arm64: Add Armv8.3-A PAC support to assembly files

This patch adds optional support for Arm Pointer Authentication Codes. X30/LR is not stored to stack at any place and restored for usage. Therefore only adding PAC flag to .note.gnu.property section. Change-Id: I9581059dfa1eed88af5a73df15b6a0d299caea13 Bug: crashpad: 1145581 Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3440070 Reviewed-by: Mark Mentovai <mark@chromium.org> Commit-Queue: Adenilson Cavalcanti <cavalcantii@chromium.org>
2024-12-26 23:01:05 +08:00 · 2022-02-08 08:14:02 +00:00 · 2022-02-08 08:14:02 +00:00 · 45cc0da93a
commit 45cc0da93a
parent d464981876
5 changed files with 41 additions and 21 deletions
--- a/client/crashpad_info_note.S
+++ b/client/crashpad_info_note.S
@ -17,7 +17,7 @@
 // that symbol to be in the dynamic symbol table.

 #include "util/misc/elf_note_types.h"
-#include "util/misc/arm64_bti_note.S"
+#include "util/misc/arm64_pac_bti.S"

 // namespace crashpad {
 // CrashpadInfo g_crashpad_info;
--- a/snapshot/crashpad_info_size_test_note.S
+++ b/snapshot/crashpad_info_size_test_note.S
@ -17,7 +17,7 @@
 // that symbol to be in the dynamic symbol table.

 #include "util/misc/elf_note_types.h"
-#include "util/misc/arm64_bti_note.S"
+#include "util/misc/arm64_pac_bti.S"

 // namespace crashpad {
 // CrashpadInfo g_test_crashpad_info;
--- a/snapshot/elf/elf_image_reader_test_note.S
+++ b/snapshot/elf/elf_image_reader_test_note.S
@ -13,7 +13,7 @@
 // limitations under the License.

 #include "util/misc/elf_note_types.h"
-#include "util/misc/arm64_bti_note.S"
+#include "util/misc/arm64_pac_bti.S"

 #define NOTE_ALIGN 4
  .section .note.crashpad.test,"a",%note
--- a/util/misc/arm64_bti_note.S
+++ b/util/misc/arm64_bti_note.S
@ -12,16 +12,40 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-#ifndef CRASHPAD_UTIL_MISC_ARM64_BTI_NOTE_S
-#define CRASHPAD_UTIL_MISC_ARM64_BTI_NOTE_S
+#ifndef CRASHPAD_UTIL_MISC_ARM64_PAC_BTI_S
+#define CRASHPAD_UTIL_MISC_ARM64_PAC_BTI_S

-/* Support macros for the Armv8.5-A Branch Target Identification feature which
- * requires emitting a .note.gnu.property section with the appropriate
+/* Support macros for the Armv8.5-A Branch Target Identification and
+ * Armv8.3-A Pointer Authentication features which require emitting
+ * a .note.gnu.property section with the appropriate
 * architecture-dependent feature bits set.
 * Read more: "ELF for the Arm® 64-bit Architecture"
 */
 #if defined(__ARM_FEATURE_BTI_DEFAULT) && (__ARM_FEATURE_BTI_DEFAULT == 1)
-#define GNU_PROPERTY_AARCH64_BTI (1 << 0)  // Has BTI
+#define GNU_PROPERTY_AARCH64_BTI 1  // Has BTI
+#define CRASHPAD_AARCH64_VALID_JUMP_CALL_TARGET bti jc
+#define CRASHPAD_AARCH64_VALID_CALL_TARGET      bti c
+#define CRASHPAD_AARCH64_VALID_JUMP_TARGET      bti j
+#else
+#define GNU_PROPERTY_AARCH64_BTI 0  // No BTI
+#define CRASHPAD_AARCH64_VALID_JUMP_CALL_TARGET
+#define CRASHPAD_AARCH64_VALID_CALL_TARGET
+#define CRASHPAD_AARCH64_VALID_JUMP_TARGET
+#endif
+
+#if defined(__ARM_FEATURE_PAC_DEFAULT)
+#if ((__ARM_FEATURE_PAC_DEFAULT & ((1<<0)|(1<<2))) == 0)
+#error Pointer authentication defines no valid key!
+#endif
+#define GNU_PROPERTY_AARCH64_PAC 1 // Has PAC
+#else
+#define GNU_PROPERTY_AARCH64_PAC 0 // No PAC
+#endif
+
+/**
+ * Emit a proper .note.gnu.property section in case of PAC or BTI being enabled.
+ */
+#if (GNU_PROPERTY_AARCH64_BTI != 0 || GNU_PROPERTY_AARCH64_PAC != 0)
  .pushsection .note.gnu.property, "a"
  .balign 4
  .long 0x4  /* size of field "GNU" */
@ -30,17 +54,12 @@
  .asciz "GNU"
  .long 0xc0000000 /* GNU_PROPERTY_AARCH64_FEATURE_1_AND */
  .long 0x4
-  .long GNU_PROPERTY_AARCH64_BTI
+  .long ((GNU_PROPERTY_AARCH64_BTI<<0)|(GNU_PROPERTY_AARCH64_PAC<<1))
  .long 0x0
  .popsection
-#define CRASHPAD_AARCH64_VALID_JUMP_CALL_TARGET bti jc
-#define CRASHPAD_AARCH64_VALID_CALL_TARGET      bti c
-#define CRASHPAD_AARCH64_VALID_JUMP_TARGET      bti j
-#undef GNU_PROPERTY_AARCH64_BTI
-#else
-#define CRASHPAD_AARCH64_VALID_JUMP_CALL_TARGET
-#define CRASHPAD_AARCH64_VALID_CALL_TARGET
-#define CRASHPAD_AARCH64_VALID_JUMP_TARGET
 #endif

-#endif /* CRASHPAD_UTIL_MISC_ARM64_BTI_NOTE_S */
+#undef GNU_PROPERTY_AARCH64_BTI
+#undef GNU_PROPERTY_AARCH64_PAC
+
+#endif /* CRASHPAD_UTIL_MISC_ARM64_PAC_BTI_S */
--- a/util/misc/capture_context_linux.S
+++ b/util/misc/capture_context_linux.S
@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-#include "util/misc/arm64_bti_note.S"
+#include "util/misc/arm64_pac_bti.S"

 // namespace crashpad {
 // void CaptureContext(ucontext_t* context);
@ -316,14 +316,15 @@ CAPTURECONTEXT_SYMBOL2:
  stp x26, x27, [x0, #0x188]
  stp x28, x29, [x0, #0x198]

-  // The original LR can't be recovered.
+  // The original LR can't be recovered, therefore no need to sign x30 with PAC.
  str x30, [x0, #0x1a8]

  // Use x1 as a scratch register.
  mov x1, SP
  str x1, [x0, #0x1b0] // context->uc_mcontext.sp

-  // The link register holds the return address for this function.
+  // The link register holds the return address for this function and won't be
+  // recovered, therefore no need to sign x30 with PAC.
  str x30, [x0, #0x1b8]  // context->uc_mcontext.pc

  // pstate should hold SPSR but NZCV are the only bits we know about.