git: c2e0d56f5e49 - main - arm64: Support BTI checking in most of the kernel

From: Andrew Turner <andrew_at_FreeBSD.org>
Date: Wed, 05 Jun 2024 09:29:13 UTC
The branch main has been updated by andrew:

URL: https://cgit.FreeBSD.org/src/commit/?id=c2e0d56f5e493a8514324fd5e062ddc99a68b599

commit c2e0d56f5e493a8514324fd5e062ddc99a68b599
Author:     Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2024-06-04 12:46:46 +0000
Commit:     Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2024-06-05 09:23:40 +0000

    arm64: Support BTI checking in most of the kernel
    
    LLD has the -zbti-report=error argument to check if the BTI note is
    present when linking. To allow for this to be used when linking the
    kernel and modules:
     - Add the BTI note to the remaining assembly files
     - Mark ptrauth.c as protected by BTI
     - Disable -zbti-report for vmm hypervisor switching code as it's not
       used there.
    
    The linux64 module doesn't build with the flag as it includes vdso code
    that doesn't include the note.
    
    Reviewed by:    imp, kib, emaste
    Sponsored by:   Arm Ltd
    Differential Revision:  https://reviews.freebsd.org/D45466
---
 sys/arm64/arm64/bus_space_asm.S          | 4 ++++
 sys/arm64/arm64/copyinout.S              | 5 ++++-
 sys/arm64/arm64/cpufunc_asm.S            | 4 ++++
 sys/arm64/arm64/exception.S              | 3 +++
 sys/arm64/arm64/hyp_stub.S               | 4 ++++
 sys/arm64/arm64/locore.S                 | 3 +++
 sys/arm64/arm64/memcmp.S                 | 3 +++
 sys/arm64/arm64/memcpy.S                 | 3 +++
 sys/arm64/arm64/memset.S                 | 4 ++++
 sys/arm64/arm64/sigtramp.S               | 3 +++
 sys/arm64/arm64/strcmp.S                 | 3 +++
 sys/arm64/arm64/strncmp.S                | 3 +++
 sys/arm64/arm64/support.S                | 4 ++++
 sys/arm64/arm64/swtch.S                  | 3 +++
 sys/arm64/vmm/vmm_call.S                 | 3 +++
 sys/arm64/vmm/vmm_hyp_el2.S              | 5 +++++
 sys/cddl/dev/dtrace/aarch64/dtrace_asm.S | 3 +++
 sys/conf/files.arm64                     | 2 +-
 sys/dev/psci/smccc_arm64.S               | 5 +++++
 sys/kern/firmw.S                         | 6 ++++++
 sys/modules/vmm/Makefile                 | 2 +-
 21 files changed, 72 insertions(+), 3 deletions(-)

diff --git a/sys/arm64/arm64/bus_space_asm.S b/sys/arm64/arm64/bus_space_asm.S
index bc9b41f96952..699a27bedab4 100644
--- a/sys/arm64/arm64/bus_space_asm.S
+++ b/sys/arm64/arm64/bus_space_asm.S
@@ -25,7 +25,9 @@
  *
  */
 
+#include <sys/elf_common.h>
 #include <machine/asm.h>
+
 ENTRY(generic_bs_r_1)
 	ldrb	w0, [x1, x2]
 	ret
@@ -475,3 +477,5 @@ generic_bs_poke_8f:
 	mov	x0, #0
 	ret
 END(generic_bs_poke_8)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/copyinout.S b/sys/arm64/arm64/copyinout.S
index 23f56ae85daa..26dd0b4cf14f 100644
--- a/sys/arm64/arm64/copyinout.S
+++ b/sys/arm64/arm64/copyinout.S
@@ -27,9 +27,10 @@
  *
  */
 
-#include <machine/asm.h>
+#include <sys/elf_common.h>
 #include <sys/errno.h>
 
+#include <machine/asm.h>
 #include <machine/param.h>
 #include <machine/vmparam.h>
 
