From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-Status: No, score=-4.1 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id C214C1F55B for ; Tue, 26 May 2020 11:26:18 +0000 (UTC) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id BA1073851C0C; Tue, 26 May 2020 11:26:17 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BA1073851C0C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1590492377; bh=FkzXC9DrnceQ5Xgq0RO6/x2n+wQfvt3kgTbDSbbpkEA=; h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=F5O0HWrfCaPNqge7IdbDsRSBXAwWCVsHfHBisd8rOTfA1UBgQd4wup2AHVXbU9VUw 2ZaXDUtwTXyI6gg+bHctyuHf04GgnfqXq/Bb56qVXAdfm98+SktrUgglI9CHn2b7xK wxKLomuEhDScVX8WNeeZm2mCW8OsY5v+SGdRe1lE= Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) by sourceware.org (Postfix) with ESMTPS id 38703385C426 for ; Tue, 26 May 2020 11:26:15 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 38703385C426 Received: by mail-qt1-x844.google.com with SMTP id z1so3672305qtn.2 for ; Tue, 26 May 2020 04:26:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:autocrypt:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=FkzXC9DrnceQ5Xgq0RO6/x2n+wQfvt3kgTbDSbbpkEA=; b=poKoUho+7psL6poUjbuMlTuxa0hF8ROjHV9nMelNyBfn0Kka7Hr130f5CFdESiXxuT HtXI39IG8UoZXlcTeuK/KpgfgMCmdCXgQC5d3GLvO6iF7Rt1oWZy2cxn65pFD37ohbXP ei6Oei2R/QtTAKOGo6wG0t+uaFTYvL/swa70wY299PLCHo5JG+HaX1xjsUl3Wyey9bF6 3f08tLErePWM5EgJos6YtHv7cHilTppS2hOaMRbRkJ5Iw1tkRlLKbTwYgGRj7SxkPzFv VvD6kxsS9yCPNogqmMRPF7iV5lASIvQ2wMv96enjpADSMLsZBckUTOdG8w9jE7Cjm91r BTXg== X-Gm-Message-State: AOAM5334L7RIQa0G4Dct31fLeA50RgbjSAtzriPy/4+1M/Rv9dME99++ oLmwiqpq5GL9ViRvnp039qonB7weQUk= X-Google-Smtp-Source: ABdhPJwncSbb8BlVPBO1UfMUNMGDM/yRxTnCZL2i13cd04gLo62pNK5VW+dGQGeWphWocftn1w+S8g== X-Received: by 2002:ac8:670b:: with SMTP id e11mr716149qtp.365.1590492373797; Tue, 26 May 2020 04:26:13 -0700 (PDT) Received: from [192.168.1.4] ([177.194.48.209]) by smtp.googlemail.com with ESMTPSA id k43sm18826685qtk.67.2020.05.26.04.26.12 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 26 May 2020 04:26:13 -0700 (PDT) Subject: Re: [PATCH v3 11/13] aarch64: Add pac-ret support to assembly files To: libc-alpha@sourceware.org References: <55c2f030bcb0c66c855e823b60bbd624d7d5bff9.1589552055.git.szabolcs.nagy@arm.com> Autocrypt: addr=adhemerval.zanella@linaro.org; prefer-encrypt=mutual; keydata= mQINBFcVGkoBEADiQU2x/cBBmAVf5C2d1xgz6zCnlCefbqaflUBw4hB/bEME40QsrVzWZ5Nq 8kxkEczZzAOKkkvv4pRVLlLn/zDtFXhlcvQRJ3yFMGqzBjofucOrmdYkOGo0uCaoJKPT186L NWp53SACXguFJpnw4ODI64ziInzXQs/rUJqrFoVIlrPDmNv/LUv1OVPKz20ETjgfpg8MNwG6 iMizMefCl+RbtXbIEZ3TE/IaDT/jcOirjv96lBKrc/pAL0h/O71Kwbbp43fimW80GhjiaN2y