* [PATCH 0/5] SFrame: add support for .cfi_b_key_frame
@ 2022-12-14 20:07 Indu Bhagat
2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat
` (5 more replies)
0 siblings, 6 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
Hello,
This patchset adds support for handling the .cfi_b_key_frame assembler
directive to the SFrame format: SFrame format representation now allows to
encode which of the pauth A key / B key are used (for signing return
addresses on aarch64), and gas, readelf/objdump now allow for generation
and textual dump of this information.
Testing notes:
- Regression tested cross build of several targets on an x86_64 host and an
aarch64 host using a regression script that checks for failures in gas, ld,
binutils, libctf and libsframe.
- Regression tested native builds on x86_64 and aarch64.
- binutils/gdb try bot showed no new regressions.
PS: This patchset assumes that the SFrame support for .cfi_negate_ra_state is
in place already. Please apply the recently sent "[PATCH 0/6] SFrame: support
for .cfi_negate_ra_state in aarch64" series prior to applying this series, if
you intend to experiment with this patchset.
Thanks,
Indu Bhagat (5):
[1/5] sframe.h: add support for .cfi_b_key_frame
[2/5] gas: sframe: add support for .cfi_b_key_frame
[3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
[4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
[5/5] sframe: doc: update documentation for pauth key in SFrame FDE
gas/gen-sframe.c | 26 +++++++++++---
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 ++
.../cfi-sframe-aarch64-pac-ab-key-1.d | 25 +++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
include/sframe.h | 25 +++++++++----
libsframe/doc/sframe-spec.texi | 8 ++++-
libsframe/sframe-dump.c | 19 ++++++++++
9 files changed, 133 insertions(+), 12 deletions(-)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
@ 2022-12-14 20:07 ` Indu Bhagat
2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat
` (4 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
ARM 8.3 provides five separate keys that can be used to authenticate
pointers. There are two key for executable (instruction) pointers. The
enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys:
enum pointer_auth_key {
AARCH64_PAUTH_KEY_A,
AARCH64_PAUTH_KEY_B
};
Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame
FDE to indicate which key is used for signing the frame's return addresses:
- SFRAME_AARCH64_PAUTH_KEY_A has a value of 0
- SFRAME_AARCH64_PAUTH_KEY_B has a value of 1
Note that the information in this bit will always be used along with the
mangled_ra_p bit, the latter indicates whether the return addresses are
mangled/contain PAC auth bits.
include/ChangeLog:
* sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition.
(SFRAME_AARCH64_PAUTH_KEY_B): Likewise.
(SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key.
(SFRAME_V1_FUNC_PAUTH_KEY): New macro.
(SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise.
---
include/sframe.h | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/include/sframe.h b/include/sframe.h
index b2bd41a724e..77071c99d90 100644
--- a/include/sframe.h
+++ b/include/sframe.h
@@ -165,6 +165,10 @@ typedef struct sframe_header
#define SFRAME_V1_HDR_SIZE(sframe_hdr) \
((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len))
+/* Two possible keys for executable (instruction) pointers signing. */
+#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */
+#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */
+
typedef struct sframe_func_desc_entry
{
/* Function start address. Encoded as a signed offset, relative to the
@@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry
function.
- 4-bits: Identify the FRE type used for the function.
- 1-bit: Identify the FDE type of the function - mask or inc.
- - 3-bits: Unused.
- --------------------------------------------
- | Unused | FDE type | FRE type |
- --------------------------------------------
- 8 5 4 0 */
+ - 1-bit: PAC authorization A/B key (aarch64).
+ - 2-bits: Unused.
+ ------------------------------------------------------------------------
+ | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type |
+ | | Unused (amd64) | | |
+ ------------------------------------------------------------------------
+ 8 6 5 4 0 */
uint8_t sfde_func_info;
} ATTRIBUTE_PACKED sframe_func_desc_entry;
/* Macros to compose and decompose function info in FDE. */
+/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */
#define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \
- ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
+ (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \
+ (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
#define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf)
#define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1)
+#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1)
+
+/* Set the pauth key as indicated. */
+#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \
+ ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf))
/* Size of stack frame offsets in an SFrame Frame Row Entry. A single
SFrame FRE has all offsets of the same size. Offset size may vary
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat
@ 2022-12-14 20:07 ` Indu Bhagat
2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
` (3 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
Gather the information from the DWARF FDE on whether frame's return
addresses are signed using the B key or A key. Reflect the information in
the SFrame counterpart data structure, the SFrame FDE.
ChangeLog:
* gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition.
(sframe_v1_set_func_info): Add new argument for pauth_key.
(sframe_set_func_info): Likewise.
(output_sframe_funcdesc): Likewise.
* gas/gen-sframe.h (struct sframe_version_ops): Add new argument
to the function pointer declaration.
* gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key.
---
gas/gen-sframe.c | 26 ++++++++++++++++++++++----
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 +++
3 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
index f31a66da377..5a642f9a683 100644
--- a/gas/gen-sframe.c
+++ b/gas/gen-sframe.c
@@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde)
return dw_fde->end_address;
}
+/* Get whether PAUTH B key is used. */
+static bool
+get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED)
+{
+#ifdef tc_fde_entry_extras
+ return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B);
+#else
+ return false;
+#endif
+}
+
/* SFrame Frame Row Entry (FRE) related functions. */
static void
@@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame (SFRAME_VERSION_1) set function info. */
static unsigned char
-sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
unsigned char func_info;
func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info);
return func_info;
}
@@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame set func info. */
ATTRIBUTE_UNUSED static unsigned char
-sframe_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
- return sframe_ver_ops.set_func_info (fde_type, fre_type);
+ return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key);
}
/* Get the number of SFrame FDEs for the current file. */
@@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
expressionS exp;
unsigned int addr_size;
symbolS *dw_fde_start_addrS, *dw_fde_end_addrS;
+ unsigned int pauth_key;
addr_size = SFRAME_RELOC_SIZE;
dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde);
@@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
/* SFrame FDE function info. */
unsigned char func_info;
+ pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde)
+ ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A);
func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC,
- SFRAME_FRE_TYPE_ADDR4);
+ SFRAME_FRE_TYPE_ADDR4,
+ pauth_key);
#if SFRAME_FRE_TYPE_SELECTION_OPT
expressionS cexp;
create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS,
diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h
index aa8be5df457..590bf7b505b 100644
--- a/gas/gen-sframe.h
+++ b/gas/gen-sframe.h
@@ -146,7 +146,7 @@ struct sframe_version_ops
unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int,
bool);
/* set SFrame Func info. */
- unsigned char (*set_func_info) (unsigned int, unsigned int);
+ unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int);
};
/* Generate SFrame unwind info and prepare contents for the output.
diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c
index f08a424fd88..cf7ca5c1893 100644
--- a/gas/sframe-opt.c
+++ b/gas/sframe-opt.c
@@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag)
offsetT rest_of_data;
uint8_t fde_type, fre_type;
+ uint8_t pauth_key;
expressionS *exp;
symbolS *dataS;
@@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag)
dataS = exp->X_add_symbol;
rest_of_data = (symbol_get_value_expression(dataS))->X_add_number;
fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data);
+ pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data);
gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC);
/* Calculate the applicable fre_type. */
@@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag)
/* Create the new function info. */
value = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value);
frag->fr_literal[frag->fr_fix] = value;
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat
@ 2022-12-14 20:07 ` Indu Bhagat
2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
` (2 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
ChangeLog:
* libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New
definition.
(dump_sframe_func_with_fres): emit a string if B key is used.
---
libsframe/sframe-dump.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c
index 8e5cd6116ef..6c655655ab3 100644
--- a/libsframe/sframe-dump.c
+++ b/libsframe/sframe-dump.c
@@ -25,6 +25,21 @@
#define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50
+/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */
+
+static bool
+is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx)
+{
+ bool aarch64_p = false;
+
+ unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx);
+ if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG)
+ || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE))
+ aarch64_p = true;
+
+ return aarch64_p;
+}
+
static void
dump_sframe_header (sframe_decoder_ctx *sfd_ctx)
{
@@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx,
func_start_pc_vma,
func_size);
+ if (is_sframe_abi_arch_aarch64 (sfd_ctx)
+ && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B))
+ printf (", pauth = B key");
+
char temp[100];
memset (temp, 0, 100);
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
` (2 preceding siblings ...)
2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
@ 2022-12-14 20:07 ` Indu Bhagat
2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
This is actually a composite test that checks the behaviour of both the
.cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64.
ChangeLog:
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d:
New test.
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s:
Likewise.
* testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test.
---
.../cfi-sframe-aarch64-pac-ab-key-1.d | 25 +++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
3 files changed, 62 insertions(+)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
new file mode 100644
index 00000000000..46d932f9db7
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
@@ -0,0 +1,25 @@
+#as: --gsframe
+#objdump: --sframe=.sframe
+#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test
+#...
+Contents of the SFrame section .sframe:
+
+ Header :
+
+ Version: SFRAME_VERSION_1
+ Flags: NONE
+ Num FDEs: 2
+ Num FREs: 4
+
+ Function Index :
+ func idx \[0\]: pc = 0x0, size = 12 bytes
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+#pass
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
new file mode 100644
index 00000000000..d9a408c668c
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
@@ -0,0 +1,36 @@
+## same as aarch64/pac_ab_key.s
+ .arch armv8-a
+ .text
+ .align 2
+ .global _Z5foo_av
+ .type _Z5foo_av, %function
+_Z5foo_av:
+.LFB0:
+ .cfi_startproc
+ hint 25 // paciasp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ ret
+ .cfi_endproc
+.LFE0:
+ .size _Z5foo_av, .-_Z5foo_av
+ .align 2
+ .global _Z5foo_bv
+ .type _Z5foo_bv, %function
+_Z5foo_bv:
+.LFB1:
+ .cfi_startproc
+ .cfi_b_key_frame
+ hint 27 // pacibsp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ nop
+ nop
+ ret
+ .cfi_endproc
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
index f001fad0e8e..fa153fc52b3 100644
--- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
@@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then {
if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
run_dump_test "cfi-sframe-aarch64-1"
run_dump_test "cfi-sframe-aarch64-2"
+ run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
` (3 preceding siblings ...)
2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
@ 2022-12-14 20:07 ` Indu Bhagat
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-14 20:07 UTC (permalink / raw)
To: binutils; +Cc: Indu Bhagat
ChangeLog:
* libsframe/doc/sframe-spec.texi
---
libsframe/doc/sframe-spec.texi | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi
index fa66d801dd3..345b8f93036 100644
--- a/libsframe/doc/sframe-spec.texi
+++ b/libsframe/doc/sframe-spec.texi
@@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB:
@multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).}
@headitem Bit offset @tab Name @tab Description
-@item 7--5
+@item 7--6
@tab @code{unused}
@tab Unused bits.
+@item 5
+@tab @code{pauth_key}
+@tab Specify which key is used for signing the return addresses in the SFrame
+FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or
+SFRAME_AARCH64_PAUTH_KEY_B (1).
+
@item 4
@tab @code{fdetype}
@tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}.
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
` (4 preceding siblings ...)
2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
@ 2022-12-19 15:36 ` Nick Clifton
2022-12-19 17:27 ` Indu Bhagat
` (2 more replies)
5 siblings, 3 replies; 23+ messages in thread
From: Nick Clifton @ 2022-12-19 15:36 UTC (permalink / raw)
To: Indu Bhagat, binutils
Hi Indu,
> - Regression tested cross build of several targets on an x86_64 host and an
> aarch64 host using a regression script that checks for failures in gas, ld,
> binutils, libctf and libsframe.
