From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 481313858C42; Thu, 25 Apr 2024 14:44:09 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 481313858C42
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1714056249;
	bh=+BN1ChrbDvp1d2ZJrmzh/GFvQY9SWmh/2ScOM0LOhC8=;
	h=From:To:Subject:Date:In-Reply-To:References:From;
	b=Q7P67DJtmKqqxH7cM5dmEocgT2rFUiTOVvUu/RjdECPfCUHv5qcKl25CBml4i9k9V
	 wWs8yv4BaDGjqgy+PKMHClLZMVnH2fv7pRky+/jSITEYMTQVavIFFOoeT8XPn29OiE
	 tHwmKk99LVuGCbk2KhD0r5SZ9sV5d42lp2MHMj8c=
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS
 for CMSE
Date: Thu, 25 Apr 2024 14:44:08 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: target
X-Bugzilla-Version: 14.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: cvs-commit at gcc dot gnu.org
X-Bugzilla-Status: ASSIGNED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: ricbal02 at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-114837-4-3gbqXRoM7N@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-114837-4@http.gcc.gnu.org/bugzilla/>
References: <bug-114837-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D114837

--- Comment #5 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-12 branch has been updated by Richard Ball
<ricbal02@gcc.gnu.org>:

https://gcc.gnu.org/g:441e194abcf3211de647d74c892f90879ae9ca8c

commit r12-10394-g441e194abcf3211de647d74c892f90879ae9ca8c
Author: Richard Ball <richard.ball@arm.com>
Date:   Thu Apr 25 15:30:42 2024 +0100

    arm: Zero/Sign extends for CMSE security

    Co-Authored by: Andre Simoes Dias Vieira <Andre.SimoesDiasVieira@arm.co=
m>

    This patch makes the following changes:

    1) When calling a secure function from non-secure code then any argumen=
ts
       smaller than 32-bits that are passed in registers are zero- or
sign-extended.
    2) After a non-secure function returns into secure code then any return
value
       smaller than 32-bits that is passed in a register is  zero- or
sign-extended.

    This patch addresses the following CVE-2024-0151.

    gcc/ChangeLog:
            PR target/114837
            * config/arm/arm.cc (cmse_nonsecure_call_inline_register_clear):
            Add zero/sign extend.
            (arm_expand_prologue): Add zero/sign extend.

    gcc/testsuite/ChangeLog:

            * gcc.target/arm/cmse/extend-param.c: New test.
            * gcc.target/arm/cmse/extend-return.c: New test.

    (cherry picked from commit ad45086178d833254d66fab518b14234418f002b)=