@@ -220,3 +221,5 @@ ending:
 	mov	x0, xzr		/* return 0 */
 	ret
 	.size	copycommon, . - copycommon
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/cpufunc_asm.S b/sys/arm64/arm64/cpufunc_asm.S
index 5a668aeb542e..a13b97c2cdee 100644
--- a/sys/arm64/arm64/cpufunc_asm.S
+++ b/sys/arm64/arm64/cpufunc_asm.S
@@ -29,7 +29,9 @@
  *
  */
 
+#include <sys/elf_common.h>
 #include <sys/errno.h>
+
 #include <machine/asm.h>
 #include <machine/param.h>
 
@@ -190,3 +192,5 @@ ENTRY(cache_maint_fault)
 	mov	x0, #EFAULT
 	ret
 END(cache_maint_fault)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/exception.S b/sys/arm64/arm64/exception.S
index 41d7e7f7ae1f..662684588e0c 100644
--- a/sys/arm64/arm64/exception.S
+++ b/sys/arm64/arm64/exception.S
@@ -25,6 +25,8 @@
  *
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 #include <machine/armreg.h>
 #include "assym.inc"
@@ -324,3 +326,4 @@ exception_vectors:
 	vempty 0		/* FIQ 32-bit EL0 */
 	vector el0_serror 0	/* Error 32-bit EL0 */
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/hyp_stub.S b/sys/arm64/arm64/hyp_stub.S
index 42f76da95062..ee486edf67a0 100644
--- a/sys/arm64/arm64/hyp_stub.S
+++ b/sys/arm64/arm64/hyp_stub.S
@@ -24,6 +24,8 @@
  * SUCH DAMAGE.
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 .macro vempty
@@ -63,3 +65,5 @@ hyp_stub_vectors:
 	vempty			/* IRQ 32-bit EL1 */
 	vempty			/* FIQ 32-bit EL1 */
 	vempty			/* SError 32-bit EL1 */
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/locore.S b/sys/arm64/arm64/locore.S
index fffebe8f2b02..d1120e0476a2 100644
--- a/sys/arm64/arm64/locore.S
+++ b/sys/arm64/arm64/locore.S
@@ -26,6 +26,7 @@
 
 #include "assym.inc"
 #include "opt_kstack_pages.h"
+#include <sys/elf_common.h>
 #include <sys/syscall.h>
 #include <machine/asm.h>
 #include <machine/armreg.h>
@@ -1006,3 +1007,5 @@ aarch32_esigcode:
 	.global sz_aarch32_sigcode
 sz_aarch32_sigcode:
 	.quad aarch32_esigcode - aarch32_sigcode
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/memcmp.S b/sys/arm64/arm64/memcmp.S
index 8517a181f3f3..19f577f218e0 100644
--- a/sys/arm64/arm64/memcmp.S
+++ b/sys/arm64/arm64/memcmp.S
@@ -9,6 +9,8 @@
  * ARMv8-a, AArch64, unaligned accesses.
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 #define L(l) .L ## l
@@ -134,3 +136,4 @@ L(byte_loop):
 
 END (memcmp)
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/memcpy.S b/sys/arm64/arm64/memcpy.S
index b394d6c1d30a..01daa8e1c228 100644
--- a/sys/arm64/arm64/memcpy.S
+++ b/sys/arm64/arm64/memcpy.S
@@ -11,6 +11,8 @@
  *
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 #define L(l) .L ## l
@@ -240,3 +242,4 @@ L(copy64_from_start):
 END(memcpy)
 EEND(memmove)
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/memset.S b/sys/arm64/arm64/memset.S
index ec434493ce13..f52bfd62cc54 100644
--- a/sys/arm64/arm64/memset.S
+++ b/sys/arm64/arm64/memset.S
@@ -31,6 +31,8 @@
  *
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 #define dstin		x0
@@ -195,3 +197,5 @@ ENTRY(memset)
 	b.ne	.Ltail_maybe_long
 	ret
 END(memset)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/sigtramp.S b/sys/arm64/arm64/sigtramp.S
index f1936e695f33..3f1bb42c269f 100644
--- a/sys/arm64/arm64/sigtramp.S
+++ b/sys/arm64/arm64/sigtramp.S
@@ -27,6 +27,7 @@
  */
 
