Re: [PATCH 10/12] aarch64: Add pac-ret support to asm files

public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed

From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>, libc-alpha@sourceware.org
Cc: Sudakshina Das <Sudi.Das@arm.com>
Subject: Re: [PATCH 10/12] aarch64: Add pac-ret support to asm files
Date: Fri, 8 May 2020 13:59:27 -0300	[thread overview]
Message-ID: <d148154a-28ef-9a52-092b-f6b7a06d5b16@linaro.org> (raw)
In-Reply-To: <20200430174446.GF29015@arm.com>



On 30/04/2020 14:44, Szabolcs Nagy wrote:
> From de8968ed58686c26391de8343184a1283bb5e305 Mon Sep 17 00:00:00 2001
> From: Szabolcs Nagy <szabolcs.nagy@arm.com>
> Date: Wed, 29 Apr 2020 11:49:20 +0100
> Subject: [PATCH 10/12] aarch64: Add pac-ret support to asm files
> 
> This patch unconditionally enables pac-ret in asm files.
> 
> TODO: This will need configure checks, cannot be done
> unconditionally because we cannot guarantee pac-ret
> compatibility (e.g. libgcc unwinder had no support for
> it before gcc-7 and newer libgcc had bugs that could
> cause unwind crash when pac-ret and non-pac-ret stack
> frames are mixed)

Which gcc version does it work correctly? Would it be a check against
a specific gcc version or could it be a configure to see if libgcc
provides the expected fixes? 

The gcc-7 branch is now closed, so maybe we could assume gcc-8 and 
have the required fixes backported?

In any case I think we should add a configure check based on compiler
-mbranch-protection= options used to enable/disable ENABLE_PAC_RET.