With this patch series applied on top of today's (19 dec) sources I see one
new failure in the gas testsuite for a toolchain configured as aarch64-linux-gnu:
regexp_diff match failure
regexp "^ Num FREs: 4$"
line " Num FREs: 6"
regexp_diff match failure
regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$"
line " 0000000000000004 sp+0 u u[s] "
regexp_diff match failure
regexp "^ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key$"
line " 0000000000000008 sp+16 c-16 c-8[s] "
regexp_diff match failure
regexp "^ STARTPC + CFA + FP + RA +$"
line " func idx [1]: pc = 0x0, size = 20 bytes, pauth = B key"
regexp_diff match failure
regexp "^ 0+0000 +sp\+0 +u +u +$"
line " STARTPC CFA FP RA "
regexp_diff match failure
regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$"
line " 0000000000000000 sp+0 u u "
FAIL: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test
Possibly this is because another patch needs to be applied first ? Please could
you check and let me know.
Cheers
Nick
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
@ 2022-12-19 17:27 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 17:27 UTC (permalink / raw)
To: Nick Clifton, binutils
On 12/19/22 7:36 AM, Nick Clifton wrote:
> Hi Indu,
>
>> - Regression tested cross build of several targets on an x86_64 host
>> and an
>> aarch64 host using a regression script that checks for failures in
>> gas, ld,
>> binutils, libctf and libsframe.
>
> With this patch series applied on top of today's (19 dec) sources I see one
> new failure in the gas testsuite for a toolchain configured as
> aarch64-linux-gnu:
>
> regexp_diff match failure
> regexp "^ Num FREs: 4$"
> line " Num FREs: 6"
> regexp_diff match failure
> regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$"
> line " 0000000000000004 sp+0 u u[s] "
> regexp_diff match failure
> regexp "^ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key$"
> line " 0000000000000008 sp+16 c-16 c-8[s] "
> regexp_diff match failure
> regexp "^ STARTPC + CFA + FP + RA +$"
> line " func idx [1]: pc = 0x0, size = 20 bytes, pauth = B key"
> regexp_diff match failure
> regexp "^ 0+0000 +sp\+0 +u +u +$"
> line " STARTPC CFA FP RA "
> regexp_diff match failure
> regexp "^ 0+0008 +sp\+16 +c-16 +c-8\[s\] +$"
> line " 0000000000000000 sp+0 u u "
> FAIL: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test
>
> Possibly this is because another patch needs to be applied first ?
> Please could
> you check and let me know.
>
This series now needs to be rebased with some changes to the testsuite
necessary. This is because the V2 version of the series which added
support for .cfi_negate_ra_state was committed with "[s]" being emitted
when RA is in register or stack.
Will rebase, post V2 after retesting.
Thanks
Indu
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
2022-12-19 17:27 ` Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat
` (5 more replies)
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2 siblings, 6 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[Changes from V1]
- Rebased on latest trunk.
- Fixed the testcase as we now emit "[s]" marker for both mangled RA in
register and stack.
[End of changes in V1]
Thanks
----------------------
Hello,
This patchset adds support for handling the .cfi_b_key_frame assembler
directive to the SFrame format: SFrame format representation now allows to
encode which of the pauth A key / B key are used (for signing return
addresses on aarch64), and gas, readelf/objdump now allow for generation
and textual dump of this information.
Testing notes:
- Regression tested cross build of several targets on an x86_64 host and an
aarch64 host using a regression script that checks for failures in gas, ld,
binutils, libctf and libsframe.
- Regression tested native builds on x86_64 and aarch64.
- binutils/gdb try bot showed no new regressions.
Thanks,
Indu Bhagat (5):
[1/5] sframe.h: add support for .cfi_b_key_frame
[2/5] gas: sframe: add support for .cfi_b_key_frame
[3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
[4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
[5/5] sframe: doc: update documentation for pauth key in SFrame FDE
gas/gen-sframe.c | 26 +++++++++++---
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 ++
.../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
include/sframe.h | 25 +++++++++----
libsframe/doc/sframe-spec.texi | 8 ++++-
libsframe/sframe-dump.c | 19 ++++++++++
9 files changed, 135 insertions(+), 12 deletions(-)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
` (4 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ARM 8.3 provides five separate keys that can be used to authenticate
pointers. There are two keys for executable (instruction) pointers. The
enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys:
enum pointer_auth_key {
AARCH64_PAUTH_KEY_A,
AARCH64_PAUTH_KEY_B
};
Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame
FDE to indicate which key is used for signing the frame's return addresses:
- SFRAME_AARCH64_PAUTH_KEY_A has a value of 0
- SFRAME_AARCH64_PAUTH_KEY_B has a value of 1
Note that the information in this bit will always be used along with the
mangled_ra_p bit, the latter indicates whether the return addresses are
mangled/contain PAC auth bits.
include/ChangeLog:
* sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition.
(SFRAME_AARCH64_PAUTH_KEY_B): Likewise.
(SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key.
(SFRAME_V1_FUNC_PAUTH_KEY): New macro.
(SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise.
---
include/sframe.h | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/include/sframe.h b/include/sframe.h
index b2bd41a724e..1d0c12058ac 100644
--- a/include/sframe.h
+++ b/include/sframe.h
@@ -165,6 +165,10 @@ typedef struct sframe_header
#define SFRAME_V1_HDR_SIZE(sframe_hdr) \
((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len))
+/* Two possible keys for executable (instruction) pointers signing. */
+#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */
+#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */
+
typedef struct sframe_func_desc_entry
{
/* Function start address. Encoded as a signed offset, relative to the
@@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry
function.
- 4-bits: Identify the FRE type used for the function.
- 1-bit: Identify the FDE type of the function - mask or inc.
- - 3-bits: Unused.
- --------------------------------------------
- | Unused | FDE type | FRE type |
- --------------------------------------------
- 8 5 4 0 */
+ - 1-bit: PAC authorization A/B key (aarch64).
