[gcc(refs/vendors/ARM/heads/morello)] Use executables PCC bounds with __EH_FRAME_BEGIN_

public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed

* [gcc(refs/vendors/ARM/heads/morello)] Use executables PCC bounds with __EH_FRAME_BEGIN__
@ 2021-12-10 16:50 Matthew Malcomson
  0 siblings, 0 replies; only message in thread
From: Matthew Malcomson @ 2021-12-10 16:50 UTC (permalink / raw)
  To: gcc-cvs

https://gcc.gnu.org/g:96cb30988f5b369a4465cdde1bd0db2e7c9bbeec

commit 96cb30988f5b369a4465cdde1bd0db2e7c9bbeec
Author: Matthew Malcomson <matthew.malcomson@arm.com>
Date:   Fri Dec 10 16:31:30 2021 +0000

    Use executables PCC bounds with __EH_FRAME_BEGIN__
    
    When passing this symbol to the register with the unwinder in
    __register_frame_info we provide a capability that has this symbols
    value with the metadata of PCC.  This means that the unwinder can use
    this symbol as a base to take provenance from when accessing information
    "outside" of the .eh_frame section.
    
    This is only needed for exception unwinding code which uses personality
    functions and landing pads.  Hence this is only needed for frames using
    __attribute__((cleanup...)) with -fexceptions, or C++ with -fexceptions.
    
    For the moment (i.e. this is not part of the final design) we find it
    useful to keep the executable permissions from the PCC metadata.  This
    is useful as it allows us to use the unwinder with pre-existing landing
    pad information (which uses offsets to specify where the landing pad is
    rather than requesting a pointer to a landing pad be provided by the
    runtime and loading that).
    
    In the future it would be best to remove these executable permissions
    for security reasons.  The ABI for landing pads is needed to allow any
    unwinder to iterate past frames in any objects (i.e. when they've not
    been given any special pointer by the object).  When the specified ABI
    is used there will be no benefit from having these executable
    permissions and only extra security risk.

Diff:
---
 libgcc/crtstuff.c | 40 ++++++++++++++++++++++++++++++++++------
 1 file changed, 34 insertions(+), 6 deletions(-)

diff --git a/libgcc/crtstuff.c b/libgcc/crtstuff.c
index 3f769a1c660..225af9db8a0 100644
--- a/libgcc/crtstuff.c
+++ b/libgcc/crtstuff.c
@@ -263,6 +263,34 @@ STATIC func_ptr __DTOR_LIST__[1]
 STATIC EH_FRAME_SECTION_CONST char __EH_FRAME_BEGIN__[]
      __attribute__((section(__LIBGCC_EH_FRAME_SECTION_NAME__), aligned(4)))
      = { };
+# ifdef __CHERI_PURE_CAPABILITY__ && defined (__aarch64__)
+/* MORELLO  __EH_FRAME_BEGIN__ marks the start of the .eh_frame section.
+   The __register_frame_info* functions below pass this to the unwinder so that
+   it knows where to access the dwarf unwinding information from.
+   This is the only capability the unwinder has to take provenance from, which
+   means that the unwinder needs it to span everything that the dwarf exception
+   unwinding information can need.  In order to do this we use PCC bounds.
+   N.b. this is pretty useful in development since PCC gives us executable
+   permissions, which means we can use the landing-pad offset info rather than
+   having to implement both at the same time.  */
+static inline void *
+get_eh_frame_begin (void)
+{
+  void *ret;
+  asm ("adrp  %0, __EH_FRAME_BEGIN__\n\t"
+       "add %0, %0, :lo12:__EH_FRAME_BEGIN__"
+       : "=r" (ret) : );
+  return ret;
+}
+# elif defined (__CHERI_PURE_CAPABILITY__)
+# error libgcc crtstuff not updated for non-Morello capability target.
+# else
+static inline void *
+get_eh_frame_begin (void)
+{
+  return __EH_FRAME_BEGIN__;
+}
+# endif /* __CHERI_PURE_CAPABILITY__ */
 #endif /* USE_EH_FRAME_REGISTRY */
 
 #if USE_TM_CLONE_REGISTRY
@@ -427,10 +455,10 @@ __do_global_dtors_aux (void)
   /* If we used the new __register_frame_info_bases interface,
      make sure that we deregister from the same place.  */
   if (__deregister_frame_info_bases)
-    __deregister_frame_info_bases (__EH_FRAME_BEGIN__);
+    __deregister_frame_info_bases (get_eh_frame_begin ());
 #else
   if (__deregister_frame_info)
-    __deregister_frame_info (__EH_FRAME_BEGIN__);
+    __deregister_frame_info (get_eh_frame_begin ());
 #endif
 #endif
 
@@ -479,10 +507,10 @@ frame_dummy (void)
   tbase = 0;
   CRT_GET_RFIB_DATA (dbase);
   if (__register_frame_info_bases)
-    __register_frame_info_bases (__EH_FRAME_BEGIN__, &object, tbase, dbase);
+    __register_frame_info_bases (get_eh_frame_begin (), &object, tbase, dbase);
 #else
   if (__register_frame_info)
-    __register_frame_info (__EH_FRAME_BEGIN__, &object);
+    __register_frame_info (get_eh_frame_begin (), &object);
 #endif /* CRT_GET_RFIB_DATA */
 #endif /* USE_EH_FRAME_REGISTRY */
 
@@ -569,7 +597,7 @@ __do_global_dtors (void)
 
 #ifdef USE_EH_FRAME_REGISTRY
   if (__deregister_frame_info)
-    __deregister_frame_info (__EH_FRAME_BEGIN__);
+    __deregister_frame_info (get_eh_frame_begin ());
 #endif
 }
 
@@ -584,7 +612,7 @@ __do_global_ctors_1(void)
 #ifdef USE_EH_FRAME_REGISTRY
   static struct object object;
   if (__register_frame_info)
-    __register_frame_info (__EH_FRAME_BEGIN__, &object);
+    __register_frame_info (get_eh_frame_begin (), &object);
 #endif
 
 #if USE_TM_CLONE_REGISTRY


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2021-12-10 16:50 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-10 16:50 [gcc(refs/vendors/ARM/heads/morello)] Use executables PCC bounds with __EH_FRAME_BEGIN__ Matthew Malcomson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).