git: 29e38839272e - stable/13 - arm64: Support creating a BTI & PAC note
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 19 Feb 2024 16:44:55 UTC
The branch stable/13 has been updated by andrew: URL: https://cgit.FreeBSD.org/src/commit/?id=29e38839272e9aa43dfc8c548385eb27452cb6b1 commit 29e38839272e9aa43dfc8c548385eb27452cb6b1 Author: Andrew Turner <andrew@FreeBSD.org> AuthorDate: 2023-10-10 13:00:59 +0000 Commit: Andrew Turner <andrew@FreeBSD.org> CommitDate: 2024-02-19 12:40:53 +0000 arm64: Support creating a BTI & PAC note To detect when an object file is build with the Branch Target Identification (BTI) and Pointer Authentication Code (PAC) extensions there is an elf note the compiler will insert. It will only do so from a high level language, e.g. C or C++. To get the not in assembly add the GNU_PROPERTY_AARCH64_FEATURE_1_NOTE macro that can be used to create it, and the GNU_PROPERTY_AARCH64_FEATURE_1_VAL macro to insert the correct value based on which combination of BTI and PAC are enabled. Reviewed by: markj (earlier version), emaste Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D42225 (cherry picked from commit 82597d2102a02c4e9e9355717c32867d34b77ef0) --- sys/arm64/include/asm.h | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/sys/arm64/include/asm.h b/sys/arm64/include/asm.h index cfbcd2623e69..955fb51af030 100644 --- a/sys/arm64/include/asm.h +++ b/sys/arm64/include/asm.h @@ -138,4 +138,56 @@ #define BTI_J #endif +/* + * GNU_PROPERTY_AARCH64_FEATURE_1_NOTE can be used to insert a note that + * the current assembly file is built with Pointer Authentication (PAC) or + * Branch Target Identification support (BTI). As the linker requires all + * object files in an executable or library to have the GNU property + * note to emit it in the created elf file we need to add a note to all + * assembly files that support BTI so the kernel and dynamic linker can + * mark memory used by the file as guarded. + * + * The GNU_PROPERTY_AARCH64_FEATURE_1_VAL macro encodes the combination + * of PAC and BTI that have been enabled. It can be used as follows: + * GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL); + * + * To use this you need to include <sys/elf_common.h> for + * GNU_PROPERTY_AARCH64_FEATURE_1_* + */ +#if defined(__ARM_FEATURE_BTI_DEFAULT) +#if defined(__ARM_FEATURE_PAC_DEFAULT) +/* BTI, PAC */ +#define GNU_PROPERTY_AARCH64_FEATURE_1_VAL \ + (GNU_PROPERTY_AARCH64_FEATURE_1_BTI | GNU_PROPERTY_AARCH64_FEATURE_1_PAC) +#else +/* BTI, no PAC */ +#define GNU_PROPERTY_AARCH64_FEATURE_1_VAL \ + (GNU_PROPERTY_AARCH64_FEATURE_1_BTI) +#endif +#elif defined(__ARM_FEATURE_PAC_DEFAULT) +/* No BTI, PAC */ +#define GNU_PROPERTY_AARCH64_FEATURE_1_VAL \ + (GNU_PROPERTY_AARCH64_FEATURE_1_PAC) +#else +/* No BTI, no PAC */ +#define GNU_PROPERTY_AARCH64_FEATURE_1_VAL 0 +#endif + +#if defined(__ARM_FEATURE_BTI_DEFAULT) || defined(__ARM_FEATURE_PAC_DEFAULT) +#define GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(x) \ + .section .note.gnu.property, "a"; \ + .balign 8; \ + .4byte 0x4; /* sizeof(vendor) */ \ + .4byte 0x10; /* sizeof(note data) */ \ + .4byte (NT_GNU_PROPERTY_TYPE_0); \ + .asciz "GNU"; /* vendor */ \ + /* note data: */ \ + .4byte (GNU_PROPERTY_AARCH64_FEATURE_1_AND); \ + .4byte 0x4; /* sizeof(property) */ \ + .4byte (x); /* property */ \ + .4byte 0 +#else +#define GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(x) +#endif + #endif /* _MACHINE_ASM_H_ */