Page MenuHomeFreeBSD

csu: Teach libc about PAC and BTI
ClosedPublic

Authored by andrew on Oct 16 2023, 4:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jan 18, 5:54 PM
Unknown Object (File)
Wed, Jan 15, 9:54 AM
Unknown Object (File)
Wed, Jan 15, 7:17 AM
Unknown Object (File)
Nov 30 2024, 8:51 AM
Unknown Object (File)
Nov 30 2024, 8:51 AM
Unknown Object (File)
Nov 30 2024, 8:51 AM
Unknown Object (File)
Nov 30 2024, 8:51 AM
Unknown Object (File)
Nov 27 2024, 7:06 AM
Subscribers

Details

Summary

Add the Branch Target Identification (BTI) note to libc assembly
sources and Pointer Authentication Code (PAC) instructions to _init and
_fini.

_init and _fini may be called indirectly so need a BTI landing pad. As
they are non-leaf functions use the appropriate PAC instruction that
also guardes against changing the link register.

As all obect files need the note for any binary using these object files
we need to insert it in all asm files.

Sponsored by: Arm Ltd

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

lib/csu/aarch64/crti.S
31

Missing a newline after the include.

lib/csu/common/crtbrand.S
53

Why add it to this file?

lib/csu/common/ignore_init_note.S
47

Why is this needed here?

lib/csu/common/crtbrand.S
53

I missed this in the description: As all obect files need the note for any binary using these object files we need to insert it in all asm files.

  • Add missing newline
  • Add a comment why GNU_PROPERTY_AARCH64_FEATURE_1_NOTE is needed in common files
This revision is now accepted and ready to land.Oct 23 2023, 1:57 PM
lib/csu/common/feature_note.S
44–47

It's kind of annoying to need #ifdef __aarch64__ in each of these files, although I think it's going to be awkward however we do it. Is there a clean way we could do it with a common definition?

lib/csu/common/feature_note.S
44–47

At the moment I'm placing it per-file to ensure all files have been checked. There is a flag for lld that will fail to link when the note is missing so I can use that to find missing files.

The only place I know that is still missing the note is zfs. When that is fixed we could enable the lld flag (after checking ports aren't affected).

This revision was automatically updated to reflect the committed changes.