[v1,4/4] aarch64 SFrame: skip with warning new CFI directive used with pauth_lr

Message ID 20241125162846.94691-5-matthieu.longo@arm.com
State New
Headers
Series aarch64: add DWARF and SFrame support for new CFI directive used for PAuth_LR |

Checks

Context Check Description
linaro-tcwg-bot/tcwg_binutils_build--master-arm success Build passed
linaro-tcwg-bot/tcwg_binutils_build--master-aarch64 success Build passed
linaro-tcwg-bot/tcwg_binutils_check--master-aarch64 success Test passed
linaro-tcwg-bot/tcwg_binutils_check--master-arm success Test passed

Commit Message

Matthieu Longo Nov. 25, 2024, 4:28 p.m. UTC
  Today, SFrame v2 specification does not describe how to encode the
information corresponding to the PAC signing method.
SFrame v3 specification should hopefully specify it.

In the meantime, if the GNU assembler finds .cfi_negate_ra_state_with_pc
and --gsframe is specified, it will output a warning to the user and
will fail to generate the FDE entry.

A new SFrame test for .cfi_negate_ra_state_with_pc is also added to
reflect this issue.
---
 gas/gen-sframe.c                              | 16 ++++++++++++
 .../gas/cfi-sframe/cfi-sframe-aarch64-4.d     | 25 +++++++++++++++++++
 .../gas/cfi-sframe/cfi-sframe-aarch64-4.s     | 23 +++++++++++++++++
 gas/testsuite/gas/cfi-sframe/cfi-sframe.exp   |  1 +
 4 files changed, 65 insertions(+)
 create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
 create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
  

Comments

Indu Bhagat Dec. 1, 2024, 3:23 a.m. UTC | #1
On 11/25/24 8:28 AM, Matthieu Longo wrote:
> Today, SFrame v2 specification does not describe how to encode the
> information corresponding to the PAC signing method.
> SFrame v3 specification should hopefully specify it.
> 
> In the meantime, if the GNU assembler finds .cfi_negate_ra_state_with_pc
> and --gsframe is specified, it will output a warning to the user and
> will fail to generate the FDE entry.
> 
> A new SFrame test for .cfi_negate_ra_state_with_pc is also added to
> reflect this issue.

OK, LGTM. Thanks for the patch.