 #include "assym.inc"
+#include <sys/elf_common.h>
 #include <sys/syscall.h>
 #include <machine/asm.h>
 
@@ -57,3 +58,5 @@ esigcode:
 	.global	szsigcode
 szsigcode:
 	.quad	esigcode - sigcode
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/strcmp.S b/sys/arm64/arm64/strcmp.S
index 0d66aae07d9e..d31576bbcf34 100644
--- a/sys/arm64/arm64/strcmp.S
+++ b/sys/arm64/arm64/strcmp.S
@@ -12,6 +12,8 @@
  * MTE compatible.
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 #define L(l) .L ## l
@@ -187,3 +189,4 @@ L(done):
 
 END (strcmp)
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/strncmp.S b/sys/arm64/arm64/strncmp.S
index 595de0312678..1b475b4ce449 100644
--- a/sys/arm64/arm64/strncmp.S
+++ b/sys/arm64/arm64/strncmp.S
@@ -11,6 +11,8 @@
  * MTE compatible.
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 
 #define L(l) .L ## l
@@ -305,3 +307,4 @@ L(ret0):
 	ret
 END(strncmp)
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/support.S b/sys/arm64/arm64/support.S
index bb93cfd521e1..2d067c7f7730 100644
--- a/sys/arm64/arm64/support.S
+++ b/sys/arm64/arm64/support.S
@@ -29,6 +29,8 @@
  *
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 #include <machine/setjmp.h>
 #include <machine/param.h>
@@ -387,3 +389,5 @@ ENTRY(pagezero_cache)
 	ret
 
 END(pagezero_cache)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/arm64/swtch.S b/sys/arm64/arm64/swtch.S
index 9c43de3a9eae..ca00d473fd47 100644
--- a/sys/arm64/arm64/swtch.S
+++ b/sys/arm64/arm64/swtch.S
@@ -33,6 +33,8 @@
 #include "opt_kstack_pages.h"
 #include "opt_sched.h"
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
 #include <machine/armreg.h>
 .macro clear_step_flag pcbflags, tmp
@@ -277,3 +279,4 @@ ENTRY(savectx)
 	ret
 END(savectx)
 
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/vmm/vmm_call.S b/sys/arm64/vmm/vmm_call.S
index fc28e3f173eb..8caf0465f938 100644
--- a/sys/arm64/vmm/vmm_call.S
+++ b/sys/arm64/vmm/vmm_call.S
@@ -28,6 +28,7 @@
  * SUCH DAMAGE.
  */
 
+#include <sys/elf_common.h>
 
 #include <machine/asm.h>
 
@@ -37,3 +38,5 @@ ENTRY(vmm_call_hyp)
 	hvc	#0
 	ret
 END(vmm_call_hyp)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/arm64/vmm/vmm_hyp_el2.S b/sys/arm64/vmm/vmm_hyp_el2.S
index 7012e238c9c8..0ba040ee7bad 100644
--- a/sys/arm64/vmm/vmm_hyp_el2.S
+++ b/sys/arm64/vmm/vmm_hyp_el2.S
@@ -28,6 +28,9 @@
  * SUCH DAMAGE.
  */
 
+#include <sys/elf_common.h>
+
+#include <machine/asm.h>
 #include <machine/param.h>
 
