From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) by sourceware.org (Postfix) with ESMTPS id DD9C73846410 for ; Thu, 25 Apr 2024 11:48:25 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org DD9C73846410 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=foss.st.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org DD9C73846410 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=185.132.182.106 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714045708; cv=none; b=oquGdE1hPV8umwAqyxFk+ILTcQvDt5Yg/gWcov0qHBOliOUl2VcGF02PSRqzOg49EOUJAfvQlstk0XbKv5LTOUYlRGgOb7Pfi1/itNgSY4n/hpJe7cz2WeciCzE1z0iLIL50cYw5vWuhg26S/1qjDT6mCDDYtQ/WTrg9KxDmpjE= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714045708; c=relaxed/simple; bh=R3HYrz5LqvEgsP5Kc8dUwnOccOUtV4bItaH7vVKEd5o=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=EIZBE1xeXY9alQYa6vvI7OmV2AUHXZTq/TiyXByuEYlCoh7bqDGa4eFVHbdMHYhDfDcu7LUsnw+PCwzZblgKVGqitglXXBLz8zqC57SuNu83xcyLqhoukx5YEzVSlSHLWdC10E7kpnix63TailoH7f3YQX5nwMunLJw98gnsBfo= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from pps.filterd (m0241204.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 43P7bErp021712; Thu, 25 Apr 2024 13:48:23 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h= message-id:date:mime-version:subject:to:references:from :in-reply-to:content-type:content-transfer-encoding; s= selector1; bh=rBm8n2uE2dm7V861O9Db7Zi4YnGyz2TZiSwxkh4yPMI=; b=sP pvnJwbqNNFHvJrtJVc/xHGuL+vfPd8lpKvcuS+TUo/mRx0UI8rkZ9oTJtsJt7/r2 WjV8AoZkBLrdSYAmzqSjjYbaKJOXWQ+J4oWhAb5PZYhVg4iP/nCelkL6D64WaY4J 6dUqOWbVjxJ1hA0voWl1Dfz+qiT2Jjshk40pyR2FCdJfZYyfBiMnZokb5/pbxc/o IjqRGhXAEmUDQUEk3SsVzFQXYpiYfBYyLodhpegvHazYFcfOwbBoiHpvTqQMZdoV VHKUDp+y3sKeveOpTuaszQvk5ttY2N97WZdodDnV6trJDa+zn5bKeWwxUxYLROer D4zoKa+fKygVfyYuco5w== Received: from beta.dmz-ap.st.com (beta.dmz-ap.st.com [138.198.100.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3xm51wds30-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 25 Apr 2024 13:48:23 +0200 (MEST) Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-ap.st.com (STMicroelectronics) with ESMTP id 2845240046; Thu, 25 Apr 2024 13:47:53 +0200 (CEST) Received: from Webmail-eu.st.com (shfdag1node3.st.com [10.75.129.71]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 9F99C21452E; Thu, 25 Apr 2024 13:47:27 +0200 (CEST) Received: from [10.252.16.170] (10.252.16.170) by SHFDAG1NODE3.st.com (10.75.129.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 25 Apr 2024 13:47:26 +0200 Message-ID: Date: Thu, 25 Apr 2024 13:47:25 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] arm: Zero/Sign extends for CMSE security Content-Language: en-US To: Richard Ball , "gcc-patches@gcc.gnu.org" , Richard Earnshaw , Richard Sandiford , Marcus Shawcroft , Kyrylo Tkachov References: <33b2e8aa-9aa6-48e3-acef-0bab99676595@arm.com> From: Torbjorn SVENSSON In-Reply-To: <33b2e8aa-9aa6-48e3-acef-0bab99676595@arm.com> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.252.16.170] X-ClientProxiedBy: SHFCAS1NODE1.st.com (10.75.129.72) To SHFDAG1NODE3.st.com (10.75.129.71) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1011,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-04-25_11,2024-04-25_01,2023-05-22_02 X-Spam-Status: No, score=-5.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,KAM_MANYTO,KAM_SHORT,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Hi, On 2024-04-24 17:55, Richard Ball wrote: > This patch makes the following changes: > > 1) When calling a secure function from non-secure code then any arguments > smaller than 32-bits that are passed in registers are zero- or sign-extended. > 2) After a non-secure function returns into secure code then any return value > smaller than 32-bits that is passed in a register is zero- or sign-extended. > > This patch addresses the following CVE-2024-0151. > > gcc/ChangeLog: > PR target/114837 > * config/arm/arm.cc (cmse_nonsecure_call_inline_register_clear): > Add zero/sign extend. > (arm_expand_prologue): Add zero/sign extend. > > gcc/testsuite/ChangeLog: > > * gcc.target/arm/cmse/extend-param.c: New test. > * gcc.target/arm/cmse/extend-return.c: New test. I think it would make sense that there is at least one test case that takes 2 or more arguments to ensure that not only the first argument is extended. WDYT? Kind regards, Torbjörn