WGByepnkAVP7FyNarhdDpJhoDmUk9yfwNuIuESaCQtfd3vgKKuo6grcKZ8bHy7IXX1XJj2X/ BgRVhVgMHAnDPFIkXtP+SiarkUaLjGzCz7XkUn4XAGDskBNfbizFqYUQCaL2FdbW3DeZqNIa nSzKAZK7Dm9+0VVSRZXP89w71Y7JUV56xL/PlOE+YKKFdEw+gQjQi0e+DZILAtFjJLoCrkEX w4LluMhYX/X8XP6/C3xW0yOZhvHYyn72sV4yJ1uyc/qz3OY32CRy+bwPzAMAkhdwcORA3JPb kPTlimhQqVgvca8m+MQ/JFZ6D+K7QPyvEv7bQ7M+IzFmTkOCwCJ3xqOD6GjX3aphk8Sr0dq3 4Awlf5xFDAG8dn8Uuutb7naGBd/fEv6t8dfkNyzj6yvc4jpVxwARAQABtElBZGhlbWVydmFs IFphbmVsbGEgTmV0dG8gKExpbmFybyBWUE4gS2V5KSA8YWRoZW1lcnZhbC56YW5lbGxhQGxp bmFyby5vcmc+iQI3BBMBCAAhBQJXFRpKAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ EKqx7BSnlIjv0e8P/1YOYoNkvJ+AJcNUaM5a2SA9oAKjSJ/M/EN4Id5Ow41ZJS4lUA0apSXW NjQg3VeVc2RiHab2LIB4MxdJhaWTuzfLkYnBeoy4u6njYcaoSwf3g9dSsvsl3mhtuzm6aXFH /Qsauav77enJh99tI4T+58rp0EuLhDsQbnBic/ukYNv7sQV8dy9KxA54yLnYUFqH6pfH8Lly sTVAMyi5Fg5O5/hVV+Z0Kpr+ZocC1YFJkTsNLAW5EIYSP9ftniqaVsim7MNmodv/zqK0IyDB GLLH1kjhvb5+6ySGlWbMTomt/or/uvMgulz0bRS+LUyOmlfXDdT+t38VPKBBVwFMarNuREU2 69M3a3jdTfScboDd2ck1u7l+QbaGoHZQ8ZNUrzgObltjohiIsazqkgYDQzXIMrD9H19E+8fw kCNUlXxjEgH/Kg8DlpoYJXSJCX0fjMWfXywL6ZXc2xyG/hbl5hvsLNmqDpLpc1CfKcA0BkK+ k8R57fr91mTCppSwwKJYO9T+8J+o4ho/CJnK/jBy1pWKMYJPvvrpdBCWq3MfzVpXYdahRKHI ypk8m4QlRlbOXWJ3TDd/SKNfSSrWgwRSg7XCjSlR7PNzNFXTULLB34sZhjrN6Q8NQZsZnMNs TX8nlGOVrKolnQPjKCLwCyu8PhllU8OwbSMKskcD1PSkG6h3r0AquQINBFcVGkoBEACgAdbR Ck+fsfOVwT8zowMiL3l9a2DP3Eeak23ifdZG+8Avb/SImpv0UMSbRfnw/N81IWwlbjkjbGTu oT37iZHLRwYUFmA8fZX0wNDNKQUUTjN6XalJmvhdz9l71H3WnE0wneEM5ahu5V1L1utUWTyh VUwzX1lwJeV3vyrNgI1kYOaeuNVvq7npNR6t6XxEpqPsNc6O77I12XELic2+36YibyqlTJIQ V1SZEbIy26AbC2zH9WqaKyGyQnr/IPbTJ2Lv0dM3RaXoVf+CeK7gB2B+w1hZummD21c1Laua +VIMPCUQ+EM8W9EtX+0iJXxI+wsztLT6vltQcm+5Q7tY+HFUucizJkAOAz98YFucwKefbkTp eKvCfCwiM1bGatZEFFKIlvJ2QNMQNiUrqJBlW9nZp/k7pbG3oStOjvawD9ZbP9e0fnlWJIsj 6c7pX354Yi7kxIk/6gREidHLLqEb/otuwt1aoMPg97iUgDV5mlNef77lWE8vxmlY0FBWIXuZ yv0XYxf1WF6dRizwFFbxvUZzIJp3spAao7jLsQj1DbD2s5+S1BW09A0mI/1DjB6EhNN+4bDB SJCOv/ReK3tFJXuj/HbyDrOdoMt8aIFbe7YFLEExHpSk+HgN05Lg5TyTro8oW7TSMTk+8a5M kzaH4UGXTTBDP/g5cfL3RFPl79ubXwARAQABiQIfBBgBCAAJBQJXFRpKAhsMAAoJEKqx7BSn lIjvI/8P/jg0jl4Tbvg3B5kT6PxJOXHYu9OoyaHLcay6Cd+ZrOd1VQQCbOcgLFbf4Yr+rE9l mYsY67AUgq2QKmVVbn9pjvGsEaz8UmfDnz5epUhDxC6yRRvY4hreMXZhPZ1pbMa6A0a/WOSt AgFj5V6Z4dXGTM/lNManr0HjXxbUYv2WfbNt3/07Db9T+GZkpUotC6iknsTA4rJi6u2ls0W9 1UIvW4o01vb4nZRCj4rni0g6eWoQCGoVDk/xFfy7ZliR5B+3Z3EWRJcQskip/QAHjbLa3pml xAZ484fVxgeESOoaeC9TiBIp0NfH8akWOI0HpBCiBD5xaCTvR7ujUWMvhsX2n881r/hNlR9g fcE6q00qHSPAEgGr1bnFv74/1vbKtjeXLCcRKk3Ulw0bY1OoDxWQr86T2fZGJ/HIZuVVBf3+ gaYJF92GXFynHnea14nFFuFgOni0Mi1zDxYH/8yGGBXvo14KWd8JOW0NJPaCDFJkdS5hu0VY 7vJwKcyHJGxsCLU+Et0mryX8qZwqibJIzu7kUJQdQDljbRPDFd/xmGUFCQiQAncSilYOcxNU