From patchwork Thu Jun 20 17:08:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Szabolcs Nagy X-Patchwork-Id: 1119600 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=sourceware.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=libc-alpha-return-102889-incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=arm.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b="XkNGwV5i"; dkim=pass (1024-bit key; unprotected) header.d=armh.onmicrosoft.com header.i=@armh.onmicrosoft.com header.b="UoFRy2Wn"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45V7Yt57gxz9s4Y for ; Fri, 21 Jun 2019 03:08:18 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:mime-version; q=dns; s=default; b=UR7T U00NfF7TIt+fZgurCsV8CENdEIhTspi9QfjxUEjBx/hhydmRL4Pja8D6CK2IG8sv nldUQ3p1ASMHn8R0h8cu80DBTRMn/lZqN4ApUU5KlMVhLB5S/lKLzESV4aFI5GRX Yxe8eQCQbYS0SP7SAbRAPEQK8tqGgVudQ6aAmcE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:mime-version; s=default; bh=oV35rdFgPC g2DM+ZT90AVAh9ISk=; b=XkNGwV5if0Vjh7WoNPqNhz/gePcRiZjJx5cUUYCgw7 701PEh/V1DWfecm9kbkbzUQmCbyw0lN2X2+zZrZiaOiVa6uNg/U7ZppnI5HD9Fz8 pI23C0Mm98ORi6Aefw1l+HwA+b6ZBQ+8wri77z2iyroqYN5ckqnArZE3qCT/wSSl 8= Received: (qmail 112271 invoked by alias); 20 Jun 2019 17:08:12 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 111868 invoked by uid 89); 20 Jun 2019 17:08:11 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-18.4 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.1 spammy=sk:szabolc, szabolcsnagyarmcom, U*szabolcs.nagy, szabolcs.nagy@arm.com X-HELO: EUR04-HE1-obe.outbound.protection.outlook.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JnuCYqIZoibnU7ltgc1DblOdP0AgjqapmVfDKsoGpRo=; b=UoFRy2WnVLgDvN4O/fwhkJ5Op53hrM8UySrWfVSSq62/zMyhdvIzl7U+OYVsiZm1PsPYSwgSqLl+C3iLcFWiz7a9JHejEuNxB82opR+GDV3TTxQ0GasH3zDc3OqixpgOrmxNMls2wDLQ2H/xcZqMuYvqikpfBU2QsqIQYuRllEY= From: Szabolcs Nagy To: GNU C Library CC: nd , Sudakshina Das Subject: [PATCH 1/2] Add DT_AARCH64_BTI_PLT and DT_AARCH64_PAC_PLT to elf.h. Date: Thu, 20 Jun 2019 17:08:06 +0000 Message-ID: References: <5ec73433-43c3-5e7a-62cb-a3b203cf41c5@arm.com> In-Reply-To: <5ec73433-43c3-5e7a-62cb-a3b203cf41c5@arm.com> user-agent: Mozilla/5.0 (X11; Linux aarch64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 authentication-results: spf=none (sender IP is ) smtp.mailfrom=Szabolcs.Nagy@arm.com; x-ms-oob-tlc-oobclassifiers: OLM:3513; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Szabolcs.Nagy@arm.com These are new AArch64 specific ELF dynamic tags. 2019-06-20 Szabolcs Nagy * elf/elf.h (DT_AARCH64_PAC_PLT): Define. (DT_AARCH64_BTI_PLT): Define. diff --git a/elf/elf.h b/elf/elf.h index 7c6d6094ed..275f8bed47 100644 --- a/elf/elf.h +++ b/elf/elf.h @@ -2863,10 +2863,12 @@ enum #define R_AARCH64_TLS_TPREL 1030 /* TP-relative offset, 64 bit. */ #define R_AARCH64_TLSDESC 1031 /* TLS Descriptor. */ #define R_AARCH64_IRELATIVE 1032 /* STT_GNU_IFUNC relocation. */ /* AArch64 specific values for the Dyn d_tag field. */ +#define DT_AARCH64_BTI_PLT (DT_LOPROC + 1) +#define DT_AARCH64_PAC_PLT (DT_LOPROC + 3) #define DT_AARCH64_VARIANT_PCS (DT_LOPROC + 5) #define DT_AARCH64_NUM 6 /* AArch64 specific values for the st_other field. */ #define STO_AARCH64_VARIANT_PCS 0x80 From patchwork Thu Jun 20 17:08:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Szabolcs Nagy X-Patchwork-Id: 1119601 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=sourceware.