From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by sourceware.org (Postfix) with ESMTP id 85B253858D28 for ; Fri, 1 Jul 2022 14:41:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 85B253858D28 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7A607143D; Fri, 1 Jul 2022 07:41:10 -0700 (PDT) Received: from [10.2.78.56] (unknown [10.2.78.56]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 886853F792; Fri, 1 Jul 2022 07:41:09 -0700 (PDT) Message-ID: <9beb66cc-7a8d-9f13-0489-c19177853713@foss.arm.com> Date: Fri, 1 Jul 2022 15:41:08 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1 Subject: Re: [PATCH 6/12] arm: Add pointer authentication for stack-unwinding runtime Content-Language: en-GB To: Andrea Corallo , Andrea Corallo via Gcc-patches Cc: Richard Earnshaw , nd References: From: Richard Earnshaw In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3490.8 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, KAM_SHORT, NICE_REPLY_A, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jul 2022 14:41:11 -0000 On 28/04/2022 10:44, Andrea Corallo via Gcc-patches wrote: > This patch adds authentication for when the stack is unwound when an > exception is taken. All the changes here are done to the runtime code > in libgcc's unwinder code for Arm target. All the changes are guarded > under defined (__ARM_FEATURE_PAC_DEFAULT) and activated only if the > +pacbti feature is switched on for the architecture. This means that > switching on the target feature via -march or -mcpu is sufficient and > -mbranch-protection need not be enabled. This ensures that the > unwinder is authenticated only if the PACBTI instructions are > available in the non-NOP space as it uses AUTG. Just generating > PAC/AUT instructions using -mbranch-protection will not enable > authentication on the unwinder. > > Pre-approved with the requested changes here > . > > gcc/ChangeLog: > > * ginclude/unwind-arm-common.h (_Unwind_VRS_RegClass): Introduce > new pseudo register class _UVRSC_PAC. > * libgcc/config/arm/pr-support.c (__gnu_unwind_execute): Decode > exception opcode (0xb4) for saving RA_AUTH_CODE and authenticate > with AUTG if found. > * libgcc/config/arm/unwind-arm.c (struct pseudo_regs): New. > (phase1_vrs): Introduce new field to store pseudo-reg state. > (phase2_vrs): Likewise. > (_Unwind_VRS_Get): Load pseudo register state from virtual reg set. > (_Unwind_VRS_Set): Store pseudo register state to virtual reg set. > (_Unwind_VRS_Pop): Load pseudo register value from stack into VRS. > > Co-Authored-By: Tejas Belagod > Ok. R.