EMVCXPAQTteqkvA+gNqSaK1NM9tY0eQ4iJpo+aoX8HAcn4sZzt2pfUB9vQMTBJ2d4+m/qO6+ cFTAceXmIoFsN8+gFN3i8Is3u12u8xGudcBPvpoy4OoG Message-ID: <3e4b7814-f668-7929-e457-8cbc48eff28a@linaro.org> Date: Tue, 26 May 2020 08:26:10 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 MIME-Version: 1.0 In-Reply-To: <55c2f030bcb0c66c855e823b60bbd624d7d5bff9.1589552055.git.szabolcs.nagy@arm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Adhemerval Zanella via Libc-alpha Reply-To: Adhemerval Zanella Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" On 15/05/2020 11:40, Szabolcs Nagy wrote: > Use return address signing in assembly files for functions that save > LR when pac-ret is enabled in the compiler. > > The GNU property note for PAC-RET is not meaningful to the dynamic > linker so it is not strictly required, but it may be used to track > the security property of binaries. (The PAC-RET property is only set > if BTI is set too because BTI implies working GNU property support.) With the suggestion from previous HAVE_AARCH64_PAC_RET patch, these tests could be used as #if HAVE_AARCH64_PAC_RET. Besides that, LGTM. Reviewed-by: Adhemerval Zanella > --- > sysdeps/aarch64/crti.S | 8 ++++++++ > sysdeps/aarch64/crtn.S | 6 ++++++ > sysdeps/aarch64/dl-tlsdesc.S | 8 ++++++++ > sysdeps/aarch64/dl-trampoline.S | 18 ++++++++++++++++++ > sysdeps/aarch64/sysdep.h | 8 +++++++- > 5 files changed, 47 insertions(+), 1 deletion(-) > > diff --git a/sysdeps/aarch64/crti.S b/sysdeps/aarch64/crti.S > index c346bcad72..02ec7d015e 100644 > --- a/sysdeps/aarch64/crti.S > +++ b/sysdeps/aarch64/crti.S > @@ -75,7 +75,11 @@ call_weak_fn: > .hidden _init > .type _init, %function > _init: > +#ifdef HAVE_AARCH64_PAC_RET > + PACIASP > +#else > BTI_C > +#endif > stp x29, x30, [sp, -16]! > mov x29, sp > #if PREINIT_FUNCTION_WEAK > @@ -90,6 +94,10 @@ _init: > .hidden _fini > .type _fini, %function > _fini: > +#ifdef HAVE_AARCH64_PAC_RET > + PACIASP > +#else > BTI_C > +#endif > stp x29, x30, [sp, -16]! > mov x29, sp Ok. > diff --git a/sysdeps/aarch64/crtn.S b/sysdeps/aarch64/crtn.S > index 0c1ef112c2..4b93b90411 100644 > --- a/sysdeps/aarch64/crtn.S > +++ b/sysdeps/aarch64/crtn.S > @@ -41,8 +41,14 @@ > > .section .init,"ax",%progbits > ldp x29, x30, [sp], 16 > +#ifdef HAVE_AARCH64_PAC_RET > + AUTIASP > +#endif > RET > > .section .fini,"ax",%progbits > ldp x29, x30, [sp], 16 > +#ifdef HAVE_AARCH64_PAC_RET > + AUTIASP > +#endif > RET Ok. > diff --git a/sysdeps/aarch64/dl-tlsdesc.S b/sysdeps/aarch64/dl-tlsdesc.S > index 9d96c8632a..3746dbec17 100644 > --- a/sysdeps/aarch64/dl-tlsdesc.S > +++ b/sysdeps/aarch64/dl-tlsdesc.S > @@ -183,6 +183,10 @@ _dl_tlsdesc_dynamic: > callee will trash. */ > > /* Save the remaining registers that we must treat as caller save. */ > +# ifdef HAVE_AARCH64_PAC_RET > + PACIASP > + cfi_window_save > +# endif > # define NSAVEXREGPAIRS 8 > stp x29, x30, [sp,#-16*NSAVEXREGPAIRS]! > cfi_adjust_cfa_offset (16*NSAVEXREGPAIRS) > @@ -233,6 +237,10 @@ _dl_tlsdesc_dynamic: > cfi_adjust_cfa_offset (-16*NSAVEXREGPAIRS) > cfi_restore (x29) > cfi_restore (x30) > +# ifdef HAVE_AARCH64_PAC_RET > + AUTIASP > + cfi_window_save > +# endif > b 1b > cfi_endproc > .size _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic Ok. > diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S > index 2cbfa81434..53f92d68bf 100644 > --- a/sysdeps/aarch64/dl-trampoline.S > +++ b/sysdeps/aarch64/dl-trampoline.S > @@ -127,7 +127,12 @@ _dl_runtime_resolve: > cfi_startproc > .align 2 > _dl_runtime_profile: > +# ifdef HAVE_AARCH64_PAC_RET > + PACIASP > + cfi_window_save > +# else > BTI_C > +# endif > /* AArch64 we get called with: > ip0 &PLTGOT[2] > ip1 temp(dl resolver entry point) > @@ -239,8 +244,17 @@ _dl_runtime_profile: > cfi_restore(x29) > cfi_restore(x30) > > +# ifdef HAVE_AARCH64_PAC_RET > + add sp, sp, SF_SIZE > + cfi_adjust_cfa_offset (-SF_SIZE) > + AUTIASP > + cfi_window_save > + add sp, sp, 16 > + cfi_adjust_cfa_offset (-16) > +# else > add sp, sp, SF_SIZE + 16 > cfi_adjust_cfa_offset (- SF_SIZE - 16) > +# endif > > /* Jump to the newly found address. */ > br ip0 > @@ -287,6 +301,10 @@ _dl_runtime_profile: > /* LR from within La_aarch64_reg */ > ldr lr, [x29, #OFFSET_RG + DL_OFFSET_RG_LR] > cfi_restore(lr) > +# ifdef HAVE_AARCH64_PAC_RET > + /* Note: LR restored from La_aarch64_reg has no PAC. */ > + cfi_window_save > +# endif > mov sp, x29 > cfi_def_cfa_register (sp) > ldr x29, [x29, #0] Ok. > diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h > index 086fc84b53..c51572a690 100644 > --- a/sysdeps/aarch64/sysdep.h > +++ b/sysdeps/aarch64/sysdep.h > @@ -45,6 +45,10 @@ > #define BTI_C hint 34 > #define BTI_J hint 36 > > +/* Return address signing support (pac-ret). */ > +#define PACIASP hint 25 > +#define AUTIASP hint 29 > + > /* GNU_PROPERTY_AARCH64_* macros from elf.h for use in asm code. */ > #define FEATURE_1_AND 0xc0000000 > #define FEATURE_1_BTI 1 > @@ -66,7 +70,9 @@ > > /* Add GNU property note with the supported features to all asm code > where sysdep.h is included. */ > -#if defined HAVE_AARCH64_BTI > +#if defined HAVE_AARCH64_BTI && defined HAVE_AARCH64_PAC_RET > +GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI|FEATURE_1_PAC) > +#elif defined HAVE_AARCH64_BTI > GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI) > #endif > > Ok.