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=libc-alpha-return-102890-incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=arm.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b="HZ+Zz0s8"; dkim=pass (1024-bit key; unprotected) header.d=armh.onmicrosoft.com header.i=@armh.onmicrosoft.com header.b="sceRL3VV"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45V7ZL4Bfzz9s7h for ; Fri, 21 Jun 2019 03:08:42 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:mime-version; q=dns; s=default; b=bIKC PYBqu2NJ9Tjxv8vAXP8s71LooNUlXXRNsSKN6+IP7LR8aGKTbDZKsduupjzXBGD6 KOLSiiHHPDRekgoyIACGiNOpU08zPZdTKes3vHOLqrXFDm1f81vniyWIB/xC4jf7 8hQPZ1ejdG344wr6eoo242ec9exZqi8gPJX2VVU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id:references :in-reply-to:content-type:mime-version; s=default; bh=JdP45g3Mm0 qSfJLS/d9nKoNiRWQ=; b=HZ+Zz0s8DOfSnBto2vYvF0j7T5A6UNgmznWWpTBMpk np+yI/0I9Uz0b2ZQlMORETZd7LWvD7L477cngYo9x5brIdpr86p5cAbZjt3iYPjK FLg9rA5iX51EvBBs9L58fvYojpnLrRY/R3wjt61oQEIfNQYH8ySU6Lotvefvpi+A 8= Received: (qmail 116417 invoked by alias); 20 Jun 2019 17:08:36 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 116409 invoked by uid 89); 20 Jun 2019 17:08:36 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-18.4 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.1 spammy=AUT, authenticates, aut X-HELO: EUR04-HE1-obe.outbound.protection.outlook.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RqAppwsUHfZoPH4RJ0f0WXY6NWPrL5yE5oAU34lZHd0=; b=sceRL3VVaYjSskoBtchk46NX+KvTCcFPUzDGcCW6USrt4COtTujYiEbkOmvIcxfFmae0YbfcLveWi+0lzhD88FaZwRqLRLmg7+duQFI2MsTHPRElH08u33WsCJuEX/dMzY//SoRi1F2xE5buAOQZXDaJQ85oJchS/cWV5M7E7nc= From: Szabolcs Nagy To: GNU C Library CC: nd , Sudakshina Das Subject: [PATCH 2/2] aarch64: Support PLT with PAC Date: Thu, 20 Jun 2019 17:08:30 +0000 Message-ID: <4d56a496-b06e-9cda-d3d8-d797ae8687b9@arm.com> References: <5ec73433-43c3-5e7a-62cb-a3b203cf41c5@arm.com> In-Reply-To: <5ec73433-43c3-5e7a-62cb-a3b203cf41c5@arm.com> user-agent: Mozilla/5.0 (X11; Linux aarch64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 authentication-results: spf=none (sender IP is ) smtp.mailfrom=Szabolcs.Nagy@arm.com; x-ms-oob-tlc-oobclassifiers: OLM:8882; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 MIME-Version: 1.0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Szabolcs.Nagy@arm.com Add pointer authentication code to the function pointers in PLTGOT if DT_AARCH64_PAC_PLT is set on an elf binary. In such binaries the PLT authenticates the pointer loaded from the GOT entry. This is only valid in LP64 binaries and only useful when the PLTGOT is writable at runtime, i.e. with lazy binding. Note: TLS descriptors are not protected, the static linker should ensure that GOT entries with TLSDESC relocations are read-only, i.e. they are not lazy resolved. 