> ---
>   gas/gen-sframe.c                              | 16 ++++++++++++
>   .../gas/cfi-sframe/cfi-sframe-aarch64-4.d     | 25 +++++++++++++++++++
>   .../gas/cfi-sframe/cfi-sframe-aarch64-4.s     | 23 +++++++++++++++++
>   gas/testsuite/gas/cfi-sframe/cfi-sframe.exp   |  1 +
>   4 files changed, 65 insertions(+)
>   create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
>   create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
> 
> diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
> index be48b339609..041c4c7b83e 100644
> --- a/gas/gen-sframe.c
> +++ b/gas/gen-sframe.c
> @@ -1282,6 +1282,19 @@ sframe_xlate_do_aarch64_negate_ra_state (struct sframe_xlate_ctx *xlate_ctx,
>     return SFRAME_XLATE_OK;
>   }
>   
> +/* Translate DW_CFA_AARCH64_negate_ra_state_with_pc into SFrame context.
> +   Return SFRAME_XLATE_OK if success.  */
> +
> +static int
> +sframe_xlate_do_aarch64_negate_ra_state_with_pc (struct sframe_xlate_ctx *xlate_ctx ATTRIBUTE_UNUSED,
> +						 struct cfi_insn_data *cfi_insn ATTRIBUTE_UNUSED)
> +{
> +  as_warn (_("skipping SFrame FDE; .cfi_negate_ra_state_with_pc"));
> +  /* The used signing method should be encoded inside the FDE in SFrame v3.
> +     For now, PAuth_LR extension is not supported with SFrame.  */
> +  return SFRAME_XLATE_ERR_NOTREPRESENTED;  /* Not represented.  */
> +}
> +
>   /* Translate DW_CFA_GNU_window_save into SFrame context.
>      DW_CFA_GNU_window_save is a DWARF Sparc extension, but is multiplexed with a
>      directive of DWARF AArch64 extension: DW_CFA_AARCH64_negate_ra_state.
> @@ -1397,6 +1410,9 @@ sframe_do_cfi_insn (struct sframe_xlate_ctx *xlate_ctx,
>       case DW_CFA_GNU_window_save:
>         err = sframe_xlate_do_gnu_window_save (xlate_ctx, cfi_insn);
>         break;
> +    case DW_CFA_AARCH64_negate_ra_state_with_pc:
> +      err = sframe_xlate_do_aarch64_negate_ra_state_with_pc (xlate_ctx, cfi_insn);
> +      break;
>       case DW_CFA_register:
>         err = sframe_xlate_do_register (xlate_ctx, cfi_insn);
>         break;
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
> new file mode 100644
> index 00000000000..c81888b0021
> --- /dev/null
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
> @@ -0,0 +1,25 @@
> +#as: --gsframe
> +#objdump: --sframe=.sframe
> +#name: SFrame cfi_negate_ra_state_with_pc test
> +#warning: Warning: skipping SFrame FDE; \.cfi_negate_ra_state_with_pc
> +
> +## The support for .cfi_negate_ra_state_with_pc is currently pending on SFrame
> +## v3 (currently in development). The unimplemented support is reported to the
> +## user as a warning. Then the handler returns an error that will cause no
> +## creation of a SFrame FDE later (hence "Num FDEs: 0").
> +## Note: this test will be expected to fail when the support of PAuth_LR in
> +## SFrame will be added, so will have to be fixed.
> +
> +#...
> +Contents of the SFrame section .sframe:
> +
> +  Header :
> +
> +    Version: SFRAME_VERSION_2
> +    Flags: NONE
> +    Num FDEs: 0
> +    Num FREs: 0
> +
> +  Function Index :
> +
> +#pass
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
> new file mode 100644
> index 00000000000..5fec6740047
> --- /dev/null
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
> @@ -0,0 +1,23 @@
> +## ARMv9.5 enhanced the existing PAuth feature with a new extensio called
> +## PAuth_LR. It aims at hardening the PAC in a signed return address. When
> +## signing the return address in LR, the PC is used as a diversifier, in
> +## addition to the SP to generate the PAC code.
> +## As for PAuth, when the pointers are mangled with PAuth_LR, the stack trace
> +## generator needs to know so it can mask off the PAC from the pointer value to
> +## recover the return address, and conversely, skip doing so if the pointers are
> +## not mangled.
> +##
> +## .cfi_negate_ra_state_with_pc CFI directive is used to convey this information.
> +##
> +## SFrame has currently no support for this. The support is expected in SFrame
> +## v3. This testcase ensures that the directive is understood, and outputs
> +## a warning to the user before failing to generate the FDE.
> +	.cfi_startproc
> +	.long 0
> +	.cfi_def_cfa_offset 16
> +	.cfi_negate_ra_state_with_pc
> +	.long 0
> +	.cfi_offset 29, -16
> +	.cfi_offset 30, -8
> +	.long 0
> +	.cfi_endproc
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> index c646b109895..162c2b4573d 100644
> --- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> @@ -98,5 +98,6 @@ if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
>       run_dump_test "cfi-sframe-aarch64-1"
>       run_dump_test "cfi-sframe-aarch64-2"
>       run_dump_test "cfi-sframe-aarch64-3"
> +    run_dump_test "cfi-sframe-aarch64-4"
>       run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
>   }
  

Patch

diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
index be48b339609..041c4c7b83e 100644
--- a/gas/gen-sframe.c
+++ b/gas/gen-sframe.c
@@ -1282,6 +1282,19 @@  sframe_xlate_do_aarch64_negate_ra_state (struct sframe_xlate_ctx *xlate_ctx,
   return SFRAME_XLATE_OK;
 }
 
