From: Indu Bhagat <indu.bhagat@oracle.com>
To: binutils@sourceware.org
Cc: Indu Bhagat <indu.bhagat@oracle.com>
Subject: [PATCH 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame
Date: Wed, 14 Dec 2022 12:07:52 -0800 [thread overview]
Message-ID: <20221214200756.1234528-2-indu.bhagat@oracle.com> (raw)
In-Reply-To: <20221214200756.1234528-1-indu.bhagat@oracle.com>
ARM 8.3 provides five separate keys that can be used to authenticate
pointers. There are two key for executable (instruction) pointers. The
enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys:
enum pointer_auth_key {
AARCH64_PAUTH_KEY_A,
AARCH64_PAUTH_KEY_B
};
Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame
FDE to indicate which key is used for signing the frame's return addresses:
- SFRAME_AARCH64_PAUTH_KEY_A has a value of 0
- SFRAME_AARCH64_PAUTH_KEY_B has a value of 1
Note that the information in this bit will always be used along with the
mangled_ra_p bit, the latter indicates whether the return addresses are
mangled/contain PAC auth bits.
include/ChangeLog:
* sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition.
(SFRAME_AARCH64_PAUTH_KEY_B): Likewise.
(SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key.
(SFRAME_V1_FUNC_PAUTH_KEY): New macro.
(SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise.
---
include/sframe.h | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/include/sframe.h b/include/sframe.h
index b2bd41a724e..77071c99d90 100644
--- a/include/sframe.h
+++ b/include/sframe.h
@@ -165,6 +165,10 @@ typedef struct sframe_header
#define SFRAME_V1_HDR_SIZE(sframe_hdr) \
((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len))
+/* Two possible keys for executable (instruction) pointers signing. */
+#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */
+#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */
+
typedef struct sframe_func_desc_entry
{
/* Function start address. Encoded as a signed offset, relative to the
@@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry
function.
- 4-bits: Identify the FRE type used for the function.
- 1-bit: Identify the FDE type of the function - mask or inc.
- - 3-bits: Unused.
- --------------------------------------------
- | Unused | FDE type | FRE type |
- --------------------------------------------
- 8 5 4 0 */
+ - 1-bit: PAC authorization A/B key (aarch64).
+ - 2-bits: Unused.
+ ------------------------------------------------------------------------
+ | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type |
+ | | Unused (amd64) | | |
+ ------------------------------------------------------------------------
+ 8 6 5 4 0 */
uint8_t sfde_func_info;
} ATTRIBUTE_PACKED sframe_func_desc_entry;
/* Macros to compose and decompose function info in FDE. */
+/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */
#define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \
- ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
+ (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \
+ (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
#define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf)
#define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1)
+#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1)
+
+/* Set the pauth key as indicated. */
+#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \
+ ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf))
/* Size of stack frame offsets in an SFrame Frame Row Entry. A single
SFrame FRE has all offsets of the same size. Offset size may vary
--
2.37.2
next prev parent reply other threads:[~2022-12-14 20:08 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-14 20:07 [PATCH 0/5] SFrame: " Indu Bhagat
2022-12-14 20:07 ` Indu Bhagat [this message]
2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
2022-12-19 17:27 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-22 8:40 ` Nick Clifton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221214200756.1234528-2-indu.bhagat@oracle.com \
--to=indu.bhagat@oracle.com \
--cc=binutils@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).