2019-06-20 Szabolcs Nagy * sysdeps/aarch64/dl-machine.h (set_jump_slot): Define. (elf_machine_fixup_plt): Use set_jump_slot. (elf_machine_rela): Likewise. (elf_machine_lazy_rel): Likewise. diff --git a/sysdeps/aarch64/dl-machine.h b/sysdeps/aarch64/dl-machine.h index 4f27637b20..91c3db409b 100644 --- a/sysdeps/aarch64/dl-machine.h +++ b/sysdeps/aarch64/dl-machine.h @@ -214,19 +214,36 @@ dl_platform_init (void) static executable. */ init_cpu_features (&GLRO(dl_aarch64_cpu_features)); #endif } +/* Set *RELOC_ADDR such that a PLT entry using it jumps to VALUE, this is + needed because the PLT entry may apply transformations before the jump. */ +static inline ElfW(Addr) +set_jump_slot (struct link_map *map, ElfW(Addr) *reloc_addr, ElfW(Addr) value) +{ +#ifdef __LP64__ + if (map->l_info[DT_AARCH64 (PAC_PLT)]) + { + /* Add PAC if the PLT uses AUT to verify the loaded pointer. */ + register Elf64_Addr *x16 asm ("x16") = reloc_addr; + register Elf64_Addr x17 asm ("x17") = value; + asm ("hint #0x8 // pacia1716" : "+r"(x17) : "r"(x16)); + value = x17; + } +#endif + return *reloc_addr = value; +} static inline ElfW(Addr) elf_machine_fixup_plt (struct link_map *map, lookup_t t, const ElfW(Sym) *refsym, const ElfW(Sym) *sym, const ElfW(Rela) *reloc, ElfW(Addr) *reloc_addr, ElfW(Addr) value) { - return *reloc_addr = value; + return set_jump_slot (map, reloc_addr, value); } /* Return the final value of a plt relocation. */ static inline ElfW(Addr) elf_machine_plt_value (struct link_map *map, @@ -288,13 +305,16 @@ elf_machine_rela (struct link_map *map, const ElfW(Rela) *reloc, memcpy (reloc_addr_arg, (void *) value, sym->st_size < refsym->st_size ? sym->st_size : refsym->st_size); break; + case AARCH64_R(JUMP_SLOT): + set_jump_slot (map, reloc_addr, value + reloc->r_addend); + break; + case AARCH64_R(RELATIVE): case AARCH64_R(GLOB_DAT): - case AARCH64_R(JUMP_SLOT): case AARCH64_R(ABS32): #ifdef __LP64__ case AARCH64_R(ABS64): #endif *reloc_addr = value + reloc->r_addend; @@ -361,11 +381,11 @@ elf_machine_rela (struct link_map *map, const ElfW(Rela) *reloc, break; case AARCH64_R(IRELATIVE): value = map->l_addr + reloc->r_addend; value = elf_ifunc_invoke (value); - *reloc_addr = value; + set_jump_slot (map, reloc_addr, value); break; default: _dl_reloc_bad_type (map, r_type, 0); break; @@ -396,11 +416,11 @@ elf_machine_lazy_rel (struct link_map *map, if (__builtin_expect (r_type == AARCH64_R(JUMP_SLOT), 1)) { if (map->l_mach.plt == 0) { /* Prelinking. */ - *reloc_addr += l_addr; + set_jump_slot (map, reloc_addr, *reloc_addr + l_addr); return; } if (__glibc_unlikely (map->l_mach.variant_pcs)) { @@ -423,11 +443,11 @@ elf_machine_lazy_rel (struct link_map *map, skip_ifunc); return; } } - *reloc_addr = map->l_mach.plt; + set_jump_slot (map, reloc_addr, map->l_mach.plt); } else if (__builtin_expect (r_type == AARCH64_R(TLSDESC), 1)) { const Elf_Symndx symndx = ELFW (R_SYM) (reloc->r_info); const ElfW (Sym) *symtab = (const void *)D_PTR (map, l_info[DT_SYMTAB]); @@ -448,11 +468,11 @@ elf_machine_lazy_rel (struct link_map *map, else if (__glibc_unlikely (r_type == AARCH64_R(IRELATIVE))) { ElfW(Addr) value = map->l_addr + reloc->r_addend; if (__glibc_likely (!skip_ifunc)) value = elf_ifunc_invoke (value); - *reloc_addr = value; + set_jump_slot (map, reloc_addr, value); } else _dl_reloc_bad_type (map, r_type, 1); }