+/* Translate DW_CFA_AARCH64_negate_ra_state_with_pc into SFrame context.
+   Return SFRAME_XLATE_OK if success.  */
+
+static int
+sframe_xlate_do_aarch64_negate_ra_state_with_pc (struct sframe_xlate_ctx *xlate_ctx ATTRIBUTE_UNUSED,
+						 struct cfi_insn_data *cfi_insn ATTRIBUTE_UNUSED)
+{
+  as_warn (_("skipping SFrame FDE; .cfi_negate_ra_state_with_pc"));
+  /* The used signing method should be encoded inside the FDE in SFrame v3.
+     For now, PAuth_LR extension is not supported with SFrame.  */
+  return SFRAME_XLATE_ERR_NOTREPRESENTED;  /* Not represented.  */
+}
+
 /* Translate DW_CFA_GNU_window_save into SFrame context.
    DW_CFA_GNU_window_save is a DWARF Sparc extension, but is multiplexed with a
    directive of DWARF AArch64 extension: DW_CFA_AARCH64_negate_ra_state.
@@ -1397,6 +1410,9 @@  sframe_do_cfi_insn (struct sframe_xlate_ctx *xlate_ctx,
     case DW_CFA_GNU_window_save:
       err = sframe_xlate_do_gnu_window_save (xlate_ctx, cfi_insn);
       break;
+    case DW_CFA_AARCH64_negate_ra_state_with_pc:
+      err = sframe_xlate_do_aarch64_negate_ra_state_with_pc (xlate_ctx, cfi_insn);
+      break;
     case DW_CFA_register:
       err = sframe_xlate_do_register (xlate_ctx, cfi_insn);
       break;
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
new file mode 100644
index 00000000000..c81888b0021
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
@@ -0,0 +1,25 @@ 
+#as: --gsframe
+#objdump: --sframe=.sframe
+#name: SFrame cfi_negate_ra_state_with_pc test
+#warning: Warning: skipping SFrame FDE; \.cfi_negate_ra_state_with_pc
+
+## The support for .cfi_negate_ra_state_with_pc is currently pending on SFrame
+## v3 (currently in development). The unimplemented support is reported to the
+## user as a warning. Then the handler returns an error that will cause no
+## creation of a SFrame FDE later (hence "Num FDEs: 0").
+## Note: this test will be expected to fail when the support of PAuth_LR in
+## SFrame will be added, so will have to be fixed.
+
+#...
+Contents of the SFrame section .sframe:
+
+  Header :
+
+    Version: SFRAME_VERSION_2
+    Flags: NONE
+    Num FDEs: 0
+    Num FREs: 0
+
+  Function Index :
+
+#pass
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
new file mode 100644
index 00000000000..5fec6740047
--- /dev/null
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
@@ -0,0 +1,23 @@ 
+## ARMv9.5 enhanced the existing PAuth feature with a new extensio called
+## PAuth_LR. It aims at hardening the PAC in a signed return address. When
+## signing the return address in LR, the PC is used as a diversifier, in
+## addition to the SP to generate the PAC code.
+## As for PAuth, when the pointers are mangled with PAuth_LR, the stack trace
+## generator needs to know so it can mask off the PAC from the pointer value to
+## recover the return address, and conversely, skip doing so if the pointers are
+## not mangled.
+##
+## .cfi_negate_ra_state_with_pc CFI directive is used to convey this information.
+##
+## SFrame has currently no support for this. The support is expected in SFrame
+## v3. This testcase ensures that the directive is understood, and outputs
+## a warning to the user before failing to generate the FDE.
+	.cfi_startproc
+	.long 0
+	.cfi_def_cfa_offset 16
+	.cfi_negate_ra_state_with_pc
+	.long 0
+	.cfi_offset 29, -16
+	.cfi_offset 30, -8
+	.long 0
+	.cfi_endproc
diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
index c646b109895..162c2b4573d 100644
--- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
+++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
@@ -98,5 +98,6 @@  if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
     run_dump_test "cfi-sframe-aarch64-1"
     run_dump_test "cfi-sframe-aarch64-2"
     run_dump_test "cfi-sframe-aarch64-3"
+    run_dump_test "cfi-sframe-aarch64-4"
     run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
 }