From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1944) id CA5283861024; Wed, 8 Jul 2020 14:03:39 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CA5283861024 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Szabolcs Nagy To: glibc-cvs@sourceware.org Subject: [glibc] aarch64: Add BTI support to assembly files X-Act-Checkin: glibc X-Git-Author: Sudakshina Das X-Git-Refname: refs/heads/master X-Git-Oldrev: 2a4c2dde4918c2c4e443e8328eab97db2c26e327 X-Git-Newrev: 91181954f94917b1e1ae591c60cbadf0321d35af Message-Id: <20200708140339.CA5283861024@sourceware.org> Date: Wed, 8 Jul 2020 14:03:39 +0000 (GMT) X-BeenThere: glibc-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jul 2020 14:03:39 -0000 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=91181954f94917b1e1ae591c60cbadf0321d35af commit 91181954f94917b1e1ae591c60cbadf0321d35af Author: Sudakshina Das Date: Tue Mar 17 15:44:18 2020 +0000 aarch64: Add BTI support to assembly files To enable building glibc with branch protection, assembly code needs BTI landing pads and ELF object file markings in the form of a GNU property note. The landing pads are unconditionally added to all functions that may be indirectly called. When the code segment is not mapped with PROT_BTI these instructions are nops. They are kept in the code when BTI is not supported so that the layout of performance critical code is unchanged across configurations. The GNU property notes are only added when there is support for BTI in the toolchain, because old binutils does not handle the notes right. (Does not know how to merge them nor to put them in PT_GNU_PROPERTY segment instead of PT_NOTE, and some versions of binutils emit warnings about the unknown GNU property. In such cases the produced libc binaries would not have valid ELF marking so BTI would not be enabled.) Note: functions using ENTRY or ENTRY_ALIGN now start with an additional BTI c, so alignment of the following code changes, but ENTRY_ALIGN_AND_PAD was fixed so there is no change to the existing code layout. Some string functions may need to be tuned for optimal performance after this commit. Co-authored-by: Szabolcs Nagy Reviewed-by: Adhemerval Zanella Diff: --- sysdeps/aarch64/crti.S | 2 ++ sysdeps/aarch64/crtn.S | 2 ++ sysdeps/aarch64/dl-tlsdesc.S | 3 +++ sysdeps/aarch64/dl-trampoline.S | 2 ++ sysdeps/aarch64/multiarch/memset_emag.S | 2 ++ sysdeps/aarch64/multiarch/memset_falkor.S | 1 + sysdeps/aarch64/multiarch/memset_generic.S | 2 ++ sysdeps/aarch64/multiarch/rtld-memset.S | 2 ++ sysdeps/aarch64/start.S | 1 + sysdeps/aarch64/sysdep.h | 34 +++++++++++++++++++++++++++++- 10 files changed, 50 insertions(+), 1 deletion(-) diff --git a/sysdeps/aarch64/crti.S b/sysdeps/aarch64/crti.S index 1728eac37a..c346bcad72 100644 --- a/sysdeps/aarch64/crti.S +++ b/sysdeps/aarch64/crti.S @@ -75,6 +75,7 @@ call_weak_fn: .hidden _init .type _init, %function _init: + BTI_C stp x29, x30, [sp, -16]! mov x29, sp #if PREINIT_FUNCTION_WEAK @@ -89,5 +90,6 @@ _init: .hidden _fini .type _fini, %function _fini: + BTI_C stp x29, x30, [sp, -16]! mov x29, sp diff --git a/sysdeps/aarch64/crtn.S b/sysdeps/aarch64/crtn.S index c3e97cc449..0c1ef112c2 100644 --- a/sysdeps/aarch64/crtn.S +++ b/sysdeps/aarch64/crtn.S @@ -37,6 +37,8 @@ /* crtn.S puts function epilogues in the .init and .fini sections corresponding to the prologues in crti.S. */ +#include + .section .init,"ax",%progbits ldp x29, x30, [sp], 16 RET diff --git a/sysdeps/aarch64/dl-tlsdesc.S b/sysdeps/aarch64/dl-tlsdesc.S index 557ad1d505..9d96c8632a 100644 --- a/sysdeps/aarch64/dl-tlsdesc.S +++ b/sysdeps/aarch64/dl-tlsdesc.S @@ -74,6 +74,7 @@ cfi_startproc .align 2 _dl_tlsdesc_return: + BTI_C DELOUSE (0) ldr PTR_REG (0), [x0, #PTR_SIZE] RET @@ -95,6 +96,7 @@ _dl_tlsdesc_return: cfi_startproc .align 2 _dl_tlsdesc_undefweak: + BTI_C str x1, [sp, #-16]! cfi_adjust_cfa_offset (16) DELOUSE (0) @@ -142,6 +144,7 @@ _dl_tlsdesc_undefweak: cfi_startproc .align 2 _dl_tlsdesc_dynamic: + BTI_C DELOUSE (0) /* Save just enough registers to support fast path, if we fall diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S index 94e965c096..2cbfa81434 100644 --- a/sysdeps/aarch64/dl-trampoline.S +++ b/sysdeps/aarch64/dl-trampoline.S @@ -35,6 +35,7 @@ cfi_startproc .align 2 _dl_runtime_resolve: + BTI_C /* AArch64 we get called with: ip0 &PLTGOT[2] ip1 temp(dl resolver entry point) @@ -126,6 +127,7 @@ _dl_runtime_resolve: cfi_startproc .align 2 _dl_runtime_profile: + BTI_C /* AArch64 we get called with: ip0 &PLTGOT[2] ip1 temp(dl resolver entry point) diff --git a/sysdeps/aarch64/multiarch/memset_emag.S b/sysdeps/aarch64/multiarch/memset_emag.S index c4d3533c14..3c2e9d2903 100644 --- a/sysdeps/aarch64/multiarch/memset_emag.S +++ b/sysdeps/aarch64/multiarch/memset_emag.S @@ -17,6 +17,8 @@ License along with the GNU C Library. If not, see . */ +#include + #if IS_IN (libc) # define MEMSET __memset_emag diff --git a/sysdeps/aarch64/multiarch/memset_falkor.S b/sysdeps/aarch64/multiarch/memset_falkor.S index 54fd5abffb..154527398f 100644 --- a/sysdeps/aarch64/multiarch/memset_falkor.S +++ b/sysdeps/aarch64/multiarch/memset_falkor.S @@ -17,6 +17,7 @@ License along with the GNU C Library. If not, see . */ +#include #include /* Reading dczid_el0 is expensive on falkor so move it into the ifunc diff --git a/sysdeps/aarch64/multiarch/memset_generic.S b/sysdeps/aarch64/multiarch/memset_generic.S index 46c5329cdf..d746d1d00c 100644 --- a/sysdeps/aarch64/multiarch/memset_generic.S +++ b/sysdeps/aarch64/multiarch/memset_generic.S @@ -17,6 +17,8 @@ License along with the GNU C Library. If not, see . */ +#include + #if IS_IN (libc) # define MEMSET __memset_generic /* Add a hidden definition for use within libc.so. */ diff --git a/sysdeps/aarch64/multiarch/rtld-memset.S b/sysdeps/aarch64/multiarch/rtld-memset.S index 44bc479411..f9845bdd62 100644 --- a/sysdeps/aarch64/multiarch/rtld-memset.S +++ b/sysdeps/aarch64/multiarch/rtld-memset.S @@ -17,6 +17,8 @@ License along with the GNU C Library. If not, see . */ +#include + #if IS_IN (rtld) # define MEMSET memset # include diff --git a/sysdeps/aarch64/start.S b/sysdeps/aarch64/start.S index d96cf57e2d..75393e1c18 100644 --- a/sysdeps/aarch64/start.S +++ b/sysdeps/aarch64/start.S @@ -46,6 +46,7 @@ .globl _start .type _start,#function _start: + BTI_C /* Create an initial frame with 0 LR and FP */ mov x29, #0 mov x30, #0 diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h index 604c489170..0eeb0bb2f1 100644 --- a/sysdeps/aarch64/sysdep.h +++ b/sysdeps/aarch64/sysdep.h @@ -41,6 +41,35 @@ #define ASM_SIZE_DIRECTIVE(name) .size name,.-name +/* Branch Target Identitication support. */ +#define BTI_C hint 34 +#define BTI_J hint 36 + +/* GNU_PROPERTY_AARCH64_* macros from elf.h for use in asm code. */ +#define FEATURE_1_AND 0xc0000000 +#define FEATURE_1_BTI 1 +#define FEATURE_1_PAC 2 + +/* Add a NT_GNU_PROPERTY_TYPE_0 note. */ +#define GNU_PROPERTY(type, value) \ + .section .note.gnu.property, "a"; \ + .p2align 3; \ + .word 4; \ + .word 16; \ + .word 5; \ + .asciz "GNU"; \ + .word type; \ + .word 4; \ + .word value; \ + .word 0; \ + .text + +/* Add GNU property note with the supported features to all asm code + where sysdep.h is included. */ +#if HAVE_AARCH64_BTI +GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI) +#endif + /* Define an entry point visible from C. */ #define ENTRY(name) \ .globl C_SYMBOL_NAME(name); \ @@ -48,6 +77,7 @@ .align 4; \ C_LABEL(name) \ cfi_startproc; \ + BTI_C; \ CALL_MCOUNT /* Define an entry point visible from C. */ @@ -57,6 +87,7 @@ .p2align align; \ C_LABEL(name) \ cfi_startproc; \ + BTI_C; \ CALL_MCOUNT /* Define an entry point visible from C with a specified alignment and @@ -68,11 +99,12 @@ .globl C_SYMBOL_NAME(name); \ .type C_SYMBOL_NAME(name),%function; \ .p2align align; \ - .rep padding; \ + .rep padding - 1; /* -1 for bti c. */ \ nop; \ .endr; \ C_LABEL(name) \ cfi_startproc; \ + BTI_C; \ CALL_MCOUNT #undef END