> ---
>  sysdeps/aarch64/crti.S          |  8 ++++++++
>  sysdeps/aarch64/crtn.S          |  6 ++++++
>  sysdeps/aarch64/dl-tlsdesc.S    |  8 ++++++++
>  sysdeps/aarch64/dl-trampoline.S | 15 ++++++++++++++-
>  sysdeps/aarch64/sysdep.h        | 18 +++++++++++++++++-
>  5 files changed, 53 insertions(+), 2 deletions(-)
> 
> diff --git a/sysdeps/aarch64/crti.S b/sysdeps/aarch64/crti.S
> index 89a9e25f5b..36f58c9a01 100644
> --- a/sysdeps/aarch64/crti.S
> +++ b/sysdeps/aarch64/crti.S
> @@ -75,7 +75,11 @@ call_weak_fn:
>  	.hidden	_init
>  	.type	_init, %function
>  _init:
> +#if ENABLE_PAC_RET
> +	PACIASP
> +#else
>  	BTI_C
> +#endif
>  	stp	x29, x30, [sp, -16]!
>  	mov	x29, sp
>  #if PREINIT_FUNCTION_WEAK
> @@ -90,7 +94,11 @@ _init:
>  	.hidden	_fini
>  	.type	_fini, %function
>  _fini:
> +#if ENABLE_PAC_RET
> +	PACIASP
> +#else
>  	BTI_C
> +#endif
>  	stp	x29, x30, [sp, -16]!
>  	mov	x29, sp
>  
> diff --git a/sysdeps/aarch64/crtn.S b/sysdeps/aarch64/crtn.S
> index 94a6f970ef..e1cb74a572 100644
> --- a/sysdeps/aarch64/crtn.S
> +++ b/sysdeps/aarch64/crtn.S
> @@ -41,10 +41,16 @@
>  
>  	.section .init,"ax",%progbits
>  	ldp	x29, x30, [sp], 16
> +#if ENABLE_PAC_RET
> +	AUTIASP
> +#endif
>  	RET
>  
>  	.section .fini,"ax",%progbits
>  	ldp	x29, x30, [sp], 16
> +#if ENABLE_PAC_RET
> +	AUTIASP
> +#endif
>  	RET
>  
>  END_FILE
> diff --git a/sysdeps/aarch64/dl-tlsdesc.S b/sysdeps/aarch64/dl-tlsdesc.S
> index d55e0443aa..25628d942f 100644
> --- a/sysdeps/aarch64/dl-tlsdesc.S
> +++ b/sysdeps/aarch64/dl-tlsdesc.S
> @@ -183,6 +183,10 @@ _dl_tlsdesc_dynamic:
>  	   callee will trash.  */
>  
>  	/* Save the remaining registers that we must treat as caller save.  */
> +# if ENABLE_PAC_RET
> +	PACIASP
> +	cfi_window_save
> +# endif
>  # define NSAVEXREGPAIRS 8
>  	stp	x29, x30, [sp,#-16*NSAVEXREGPAIRS]!
>  	cfi_adjust_cfa_offset (16*NSAVEXREGPAIRS)
> @@ -233,6 +237,10 @@ _dl_tlsdesc_dynamic:
>  	cfi_adjust_cfa_offset (-16*NSAVEXREGPAIRS)
>  	cfi_restore (x29)
>  	cfi_restore (x30)
> +#if ENABLE_PAC_RET
> +	AUTIASP
> +	cfi_window_save
> +#endif
>  	b	1b
>  	cfi_endproc
>  	.size	_dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic
> diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S
> index fba5689d09..c0c4c23128 100644
> --- a/sysdeps/aarch64/dl-trampoline.S
> +++ b/sysdeps/aarch64/dl-trampoline.S
> @@ -127,7 +127,12 @@ _dl_runtime_resolve:
>  	cfi_startproc
>  	.align 2
>  _dl_runtime_profile:
> +# if ENABLE_PAC_RET
> +	PACIASP
> +	cfi_window_save
> +# else
>  	BTI_C
> +# endif
>  	/* AArch64 we get called with:
>  	   ip0		&PLTGOT[2]
>  	   ip1		temp(dl resolver entry point)
> @@ -291,9 +296,17 @@ _dl_runtime_profile:
>  	cfi_def_cfa_register (sp)
>  	ldr	x29, [x29, #0]
>  	cfi_restore(x29)
> +# if ENABLE_PAC_RET
> +	add	sp, sp, SF_SIZE
> +	cfi_adjust_cfa_offset (-SF_SIZE)
> +	AUTIASP
> +	cfi_window_save
> +	add	sp, sp, 16
> +	cfi_adjust_cfa_offset (-16)
> +# else
>  	add	sp, sp, SF_SIZE + 16
>  	cfi_adjust_cfa_offset (- SF_SIZE - 16)
> -
> +# endif
>  	br	lr
>  
>  	cfi_endproc
> diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h
> index 07dc7858a5..63a04a70cd 100644
> --- a/sysdeps/aarch64/sysdep.h
> +++ b/sysdeps/aarch64/sysdep.h
> @@ -45,6 +45,18 @@
>  #define BTI_C		hint	34
>  #define BTI_J		hint	36
>  
> +/* Return address signing support (pac-ret).  */
> +#define ENABLE_PAC_RET 1
> +#if ENABLE_PAC_RET
> +# define PACIASP	hint	25
> +# define AUTIASP	hint	29
> +# define PACIASP_AND_BTI_C	PACIASP
> +#else
> +# define PACIASP
> +# define AUTIASP
> +# define PACIASP_AND_BTI_C	BTI_C
> +#endif
> +

The PACIASP/AUTIASP are already protected by ENABLE_PAC_RET, why do you need
to redefine it for !ENABLE_PAC_RET?

Also, the macro PACIASP_AND_BTI_C is not used in this specific, should it
be defined where it is actually used?

>  #define FEATURE_1_BTI 1
>  #define FEATURE_1_PAC 2
>  
> @@ -61,7 +73,11 @@
>    .word features;			\
>    .word 0;
>  
> -#define END_FILE GNU_PROPERTY(FEATURE_1_BTI)
> +#if ENABLE_PAC_RET
> +# define END_FILE GNU_PROPERTY(FEATURE_1_BTI|FEATURE_1_PAC)
> +#else
> +# define END_FILE GNU_PROPERTY(FEATURE_1_BTI)
> +#endif
>  
>  /* Define an entry point visible from C.  */
>  #define ENTRY(name)						\
> -- 
> 2.17.1