+ - 2-bits: Unused.
+ --------------------------------------------------------------------------
+ | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type |
+ | | Unused (amd64) | | |
+ --------------------------------------------------------------------------
+ 8 6 5 4 0 */
uint8_t sfde_func_info;
} ATTRIBUTE_PACKED sframe_func_desc_entry;
/* Macros to compose and decompose function info in FDE. */
+/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */
#define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \
- ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
+ (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \
+ (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
#define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf)
#define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1)
+#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1)
+
+/* Set the pauth key as indicated. */
+#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \
+ ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf))
/* Size of stack frame offsets in an SFrame Frame Row Entry. A single
SFrame FRE has all offsets of the same size. Offset size may vary
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
` (3 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
Gather the information from the DWARF FDE on whether frame's return
addresses are signed using the B key or A key. Reflect the information in
the SFrame counterpart data structure, the SFrame FDE.
ChangeLog:
* gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition.
(sframe_v1_set_func_info): Add new argument for pauth_key.
(sframe_set_func_info): Likewise.
(output_sframe_funcdesc): Likewise.
* gas/gen-sframe.h (struct sframe_version_ops): Add new argument
to the function pointer declaration.
* gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key.
---
gas/gen-sframe.c | 26 ++++++++++++++++++++++----
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 +++
3 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
index 9baf20bd873..76f8529d740 100644
--- a/gas/gen-sframe.c
+++ b/gas/gen-sframe.c
@@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde)
return dw_fde->end_address;
}
+/* Get whether PAUTH B key is used. */
+static bool
+get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED)
+{
+#ifdef tc_fde_entry_extras
+ return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B);
+#else
+ return false;
+#endif
+}
+
/* SFrame Frame Row Entry (FRE) related functions. */
static void
@@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame (SFRAME_VERSION_1) set function info. */
static unsigned char
-sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
unsigned char func_info;
func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info);
return func_info;
}
@@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame set func info. */
ATTRIBUTE_UNUSED static unsigned char
-sframe_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
- return sframe_ver_ops.set_func_info (fde_type, fre_type);
+ return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key);
}
/* Get the number of SFrame FDEs for the current file. */
@@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
expressionS exp;
unsigned int addr_size;
symbolS *dw_fde_start_addrS, *dw_fde_end_addrS;
+ unsigned int pauth_key;
addr_size = SFRAME_RELOC_SIZE;
dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde);
@@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
/* SFrame FDE function info. */
unsigned char func_info;
+ pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde)
+ ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A);
func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC,
- SFRAME_FRE_TYPE_ADDR4);
+ SFRAME_FRE_TYPE_ADDR4,
+ pauth_key);
#if SFRAME_FRE_TYPE_SELECTION_OPT
expressionS cexp;
create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS,
diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h
index 5d5702a57ca..eb43c3a07a5 100644
--- a/gas/gen-sframe.h
+++ b/gas/gen-sframe.h
@@ -146,7 +146,7 @@ struct sframe_version_ops
unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int,
bool);
/* set SFrame Func info. */
- unsigned char (*set_func_info) (unsigned int, unsigned int);
+ unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int);
};
/* Generate SFrame unwind info and prepare contents for the output.
diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c
index f08a424fd88..cf7ca5c1893 100644
--- a/gas/sframe-opt.c
+++ b/gas/sframe-opt.c
@@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag)
offsetT rest_of_data;
uint8_t fde_type, fre_type;
+ uint8_t pauth_key;
expressionS *exp;
symbolS *dataS;
@@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag)
dataS = exp->X_add_symbol;
rest_of_data = (symbol_get_value_expression(dataS))->X_add_number;
fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data);
+ pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data);
gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC);
/* Calculate the applicable fre_type. */
@@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag)
/* Create the new function info. */
value = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value);
frag->fr_literal[frag->fr_fix] = value;
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
` (2 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ChangeLog:
* libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New
definition.
(dump_sframe_func_with_fres): emit a string if B key is used.
---
libsframe/sframe-dump.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c
index 5f778bee338..c00ff401685 100644
--- a/libsframe/sframe-dump.c
+++ b/libsframe/sframe-dump.c
@@ -25,6 +25,21 @@
#define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50
+/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */
+
+static bool
+is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx)
+{
+ bool aarch64_p = false;
+
+ unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx);
+ if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG)
+ || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE))
+ aarch64_p = true;
+
+ return aarch64_p;
+}
+
static void
dump_sframe_header (sframe_decoder_ctx *sfd_ctx)
{
@@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx,
func_start_pc_vma,
func_size);
+ if (is_sframe_abi_arch_aarch64 (sfd_ctx)
+ && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B))
+ printf (", pauth = B key");
+
char temp[100];
memset (temp, 0, 100);
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
` (2 preceding siblings ...)
2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[Changes in V2]
- Adjust the testcase as we now emit "[s]" marker when the return
address in either reg / stack is mangled.
[End of changes in V2]
This is actually a composite test that checks the behaviour of both the
.cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64.
ChangeLog:
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d:
New test.
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s:
Likewise.
* testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test.
---
.../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
3 files changed, 64 insertions(+)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
new file mode 100644
index 00000000000..666a94101ab
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
@@ -0,0 +1,27 @@
+#as: --gsframe
+#objdump: --sframe=.sframe
+#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test
+#...