 	.section .rodata
@@ -37,3 +40,5 @@ vmm_hyp_code:
 	.incbin "vmm_hyp_blob.bin"
 	.globl vmm_hyp_code_end
 vmm_hyp_code_end:
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S b/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S
index 3984d12bf67b..a934733251a3 100644
--- a/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S
+++ b/sys/cddl/dev/dtrace/aarch64/dtrace_asm.S
@@ -29,6 +29,7 @@
 
 #include <sys/cpuvar_defs.h>
 #include <sys/dtrace.h>
+#include <sys/elf_common.h>
 
 #include <machine/armreg.h>
 #include <machine/asm.h>
@@ -172,3 +173,5 @@ ENTRY(dtrace_casptr)
 2:	mov	x0, x3		/* Return the value loaded from target */
 	RET
 END(dtrace_casptr)
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/conf/files.arm64 b/sys/conf/files.arm64
index 8139a7af8ed3..26f9eaf193af 100644
--- a/sys/conf/files.arm64
+++ b/sys/conf/files.arm64
@@ -65,7 +65,7 @@ arm64/arm64/nexus.c				standard
 arm64/arm64/ofw_machdep.c			optional fdt
 arm64/arm64/pl031_rtc.c				optional fdt pl031
 arm64/arm64/ptrauth.c				standard \
-	compile-with	"${NORMAL_C:N-mbranch-protection*}"
+	compile-with	"${NORMAL_C:N-mbranch-protection*} -mbranch-protection=bti"
 arm64/arm64/pmap.c				standard
 arm64/arm64/ptrace_machdep.c			standard
 arm64/arm64/sigtramp.S				standard
diff --git a/sys/dev/psci/smccc_arm64.S b/sys/dev/psci/smccc_arm64.S
index 25a64669fab3..2a3c09ec26b2 100644
--- a/sys/dev/psci/smccc_arm64.S
+++ b/sys/dev/psci/smccc_arm64.S
@@ -30,7 +30,10 @@
  * SUCH DAMAGE.
  */
 
+#include <sys/elf_common.h>
+
 #include <machine/asm.h>
+
 .macro arm_smccc_1_0	insn
 ENTRY(arm_smccc_\insn)
 	\insn	#0
@@ -84,3 +87,5 @@ END(arm_smccc_1_2_\insn)
  */
 arm_smccc_1_2	hvc
 arm_smccc_1_2	smc
+
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
diff --git a/sys/kern/firmw.S b/sys/kern/firmw.S
index f0377c4e0584..cd808d4a9396 100644
--- a/sys/kern/firmw.S
+++ b/sys/kern/firmw.S
@@ -45,3 +45,9 @@ FIRMW_START(FIRMW_SYMBOL):
 	.type	FIRMW_END(FIRMW_SYMBOL), %object
 FIRMW_END(FIRMW_SYMBOL):
 	.size	FIRMW_END(FIRMW_SYMBOL), . - FIRMW_END(FIRMW_SYMBOL)
+
+#if defined(__aarch64__)
+#include <machine/asm.h>
+#include <sys/elf_common.h>
+GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
+#endif
diff --git a/sys/modules/vmm/Makefile b/sys/modules/vmm/Makefile
index a98f0f27e25b..6737d868f2ea 100644
--- a/sys/modules/vmm/Makefile
+++ b/sys/modules/vmm/Makefile
@@ -50,7 +50,7 @@ vmm_hyp.o: vmm_hyp.c
 
 vmm_hyp_blob.elf.full:	vmm_hyp_exception.o vmm_hyp.o
 	${LD} -m ${LD_EMULATION} -Bdynamic -T ${SYSDIR}/conf/ldscript.arm64 \
-	    ${_LDFLAGS} --no-warn-mismatch --warn-common --export-dynamic \
+	    ${_LDFLAGS:N-zbti-report*} --no-warn-mismatch --warn-common --export-dynamic \
 	    --dynamic-linker /red/herring -X -o ${.TARGET} ${.ALLSRC} \
 	    --defsym=_start='0x0' --defsym=text_start='0x0'