From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1944) id 8918638618B2; Wed, 8 Jul 2020 14:04:10 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8918638618B2 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Szabolcs Nagy To: glibc-cvs@sourceware.org Subject: [glibc] aarch64: Add pac-ret support to assembly files X-Act-Checkin: glibc X-Git-Author: Szabolcs Nagy X-Git-Refname: refs/heads/master X-Git-Oldrev: 9e1751e6d693b73b95db2f6d8438dd80f1aeffe0 X-Git-Newrev: 1be3d6eb823d8b952fa54b7bbc90cbecb8981380 Message-Id: <20200708140410.8918638618B2@sourceware.org> Date: Wed, 8 Jul 2020 14:04:10 +0000 (GMT) X-BeenThere: glibc-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jul 2020 14:04:10 -0000 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1be3d6eb823d8b952fa54b7bbc90cbecb8981380 commit 1be3d6eb823d8b952fa54b7bbc90cbecb8981380 Author: Szabolcs Nagy Date: Wed Apr 29 11:49:20 2020 +0100 aarch64: Add pac-ret support to assembly files Use return address signing in assembly files for functions that save LR when pac-ret is enabled in the compiler. The GNU property note for PAC-RET is not meaningful to the dynamic linker so it is not strictly required, but it may be used to track the security property of binaries. (The PAC-RET property is only set if BTI is set too because BTI implies working GNU property support.) Reviewed-by: Adhemerval Zanella Diff: --- sysdeps/aarch64/crti.S | 8 ++++++++ sysdeps/aarch64/crtn.S | 6 ++++++ sysdeps/aarch64/dl-tlsdesc.S | 8 ++++++++ sysdeps/aarch64/dl-trampoline.S | 18 ++++++++++++++++++ sysdeps/aarch64/sysdep.h | 8 +++++++- 5 files changed, 47 insertions(+), 1 deletion(-) diff --git a/sysdeps/aarch64/crti.S b/sysdeps/aarch64/crti.S index c346bcad72..c486e9ca44 100644 --- a/sysdeps/aarch64/crti.S +++ b/sysdeps/aarch64/crti.S @@ -75,7 +75,11 @@ call_weak_fn: .hidden _init .type _init, %function _init: +#if HAVE_AARCH64_PAC_RET + PACIASP +#else BTI_C +#endif stp x29, x30, [sp, -16]! mov x29, sp #if PREINIT_FUNCTION_WEAK @@ -90,6 +94,10 @@ _init: .hidden _fini .type _fini, %function _fini: +#if HAVE_AARCH64_PAC_RET + PACIASP +#else BTI_C +#endif stp x29, x30, [sp, -16]! mov x29, sp diff --git a/sysdeps/aarch64/crtn.S b/sysdeps/aarch64/crtn.S index 0c1ef112c2..d21c21c203 100644 --- a/sysdeps/aarch64/crtn.S +++ b/sysdeps/aarch64/crtn.S @@ -41,8 +41,14 @@ .section .init,"ax",%progbits ldp x29, x30, [sp], 16 +#if HAVE_AARCH64_PAC_RET + AUTIASP +#endif RET .section .fini,"ax",%progbits ldp x29, x30, [sp], 16 +#if HAVE_AARCH64_PAC_RET + AUTIASP +#endif RET diff --git a/sysdeps/aarch64/dl-tlsdesc.S b/sysdeps/aarch64/dl-tlsdesc.S index 9d96c8632a..db8a064322 100644 --- a/sysdeps/aarch64/dl-tlsdesc.S +++ b/sysdeps/aarch64/dl-tlsdesc.S @@ -183,6 +183,10 @@ _dl_tlsdesc_dynamic: callee will trash. */ /* Save the remaining registers that we must treat as caller save. */ +# if HAVE_AARCH64_PAC_RET + PACIASP + cfi_window_save +# endif # define NSAVEXREGPAIRS 8 stp x29, x30, [sp,#-16*NSAVEXREGPAIRS]! cfi_adjust_cfa_offset (16*NSAVEXREGPAIRS) @@ -233,6 +237,10 @@ _dl_tlsdesc_dynamic: cfi_adjust_cfa_offset (-16*NSAVEXREGPAIRS) cfi_restore (x29) cfi_restore (x30) +# if HAVE_AARCH64_PAC_RET + AUTIASP + cfi_window_save +# endif b 1b cfi_endproc .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S index 2cbfa81434..794876fffa 100644 --- a/sysdeps/aarch64/dl-trampoline.S +++ b/sysdeps/aarch64/dl-trampoline.S @@ -127,7 +127,12 @@ _dl_runtime_resolve: cfi_startproc .align 2 _dl_runtime_profile: +# if HAVE_AARCH64_PAC_RET + PACIASP + cfi_window_save +# else BTI_C +# endif /* AArch64 we get called with: ip0 &PLTGOT[2] ip1 temp(dl resolver entry point) @@ -239,8 +244,17 @@ _dl_runtime_profile: cfi_restore(x29) cfi_restore(x30) +# if HAVE_AARCH64_PAC_RET + add sp, sp, SF_SIZE + cfi_adjust_cfa_offset (-SF_SIZE) + AUTIASP + cfi_window_save + add sp, sp, 16 + cfi_adjust_cfa_offset (-16) +# else add sp, sp, SF_SIZE + 16 cfi_adjust_cfa_offset (- SF_SIZE - 16) +# endif /* Jump to the newly found address. */ br ip0 @@ -287,6 +301,10 @@ _dl_runtime_profile: /* LR from within La_aarch64_reg */ ldr lr, [x29, #OFFSET_RG + DL_OFFSET_RG_LR] cfi_restore(lr) +# if HAVE_AARCH64_PAC_RET + /* Note: LR restored from La_aarch64_reg has no PAC. */ + cfi_window_save +# endif mov sp, x29 cfi_def_cfa_register (sp) ldr x29, [x29, #0] diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h index 0eeb0bb2f1..cd88023163 100644 --- a/sysdeps/aarch64/sysdep.h +++ b/sysdeps/aarch64/sysdep.h @@ -45,6 +45,10 @@ #define BTI_C hint 34 #define BTI_J hint 36 +/* Return address signing support (pac-ret). */ +#define PACIASP hint 25 +#define AUTIASP hint 29 + /* GNU_PROPERTY_AARCH64_* macros from elf.h for use in asm code. */ #define FEATURE_1_AND 0xc0000000 #define FEATURE_1_BTI 1 @@ -66,7 +70,9 @@ /* Add GNU property note with the supported features to all asm code where sysdep.h is included. */ -#if HAVE_AARCH64_BTI +#if HAVE_AARCH64_BTI && HAVE_AARCH64_PAC_RET +GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI|FEATURE_1_PAC) +#elif HAVE_AARCH64_BTI GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI) #endif