+Contents of the SFrame section .sframe:
+
+ Header :
+
+ Version: SFRAME_VERSION_1
+ Flags: NONE
+ Num FDEs: 2
+ Num FREs: 6
+
+ Function Index :
+ func idx \[0\]: pc = 0x0, size = 12 bytes
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0004 +sp\+0 +u +u\[s\] +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0004 +sp\+0 +u +u\[s\] +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+#pass
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
new file mode 100644
index 00000000000..d9a408c668c
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
@@ -0,0 +1,36 @@
+## same as aarch64/pac_ab_key.s
+ .arch armv8-a
+ .text
+ .align 2
+ .global _Z5foo_av
+ .type _Z5foo_av, %function
+_Z5foo_av:
+.LFB0:
+ .cfi_startproc
+ hint 25 // paciasp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ ret
+ .cfi_endproc
+.LFE0:
+ .size _Z5foo_av, .-_Z5foo_av
+ .align 2
+ .global _Z5foo_bv
+ .type _Z5foo_bv, %function
+_Z5foo_bv:
+.LFB1:
+ .cfi_startproc
+ .cfi_b_key_frame
+ hint 27 // pacibsp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ nop
+ nop
+ ret
+ .cfi_endproc
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
index f001fad0e8e..fa153fc52b3 100644
--- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
@@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then {
if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
run_dump_test "cfi-sframe-aarch64-1"
run_dump_test "cfi-sframe-aarch64-2"
+ run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
` (3 preceding siblings ...)
2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
@ 2022-12-19 20:23 ` Indu Bhagat
2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 20:23 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ChangeLog:
* libsframe/doc/sframe-spec.texi
---
libsframe/doc/sframe-spec.texi | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi
index fa66d801dd3..345b8f93036 100644
--- a/libsframe/doc/sframe-spec.texi
+++ b/libsframe/doc/sframe-spec.texi
@@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB:
@multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).}
@headitem Bit offset @tab Name @tab Description
-@item 7--5
+@item 7--6
@tab @code{unused}
@tab Unused bits.
+@item 5
+@tab @code{pauth_key}
+@tab Specify which key is used for signing the return addresses in the SFrame
+FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or
+SFRAME_AARCH64_PAUTH_KEY_B (1).
+
@item 4
@tab @code{fdetype}
@tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}.
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
` (4 preceding siblings ...)
2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
@ 2022-12-19 21:11 ` Indu Bhagat
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:11 UTC (permalink / raw)
To: binutils; +Cc: nickc
Er..no. This series is not committed yet. I meant to send this as
[PATCH, V2] for approval before commit.
Sending another email with the correct subject.
Sorry about this
Indu
On 12/19/22 12:23 PM, Indu Bhagat wrote:
> [Changes from V1]
> - Rebased on latest trunk.
> - Fixed the testcase as we now emit "[s]" marker for both mangled RA in
> register and stack.
> [End of changes in V1]
>
> Thanks
>
> ----------------------
>
> Hello,
>
> This patchset adds support for handling the .cfi_b_key_frame assembler
> directive to the SFrame format: SFrame format representation now allows to
> encode which of the pauth A key / B key are used (for signing return
> addresses on aarch64), and gas, readelf/objdump now allow for generation
> and textual dump of this information.
>
> Testing notes:
>
> - Regression tested cross build of several targets on an x86_64 host and an
> aarch64 host using a regression script that checks for failures in gas, ld,
> binutils, libctf and libsframe.
> - Regression tested native builds on x86_64 and aarch64.
> - binutils/gdb try bot showed no new regressions.
>
> Thanks,
> Indu Bhagat (5):
> [1/5] sframe.h: add support for .cfi_b_key_frame
> [2/5] gas: sframe: add support for .cfi_b_key_frame
> [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
> [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
> [5/5] sframe: doc: update documentation for pauth key in SFrame FDE
>
> gas/gen-sframe.c | 26 +++++++++++---
> gas/gen-sframe.h | 2 +-
> gas/sframe-opt.c | 3 ++
> .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
> .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
> gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
> include/sframe.h | 25 +++++++++----
> libsframe/doc/sframe-spec.texi | 8 ++++-
> libsframe/sframe-dump.c | 19 ++++++++++
> 9 files changed, 135 insertions(+), 12 deletions(-)
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
>
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
2022-12-19 17:27 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat
` (5 more replies)
2 siblings, 6 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[Changes from V1]
- Rebased on latest trunk.
- Fixed the testcase as we now emit "[s]" marker for both mangled RA in
register and stack.
[End of changes in V1]
Thanks
----------------------
Hello,
This patchset adds support for handling the .cfi_b_key_frame assembler
directive to the SFrame format: SFrame format representation now allows to
encode which of the pauth A key / B key are used (for signing return
addresses on aarch64), and gas, readelf/objdump now allow for generation
and textual dump of this information.
Testing notes:
- Regression tested cross build of several targets on an x86_64 host and an
aarch64 host using a regression script that checks for failures in gas, ld,
binutils, libctf and libsframe.
- Regression tested native builds on x86_64 and aarch64.
- binutils/gdb try bot showed no new regressions.
Thanks,
Indu Bhagat (5):
[1/5] sframe.h: add support for .cfi_b_key_frame
[2/5] gas: sframe: add support for .cfi_b_key_frame
[3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
[4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
[5/5] sframe: doc: update documentation for pauth key in SFrame FDE
gas/gen-sframe.c | 26 +++++++++++---
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 ++
.../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
include/sframe.h | 25 +++++++++----
libsframe/doc/sframe-spec.texi | 8 ++++-
libsframe/sframe-dump.c | 19 ++++++++++
9 files changed, 135 insertions(+), 12 deletions(-)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 1/5] [1/5] sframe.h: add support for .cfi_b_key_frame
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
` (4 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ARM 8.3 provides five separate keys that can be used to authenticate
pointers. There are two key for executable (instruction) pointers. The
enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys:
enum pointer_auth_key {
AARCH64_PAUTH_KEY_A,
AARCH64_PAUTH_KEY_B
};
Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame
FDE to indicate which key is used for signing the frame's return addresses:
- SFRAME_AARCH64_PAUTH_KEY_A has a value of 0
- SFRAME_AARCH64_PAUTH_KEY_B has a value of 1
Note that the information in this bit will always be used along with the
mangled_ra_p bit, the latter indicates whether the return addresses are
mangled/contain PAC auth bits.
include/ChangeLog:
* sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition.