next prev parent reply	other threads:[~2020-05-08 16:59 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-30 17:34 [PATCH 00/12] aarch64: branch protection support Szabolcs Nagy
2020-04-30 17:37 ` [PATCH 01/12] elf.h: Add PT_GNU_PROPERTY Szabolcs Nagy
2020-05-07 14:49   ` Adhemerval Zanella
2020-04-30 17:37 ` [PATCH 02/12] elf.h: add aarch64 property definitions Szabolcs Nagy
2020-05-07 14:50   ` Adhemerval Zanella
2020-04-30 17:39 ` [PATCH 03/12] aarch64: Add BTI landing pads to assembly code Szabolcs Nagy
2020-05-07 16:55   ` Adhemerval Zanella
2020-05-11 11:38     ` Szabolcs Nagy
2020-05-11 19:13       ` Adhemerval Zanella
2020-04-30 17:40 ` [PATCH 04/12] aarch64: Rename place holder .S files to .c Szabolcs Nagy
2020-05-07 18:29   ` Adhemerval Zanella
2020-04-30 17:41 ` [PATCH 05/12] aarch64: fix swapcontext for BTI Szabolcs Nagy
2020-05-07 18:42   ` Adhemerval Zanella
2020-04-30 17:42 ` [PATCH 06/12] aarch64: fix RTLD_START " Szabolcs Nagy
2020-05-07 18:49   ` Adhemerval Zanella
2020-05-07 19:24     ` Szabolcs Nagy
2020-05-07 19:55       ` Adhemerval Zanella
2020-05-07 20:14         ` Szabolcs Nagy
2020-05-07 20:20           ` Adhemerval Zanella
2020-04-30 17:42 ` [PATCH 07/12] aarch64: fix syscalls " Szabolcs Nagy
2020-05-07 19:40   ` Adhemerval Zanella
2020-05-11 11:46     ` Szabolcs Nagy
2020-04-30 17:43 ` [PATCH 08/12] Rewrite abi-note.S in C Szabolcs Nagy
2020-04-30 20:07   ` Zack Weinberg
2020-05-01  9:23     ` Szabolcs Nagy
2020-05-01 14:07       ` Zack Weinberg
2020-04-30 17:44 ` [PATCH 09/12] aarch64: support BTI enabled binaries Szabolcs Nagy
2020-05-07 21:07   ` Adhemerval Zanella
2020-05-11 11:04     ` Szabolcs Nagy
2020-05-11 18:38       ` Adhemerval Zanella
2020-04-30 17:44 ` [PATCH 10/12] aarch64: Add pac-ret support to asm files Szabolcs Nagy
2020-05-08 16:59   ` Adhemerval Zanella [this message]
2020-05-11  8:27     ` Szabolcs Nagy
2020-05-11 18:39       ` Adhemerval Zanella
2020-04-30 17:45 ` [PATCH 11/12] aarch64: redefine RETURN_ADDRESS to strip PAC Szabolcs Nagy
2020-05-08 17:44   ` Adhemerval Zanella
2020-05-11 12:38     ` Szabolcs Nagy
2020-05-11 19:15       ` Adhemerval Zanella
2020-05-11 19:21         ` Florian Weimer
2020-05-11 20:13           ` Adhemerval Zanella
2020-05-11 20:18             ` Florian Weimer
2020-05-11 19:22   ` Florian Weimer
2020-05-11 20:45     ` Adhemerval Zanella
2020-05-12  8:42     ` Szabolcs Nagy
2020-04-30 17:45 ` [PATCH 12/12] aarch64: Configure option to build glibc with branch protection Szabolcs Nagy
2020-04-30 19:02   ` Joseph Myers
2020-05-08 17:53   ` Adhemerval Zanella
2020-05-04 11:27 ` [PATCH 00/12] aarch64: branch protection support Szabolcs Nagy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d148154a-28ef-9a52-092b-f6b7a06d5b16@linaro.org \
    --to=adhemerval.zanella@linaro.org \
    --cc=Sudi.Das@arm.com \
    --cc=libc-alpha@sourceware.org \
    --cc=szabolcs.nagy@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).