calculate the applicable fre_type. */ @@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag) /* Create the new function info. */ value = SFRAME_V1_FUNC_INFO (fde_type, fre_type); + value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value); frag->fr_literal[frag->fr_fix] = value; } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key 2022-12-19 21:14 ` [PATCH, " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat ` (2 subsequent siblings) 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ChangeLog: * libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New definition. (dump_sframe_func_with_fres): emit a string if B key is used. --- libsframe/sframe-dump.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c index 5f778bee338..c00ff401685 100644 --- a/libsframe/sframe-dump.c +++ b/libsframe/sframe-dump.c @@ -25,6 +25,21 @@ #define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50 +/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */ + +static bool +is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx) +{ + bool aarch64_p = false; + + unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx); + if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG) + || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE)) + aarch64_p = true; + + return aarch64_p; +} + static void dump_sframe_header (sframe_decoder_ctx *sfd_ctx) { @@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx, func_start_pc_vma, func_size); + if (is_sframe_abi_arch_aarch64 (sfd_ctx) + && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B)) + printf (", pauth = B key"); + char temp[100]; memset (temp, 0, 100); -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame 2022-12-19 21:14 ` [PATCH, " Indu Bhagat ` (2 preceding siblings ...) 2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [Changes in V2] - Update testcase to expect "[s]" marker when return address in reg or stack is mangled. [End of changes in V2] This is actually a composite test that checks the behaviour of both the .cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64. ChangeLog: * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d: New test. * testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s: Likewise. * testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test. --- .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + 3 files changed, 64 insertions(+) create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d new file mode 100644 index 00000000000..666a94101ab --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d @@ -0,0 +1,27 @@ +#as: --gsframe +#objdump: --sframe=.sframe +#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test +#... +Contents of the SFrame section .sframe: + + Header : + + Version: SFRAME_VERSION_1 + Flags: NONE + Num FDEs: 2 + Num FREs: 6 + + Function Index : + func idx \[0\]: pc = 0x0, size = 12 bytes + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0004 +sp\+0 +u +u\[s\] + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + + func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key + STARTPC + CFA + FP + RA + + 0+0000 +sp\+0 +u +u + + 0+0004 +sp\+0 +u +u\[s\] + + 0+0008 +sp\+16 +c-16 +c-8\[s\] + + +#pass diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s new file mode 100644 index 00000000000..d9a408c668c --- /dev/null +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s @@ -0,0 +1,36 @@ +## same as aarch64/pac_ab_key.s + .arch armv8-a + .text + .align 2 + .global _Z5foo_av + .type _Z5foo_av, %function +_Z5foo_av: +.LFB0: + .cfi_startproc + hint 25 // paciasp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + ret + .cfi_endproc +.LFE0: + .size _Z5foo_av, .-_Z5foo_av + .align 2 + .global _Z5foo_bv + .type _Z5foo_bv, %function +_Z5foo_bv: +.LFB1: + .cfi_startproc + .cfi_b_key_frame + hint 27 // pacibsp + .cfi_window_save + stp x29, x30, [sp, -16]! + .cfi_def_cfa_offset 16 + .cfi_offset 29, -16 + .cfi_offset 30, -8 + nop + nop + ret + .cfi_endproc diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp index f001fad0e8e..fa153fc52b3 100644 --- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp @@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then { if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then { run_dump_test "cfi-sframe-aarch64-1" run_dump_test "cfi-sframe-aarch64-2" + run_dump_test "cfi-sframe-aarch64-pac-ab-key-1" } -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE 2022-12-19 21:14 ` [PATCH, " Indu Bhagat ` (3 preceding siblings ...) 2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat @ 2022-12-19 21:14 ` Indu Bhagat 2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 5 siblings, 0 replies; 23+ messages in thread From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw) To: binutils; +Cc: nickc, Indu Bhagat [No changes in V2] ChangeLog: * libsframe/doc/sframe-spec.texi --- libsframe/doc/sframe-spec.texi | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi index fa66d801dd3..345b8f93036 100644 --- a/libsframe/doc/sframe-spec.texi +++ b/libsframe/doc/sframe-spec.texi @@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB: @multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).} @headitem Bit offset @tab Name @tab Description -@item 7--5 +@item 7--6 @tab @code{unused} @tab Unused bits. +@item 5 +@tab @code{pauth_key} +@tab Specify which key is used for signing the return addresses in the SFrame +FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or +SFRAME_AARCH64_PAUTH_KEY_B (1). + @item 4 @tab @code{fdetype} @tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}. -- 2.37.2 ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-19 21:14 ` [PATCH, " Indu Bhagat ` (4 preceding siblings ...) 2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat @ 2022-12-21 18:19 ` Indu Bhagat 2022-12-22 8:40 ` Nick Clifton 5 siblings, 1 reply; 23+ messages in thread From: Indu Bhagat @ 2022-12-21 18:19 UTC (permalink / raw) To: binutils; +Cc: nickc PING. This patch series has not been committed. I earlier sent the series as "[COMMITTED, V2]" by mistake; so this needs an OK before I can commit it. Thanks On 12/19/22 13:14, Indu Bhagat wrote: > [Changes from V1] > - Rebased on latest trunk. > - Fixed the testcase as we now emit "[s]" marker for both mangled RA in > register and stack. > [End of changes in V1] > > Thanks > > ---------------------- > > Hello, > > This patchset adds support for handling the .cfi_b_key_frame assembler > directive to the SFrame format: SFrame format representation now allows to > encode which of the pauth A key / B key are used (for signing return > addresses on aarch64), and gas, readelf/objdump now allow for generation > and textual dump of this information. > > Testing notes: > > - Regression tested cross build of several targets on an x86_64 host and an > aarch64 host using a regression script that checks for failures in gas, ld, > binutils, libctf and libsframe. > - Regression tested native builds on x86_64 and aarch64. > - binutils/gdb try bot showed no new regressions. > > Thanks, > Indu Bhagat (5): > [1/5] sframe.h: add support for .cfi_b_key_frame > [2/5] gas: sframe: add support for .cfi_b_key_frame > [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key > [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame > [5/5] sframe: doc: update documentation for pauth key in SFrame FDE > > gas/gen-sframe.c | 26 +++++++++++--- > gas/gen-sframe.h | 2 +- > gas/sframe-opt.c | 3 ++ > .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++ > .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++ > gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 + > include/sframe.h | 25 +++++++++---- > libsframe/doc/sframe-spec.texi | 8 ++++- > libsframe/sframe-dump.c | 19 ++++++++++ > 9 files changed, 135 insertions(+), 12 deletions(-) > create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d > create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s > ^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame 2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat @ 2022-12-22 8:40 ` Nick Clifton 0 siblings, 0 replies; 23+ messages in thread From: Nick Clifton @ 2022-12-22 8:40 UTC (permalink / raw) To: Indu Bhagat, binutils Hi Indu, > PING. > > This patch series has not been committed. I earlier sent the series as "[COMMITTED, V2]" by mistake; so this needs an OK before I can commit it. Oops- sorry - patch series approved - please apply! Cheers Nick ^ permalink raw reply [flat|nested] 23+ messages in thread
end of thread, other threads:[~2022-12-22 8:40 UTC | newest] Thread overview: 23+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat 2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat 2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat 2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton 2022-12-19 17:27 ` Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat 2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 2022-12-19 21:14 ` [PATCH, " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat 2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat 2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat 2022-12-22 8:40 ` Nick Clifton
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).