(SFRAME_AARCH64_PAUTH_KEY_B): Likewise.
(SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key.
(SFRAME_V1_FUNC_PAUTH_KEY): New macro.
(SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise.
---
include/sframe.h | 25 +++++++++++++++++++------
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/include/sframe.h b/include/sframe.h
index b2bd41a724e..77071c99d90 100644
--- a/include/sframe.h
+++ b/include/sframe.h
@@ -165,6 +165,10 @@ typedef struct sframe_header
#define SFRAME_V1_HDR_SIZE(sframe_hdr) \
((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len))
+/* Two possible keys for executable (instruction) pointers signing. */
+#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */
+#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */
+
typedef struct sframe_func_desc_entry
{
/* Function start address. Encoded as a signed offset, relative to the
@@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry
function.
- 4-bits: Identify the FRE type used for the function.
- 1-bit: Identify the FDE type of the function - mask or inc.
- - 3-bits: Unused.
- --------------------------------------------
- | Unused | FDE type | FRE type |
- --------------------------------------------
- 8 5 4 0 */
+ - 1-bit: PAC authorization A/B key (aarch64).
+ - 2-bits: Unused.
+ ------------------------------------------------------------------------
+ | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type |
+ | | Unused (amd64) | | |
+ ------------------------------------------------------------------------
+ 8 6 5 4 0 */
uint8_t sfde_func_info;
} ATTRIBUTE_PACKED sframe_func_desc_entry;
/* Macros to compose and decompose function info in FDE. */
+/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */
#define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \
- ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
+ (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \
+ (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf))
#define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf)
#define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1)
+#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1)
+
+/* Set the pauth key as indicated. */
+#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \
+ ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf))
/* Size of stack frame offsets in an SFrame Frame Row Entry. A single
SFrame FRE has all offsets of the same size. Offset size may vary
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 2/5] [2/5] gas: sframe: add support for .cfi_b_key_frame
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
` (3 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
Gather the information from the DWARF FDE on whether frame's return
addresses are signed using the B key or A key. Reflect the information in
the SFrame counterpart data structure, the SFrame FDE.
ChangeLog:
* gas/gen-sframe.c (get_dw_fde_pauth_b_key_p): New definition.
(sframe_v1_set_func_info): Add new argument for pauth_key.
(sframe_set_func_info): Likewise.
(output_sframe_funcdesc): Likewise.
* gas/gen-sframe.h (struct sframe_version_ops): Add new argument
to the function pointer declaration.
* gas/sframe-opt.c (sframe_convert_frag): Handle pauth_key.
---
gas/gen-sframe.c | 26 ++++++++++++++++++++++----
gas/gen-sframe.h | 2 +-
gas/sframe-opt.c | 3 +++
3 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
index 9baf20bd873..76f8529d740 100644
--- a/gas/gen-sframe.c
+++ b/gas/gen-sframe.c
@@ -106,6 +106,17 @@ get_dw_fde_end_addrS (const struct fde_entry *dw_fde)
return dw_fde->end_address;
}
+/* Get whether PAUTH B key is used. */
+static bool
+get_dw_fde_pauth_b_key_p (const struct fde_entry *dw_fde ATTRIBUTE_UNUSED)
+{
+#ifdef tc_fde_entry_extras
+ return (dw_fde->pauth_key == AARCH64_PAUTH_KEY_B);
+#else
+ return false;
+#endif
+}
+
/* SFrame Frame Row Entry (FRE) related functions. */
static void
@@ -253,10 +264,12 @@ sframe_v1_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame (SFRAME_VERSION_1) set function info. */
static unsigned char
-sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_v1_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
unsigned char func_info;
func_info = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ func_info = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, func_info);
return func_info;
}
@@ -285,9 +298,10 @@ sframe_set_fre_info (unsigned int base_reg, unsigned int num_offsets,
/* SFrame set func info. */
ATTRIBUTE_UNUSED static unsigned char
-sframe_set_func_info (unsigned int fde_type, unsigned int fre_type)
+sframe_set_func_info (unsigned int fde_type, unsigned int fre_type,
+ unsigned int pauth_key)
{
- return sframe_ver_ops.set_func_info (fde_type, fre_type);
+ return sframe_ver_ops.set_func_info (fde_type, fre_type, pauth_key);
}
/* Get the number of SFrame FDEs for the current file. */
@@ -544,6 +558,7 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
expressionS exp;
unsigned int addr_size;
symbolS *dw_fde_start_addrS, *dw_fde_end_addrS;
+ unsigned int pauth_key;
addr_size = SFRAME_RELOC_SIZE;
dw_fde_start_addrS = get_dw_fde_start_addrS (sframe_fde->dw_fde);
@@ -575,8 +590,11 @@ output_sframe_funcdesc (symbolS *start_of_fre_section,
/* SFrame FDE function info. */
unsigned char func_info;
+ pauth_key = (get_dw_fde_pauth_b_key_p (sframe_fde->dw_fde)
+ ? SFRAME_AARCH64_PAUTH_KEY_B : SFRAME_AARCH64_PAUTH_KEY_A);
func_info = sframe_set_func_info (SFRAME_FDE_TYPE_PCINC,
- SFRAME_FRE_TYPE_ADDR4);
+ SFRAME_FRE_TYPE_ADDR4,
+ pauth_key);
#if SFRAME_FRE_TYPE_SELECTION_OPT
expressionS cexp;
create_func_info_exp (&cexp, dw_fde_end_addrS, dw_fde_start_addrS,
diff --git a/gas/gen-sframe.h b/gas/gen-sframe.h
index 5d5702a57ca..eb43c3a07a5 100644
--- a/gas/gen-sframe.h
+++ b/gas/gen-sframe.h
@@ -146,7 +146,7 @@ struct sframe_version_ops
unsigned char (*set_fre_info) (unsigned int, unsigned int, unsigned int,
bool);
/* set SFrame Func info. */
- unsigned char (*set_func_info) (unsigned int, unsigned int);
+ unsigned char (*set_func_info) (unsigned int, unsigned int, unsigned int);
};
/* Generate SFrame unwind info and prepare contents for the output.
