aarch64: Add pac-ret support to assembly files

Use return address signing in assembly files for functions that save
LR when pac-ret is enabled in the compiler.

The GNU property note for PAC-RET is not meaningful to the dynamic
linker so it is not strictly required, but it may be used to track
the security property of binaries. (The PAC-RET property is only set
if BTI is set too because BTI implies working GNU property support.)

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

diff --git a/sysdeps/aarch64/crti.S b/sysdeps/aarch64/crti.S
index c346bcad72d0ce10b4400178bb5deb19a5b8da6c..c486e9ca4467cb6714641fdabf61f36096e6f6ed 100644 (file)
--- a/sysdeps/aarch64/crti.S
+++ b/sysdeps/aarch64/crti.S
@@ -75,7 +75,11 @@ call_weak_fn:
        .hidden _init
        .type   _init, %function
 _init:
+#if HAVE_AARCH64_PAC_RET
+       PACIASP
+#else
        BTI_C
+#endif
        stp     x29, x30, [sp, -16]!
        mov     x29, sp
 #if PREINIT_FUNCTION_WEAK
@@ -90,6 +94,10 @@ _init:
        .hidden _fini
        .type   _fini, %function
 _fini:
+#if HAVE_AARCH64_PAC_RET
+       PACIASP
+#else
        BTI_C
+#endif
        stp     x29, x30, [sp, -16]!
        mov     x29, sp

diff --git a/sysdeps/aarch64/crtn.S b/sysdeps/aarch64/crtn.S
index 0c1ef112c2379a3a95e115bffbf555d3241d7cb3..d21c21c2037d14e514d12e74eced2b2af82dd5d7 100644 (file)
--- a/sysdeps/aarch64/crtn.S
+++ b/sysdeps/aarch64/crtn.S
@@ -41,8 +41,14 @@
 
        .section .init,"ax",%progbits
        ldp     x29, x30, [sp], 16
+#if HAVE_AARCH64_PAC_RET
+       AUTIASP
+#endif
        RET
 
        .section .fini,"ax",%progbits
        ldp     x29, x30, [sp], 16
+#if HAVE_AARCH64_PAC_RET
+       AUTIASP
+#endif
        RET

diff --git a/sysdeps/aarch64/dl-tlsdesc.S b/sysdeps/aarch64/dl-tlsdesc.S
index 9d96c8632a01cb3bab67f3fc3d5165492cb3b342..db8a064322e6b0ddc0d465cd54d017043dd985fc 100644 (file)
--- a/sysdeps/aarch64/dl-tlsdesc.S
+++ b/sysdeps/aarch64/dl-tlsdesc.S
@@ -183,6 +183,10 @@ _dl_tlsdesc_dynamic:
           callee will trash.  */
 
        /* Save the remaining registers that we must treat as caller save.  */
+# if HAVE_AARCH64_PAC_RET
+       PACIASP
+       cfi_window_save
+# endif
 # define NSAVEXREGPAIRS 8
        stp     x29, x30, [sp,#-16*NSAVEXREGPAIRS]!
        cfi_adjust_cfa_offset (16*NSAVEXREGPAIRS)
@@ -233,6 +237,10 @@ _dl_tlsdesc_dynamic:
        cfi_adjust_cfa_offset (-16*NSAVEXREGPAIRS)
        cfi_restore (x29)
        cfi_restore (x30)
+# if HAVE_AARCH64_PAC_RET
+       AUTIASP
+       cfi_window_save
+# endif
        b       1b
        cfi_endproc
        .size   _dl_tlsdesc_dynamic, .-_dl_tlsdesc_dynamic

diff --git a/sysdeps/aarch64/dl-trampoline.S b/sysdeps/aarch64/dl-trampoline.S
index 2cbfa814348c7db8cf3a42c73b6141fbf25960e1..794876fffab33298172350c11620dfe19b929941 100644 (file)
--- a/sysdeps/aarch64/dl-trampoline.S
+++ b/sysdeps/aarch64/dl-trampoline.S
@@ -127,7 +127,12 @@ _dl_runtime_resolve:
        cfi_startproc
        .align 2
 _dl_runtime_profile:
+# if HAVE_AARCH64_PAC_RET
+       PACIASP
+       cfi_window_save
+# else
        BTI_C
+# endif
        /* AArch64 we get called with:
           ip0          &PLTGOT[2]
           ip1          temp(dl resolver entry point)
@@ -239,8 +244,17 @@ _dl_runtime_profile:
        cfi_restore(x29)
        cfi_restore(x30)
 
+# if HAVE_AARCH64_PAC_RET
+       add     sp, sp, SF_SIZE
+       cfi_adjust_cfa_offset (-SF_SIZE)
+       AUTIASP
+       cfi_window_save
+       add     sp, sp, 16
+       cfi_adjust_cfa_offset (-16)
+# else
        add     sp, sp, SF_SIZE + 16
        cfi_adjust_cfa_offset (- SF_SIZE - 16)
+# endif
 
        /* Jump to the newly found address.  */
        br      ip0
@@ -287,6 +301,10 @@ _dl_runtime_profile:
        /* LR from within La_aarch64_reg */
        ldr     lr, [x29, #OFFSET_RG + DL_OFFSET_RG_LR]
        cfi_restore(lr)
+# if HAVE_AARCH64_PAC_RET
+       /* Note: LR restored from La_aarch64_reg has no PAC.  */
+       cfi_window_save
+# endif
        mov     sp, x29
        cfi_def_cfa_register (sp)
        ldr     x29, [x29, #0]

diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h
index 0eeb0bb2f19764ad94ea403d380259adc20dc1a0..cd88023163009630bea1612fd0deec6a02de9d69 100644 (file)
--- a/sysdeps/aarch64/sysdep.h
+++ b/sysdeps/aarch64/sysdep.h
@@ -45,6 +45,10 @@
 #define BTI_C          hint    34
 #define BTI_J          hint    36
 
+/* Return address signing support (pac-ret).  */
+#define PACIASP                hint    25
+#define AUTIASP                hint    29
+
 /* GNU_PROPERTY_AARCH64_* macros from elf.h for use in asm code.  */
 #define FEATURE_1_AND 0xc0000000
 #define FEATURE_1_BTI 1
@@ -66,7 +70,9 @@
 
 /* Add GNU property note with the supported features to all asm code
    where sysdep.h is included.  */
-#if HAVE_AARCH64_BTI
+#if HAVE_AARCH64_BTI && HAVE_AARCH64_PAC_RET
+GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI|FEATURE_1_PAC)
+#elif HAVE_AARCH64_BTI
 GNU_PROPERTY (FEATURE_1_AND, FEATURE_1_BTI)
 #endif