diff --git a/gas/sframe-opt.c b/gas/sframe-opt.c
index f08a424fd88..cf7ca5c1893 100644
--- a/gas/sframe-opt.c
+++ b/gas/sframe-opt.c
@@ -95,6 +95,7 @@ sframe_convert_frag (fragS *frag)
offsetT rest_of_data;
uint8_t fde_type, fre_type;
+ uint8_t pauth_key;
expressionS *exp;
symbolS *dataS;
@@ -116,6 +117,7 @@ sframe_convert_frag (fragS *frag)
dataS = exp->X_add_symbol;
rest_of_data = (symbol_get_value_expression(dataS))->X_add_number;
fde_type = SFRAME_V1_FUNC_FDE_TYPE (rest_of_data);
+ pauth_key = SFRAME_V1_FUNC_PAUTH_KEY (rest_of_data);
gas_assert (fde_type == SFRAME_FDE_TYPE_PCINC);
/* Calculate the applicable fre_type. */
@@ -130,6 +132,7 @@ sframe_convert_frag (fragS *frag)
/* Create the new function info. */
value = SFRAME_V1_FUNC_INFO (fde_type, fre_type);
+ value = SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY (pauth_key, value);
frag->fr_literal[frag->fr_fix] = value;
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
` (2 subsequent siblings)
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ChangeLog:
* libsframe/sframe-dump.c (is_sframe_abi_arch_aarch64): New
definition.
(dump_sframe_func_with_fres): emit a string if B key is used.
---
libsframe/sframe-dump.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/libsframe/sframe-dump.c b/libsframe/sframe-dump.c
index 5f778bee338..c00ff401685 100644
--- a/libsframe/sframe-dump.c
+++ b/libsframe/sframe-dump.c
@@ -25,6 +25,21 @@
#define SFRAME_HEADER_FLAGS_STR_MAX_LEN 50
+/* Return TRUE if the SFrame section is associated with the aarch64 ABIs. */
+
+static bool
+is_sframe_abi_arch_aarch64 (sframe_decoder_ctx *sfd_ctx)
+{
+ bool aarch64_p = false;
+
+ unsigned char abi_arch = sframe_decoder_get_abi_arch (sfd_ctx);
+ if ((abi_arch == SFRAME_ABI_AARCH64_ENDIAN_BIG)
+ || (abi_arch == SFRAME_ABI_AARCH64_ENDIAN_LITTLE))
+ aarch64_p = true;
+
+ return aarch64_p;
+}
+
static void
dump_sframe_header (sframe_decoder_ctx *sfd_ctx)
{
@@ -113,6 +128,10 @@ dump_sframe_func_with_fres (sframe_decoder_ctx *sfd_ctx,
func_start_pc_vma,
func_size);
+ if (is_sframe_abi_arch_aarch64 (sfd_ctx)
+ && (SFRAME_V1_FUNC_PAUTH_KEY (func_info) == SFRAME_AARCH64_PAUTH_KEY_B))
+ printf (", pauth = B key");
+
char temp[100];
memset (temp, 0, 100);
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
` (2 preceding siblings ...)
2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[Changes in V2]
- Update testcase to expect "[s]" marker when return address in reg or
stack is mangled.
[End of changes in V2]
This is actually a composite test that checks the behaviour of both the
.cfi_negate_ra_state and .cfi_b_key_frame directives on aarch64.
ChangeLog:
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d:
New test.
* testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s:
Likewise.
* testsuite/gas/cfi-sframe/cfi-sframe.exp: Run new test.
---
.../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
.../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
3 files changed, 64 insertions(+)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
new file mode 100644
index 00000000000..666a94101ab
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
@@ -0,0 +1,27 @@
+#as: --gsframe
+#objdump: --sframe=.sframe
+#name: SFrame cfi_b_key_frame and cfi_negate_ra_state composite test
+#...
+Contents of the SFrame section .sframe:
+
+ Header :
+
+ Version: SFRAME_VERSION_1
+ Flags: NONE
+ Num FDEs: 2
+ Num FREs: 6
+
+ Function Index :
+ func idx \[0\]: pc = 0x0, size = 12 bytes
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0004 +sp\+0 +u +u\[s\] +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+ func idx \[1\]: pc = 0x0, size = 20 bytes, pauth = B key
+ STARTPC + CFA + FP + RA +
+ 0+0000 +sp\+0 +u +u +
+ 0+0004 +sp\+0 +u +u\[s\] +
+ 0+0008 +sp\+16 +c-16 +c-8\[s\] +
+
+#pass
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
new file mode 100644
index 00000000000..d9a408c668c
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
@@ -0,0 +1,36 @@
+## same as aarch64/pac_ab_key.s
+ .arch armv8-a
+ .text
+ .align 2
+ .global _Z5foo_av
+ .type _Z5foo_av, %function
+_Z5foo_av:
+.LFB0:
+ .cfi_startproc
+ hint 25 // paciasp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ ret
+ .cfi_endproc
+.LFE0:
+ .size _Z5foo_av, .-_Z5foo_av
+ .align 2
+ .global _Z5foo_bv
+ .type _Z5foo_bv, %function
+_Z5foo_bv:
+.LFB1:
+ .cfi_startproc
+ .cfi_b_key_frame
+ hint 27 // pacibsp
+ .cfi_window_save
+ stp x29, x30, [sp, -16]!
+ .cfi_def_cfa_offset 16
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ nop
+ nop
+ ret
+ .cfi_endproc
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
index f001fad0e8e..fa153fc52b3 100644
--- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
@@ -97,4 +97,5 @@ if { [istarget "x86_64-*-*"] && [gas_sframe_check] } then {
if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
run_dump_test "cfi-sframe-aarch64-1"
run_dump_test "cfi-sframe-aarch64-2"
+ run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
}
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
` (3 preceding siblings ...)
2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
@ 2022-12-19 21:14 ` Indu Bhagat
2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
5 siblings, 0 replies; 23+ messages in thread
From: Indu Bhagat @ 2022-12-19 21:14 UTC (permalink / raw)
To: binutils; +Cc: nickc, Indu Bhagat
[No changes in V2]
ChangeLog:
* libsframe/doc/sframe-spec.texi
---
libsframe/doc/sframe-spec.texi | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/libsframe/doc/sframe-spec.texi b/libsframe/doc/sframe-spec.texi
index fa66d801dd3..345b8f93036 100644
--- a/libsframe/doc/sframe-spec.texi
+++ b/libsframe/doc/sframe-spec.texi
@@ -398,10 +398,16 @@ The info word is a bitfield split into three parts. From MSB to LSB:
@multitable {Bit offset} {@code{isroot}} {Length of variable-length data for this type (some kinds only).}
@headitem Bit offset @tab Name @tab Description
-@item 7--5
+@item 7--6
@tab @code{unused}
@tab Unused bits.
+@item 5
+@tab @code{pauth_key}
+@tab Specify which key is used for signing the return addresses in the SFrame
+FDE. Two possible values: SFRAME_AARCH64_PAUTH_KEY_A (0) or
+SFRAME_AARCH64_PAUTH_KEY_B (1).
+
@item 4
@tab @code{fdetype}
@tab SFRAME_FDE_TYPE_PCMASK (1) or SFRAME_FDE_TYPE_PCINC (0). @xref{The SFrame FDE types}.
--
2.37.2
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
` (4 preceding siblings ...)
2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
@ 2022-12-21 18:19 ` Indu Bhagat
2022-12-22 8:40 ` Nick Clifton
5 siblings, 1 reply; 23+ messages in thread
From: Indu Bhagat @ 2022-12-21 18:19 UTC (permalink / raw)
To: binutils; +Cc: nickc
PING.
This patch series has not been committed. I earlier sent the series as
"[COMMITTED, V2]" by mistake; so this needs an OK before I can commit it.
Thanks
On 12/19/22 13:14, Indu Bhagat wrote:
> [Changes from V1]
> - Rebased on latest trunk.
> - Fixed the testcase as we now emit "[s]" marker for both mangled RA in
> register and stack.
> [End of changes in V1]
>
> Thanks
>
> ----------------------
>
> Hello,
>
> This patchset adds support for handling the .cfi_b_key_frame assembler
> directive to the SFrame format: SFrame format representation now allows to
> encode which of the pauth A key / B key are used (for signing return
> addresses on aarch64), and gas, readelf/objdump now allow for generation
> and textual dump of this information.
>
> Testing notes:
>
> - Regression tested cross build of several targets on an x86_64 host and an
> aarch64 host using a regression script that checks for failures in gas, ld,
> binutils, libctf and libsframe.
> - Regression tested native builds on x86_64 and aarch64.
> - binutils/gdb try bot showed no new regressions.
>
> Thanks,
> Indu Bhagat (5):
> [1/5] sframe.h: add support for .cfi_b_key_frame
> [2/5] gas: sframe: add support for .cfi_b_key_frame
> [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key
> [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame
> [5/5] sframe: doc: update documentation for pauth key in SFrame FDE
>
> gas/gen-sframe.c | 26 +++++++++++---
> gas/gen-sframe.h | 2 +-
> gas/sframe-opt.c | 3 ++
> .../cfi-sframe-aarch64-pac-ab-key-1.d | 27 ++++++++++++++
> .../cfi-sframe-aarch64-pac-ab-key-1.s | 36 +++++++++++++++++++
> gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
> include/sframe.h | 25 +++++++++----
> libsframe/doc/sframe-spec.texi | 8 ++++-
> libsframe/sframe-dump.c | 19 ++++++++++
> 9 files changed, 135 insertions(+), 12 deletions(-)
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.d
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-pac-ab-key-1.s
>
^ permalink raw reply [flat|nested] 23+ messages in thread
* Re: [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame
2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
@ 2022-12-22 8:40 ` Nick Clifton
0 siblings, 0 replies; 23+ messages in thread
From: Nick Clifton @ 2022-12-22 8:40 UTC (permalink / raw)
To: Indu Bhagat, binutils
Hi Indu,
> PING.
>
> This patch series has not been committed. I earlier sent the series as "[COMMITTED, V2]" by mistake; so this needs an OK before I can commit it.
Oops- sorry - patch series approved - please apply!
Cheers
Nick
^ permalink raw reply [flat|nested] 23+ messages in thread
end of thread, other threads:[~2022-12-22 8:40 UTC | newest]
Thread overview: 23+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-14 20:07 [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-14 20:07 ` [PATCH 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-14 20:07 ` [PATCH 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-14 20:07 ` [PATCH 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-14 20:07 ` [PATCH 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-14 20:07 ` [PATCH 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 15:36 ` [PATCH 0/5] SFrame: add support for .cfi_b_key_frame Nick Clifton
2022-12-19 17:27 ` Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-19 20:23 ` [COMMITTED, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-19 21:11 ` [COMMITTED, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-19 21:14 ` [PATCH, " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 1/5] [1/5] sframe.h: " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 2/5] [2/5] gas: sframe: " Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 3/5] [3/5] objdump/readelf: sframe: emit marker for SFrame FDE with B key Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 4/5] [4/5] gas: sframe: testsuite: add testcase for .cfi_b_key_frame Indu Bhagat
2022-12-19 21:14 ` [PATCH, V2 5/5] [5/5] sframe: doc: update documentation for pauth key in SFrame FDE Indu Bhagat
2022-12-21 18:19 ` [PATCH, V2 0/5] SFrame: add support for .cfi_b_key_frame Indu Bhagat
2022-12-22 8:40 ` Nick Clifton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).