[v1,4/4] aarch64 SFrame: skip with warning new CFI directive used with pauth_lr
Checks
Context |
Check |
Description |
linaro-tcwg-bot/tcwg_binutils_build--master-arm |
success
|
Build passed
|
linaro-tcwg-bot/tcwg_binutils_build--master-aarch64 |
success
|
Build passed
|
linaro-tcwg-bot/tcwg_binutils_check--master-aarch64 |
success
|
Test passed
|
linaro-tcwg-bot/tcwg_binutils_check--master-arm |
success
|
Test passed
|
Commit Message
Today, SFrame v2 specification does not describe how to encode the
information corresponding to the PAC signing method.
SFrame v3 specification should hopefully specify it.
In the meantime, if the GNU assembler finds .cfi_negate_ra_state_with_pc
and --gsframe is specified, it will output a warning to the user and
will fail to generate the FDE entry.
A new SFrame test for .cfi_negate_ra_state_with_pc is also added to
reflect this issue.
---
gas/gen-sframe.c | 16 ++++++++++++
.../gas/cfi-sframe/cfi-sframe-aarch64-4.d | 25 +++++++++++++++++++
.../gas/cfi-sframe/cfi-sframe-aarch64-4.s | 23 +++++++++++++++++
gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
4 files changed, 65 insertions(+)
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
Comments
On 11/25/24 8:28 AM, Matthieu Longo wrote:
> Today, SFrame v2 specification does not describe how to encode the
> information corresponding to the PAC signing method.
> SFrame v3 specification should hopefully specify it.
>
> In the meantime, if the GNU assembler finds .cfi_negate_ra_state_with_pc
> and --gsframe is specified, it will output a warning to the user and
> will fail to generate the FDE entry.
>
> A new SFrame test for .cfi_negate_ra_state_with_pc is also added to
> reflect this issue.
OK, LGTM. Thanks for the patch.
> ---
> gas/gen-sframe.c | 16 ++++++++++++
> .../gas/cfi-sframe/cfi-sframe-aarch64-4.d | 25 +++++++++++++++++++
> .../gas/cfi-sframe/cfi-sframe-aarch64-4.s | 23 +++++++++++++++++
> gas/testsuite/gas/cfi-sframe/cfi-sframe.exp | 1 +
> 4 files changed, 65 insertions(+)
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
> create mode 100644 gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
>
> diff --git a/gas/gen-sframe.c b/gas/gen-sframe.c
> index be48b339609..041c4c7b83e 100644
> --- a/gas/gen-sframe.c
> +++ b/gas/gen-sframe.c
> @@ -1282,6 +1282,19 @@ sframe_xlate_do_aarch64_negate_ra_state (struct sframe_xlate_ctx *xlate_ctx,
> return SFRAME_XLATE_OK;
> }
>
> +/* Translate DW_CFA_AARCH64_negate_ra_state_with_pc into SFrame context.
> + Return SFRAME_XLATE_OK if success. */
> +
> +static int
> +sframe_xlate_do_aarch64_negate_ra_state_with_pc (struct sframe_xlate_ctx *xlate_ctx ATTRIBUTE_UNUSED,
> + struct cfi_insn_data *cfi_insn ATTRIBUTE_UNUSED)
> +{
> + as_warn (_("skipping SFrame FDE; .cfi_negate_ra_state_with_pc"));
> + /* The used signing method should be encoded inside the FDE in SFrame v3.
> + For now, PAuth_LR extension is not supported with SFrame. */
> + return SFRAME_XLATE_ERR_NOTREPRESENTED; /* Not represented. */
> +}
> +
> /* Translate DW_CFA_GNU_window_save into SFrame context.
> DW_CFA_GNU_window_save is a DWARF Sparc extension, but is multiplexed with a
> directive of DWARF AArch64 extension: DW_CFA_AARCH64_negate_ra_state.
> @@ -1397,6 +1410,9 @@ sframe_do_cfi_insn (struct sframe_xlate_ctx *xlate_ctx,
> case DW_CFA_GNU_window_save:
> err = sframe_xlate_do_gnu_window_save (xlate_ctx, cfi_insn);
> break;
> + case DW_CFA_AARCH64_negate_ra_state_with_pc:
> + err = sframe_xlate_do_aarch64_negate_ra_state_with_pc (xlate_ctx, cfi_insn);
> + break;
> case DW_CFA_register:
> err = sframe_xlate_do_register (xlate_ctx, cfi_insn);
> break;
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
> new file mode 100644
> index 00000000000..c81888b0021
> --- /dev/null
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.d
> @@ -0,0 +1,25 @@
> +#as: --gsframe
> +#objdump: --sframe=.sframe
> +#name: SFrame cfi_negate_ra_state_with_pc test
> +#warning: Warning: skipping SFrame FDE; \.cfi_negate_ra_state_with_pc
> +
> +## The support for .cfi_negate_ra_state_with_pc is currently pending on SFrame
> +## v3 (currently in development). The unimplemented support is reported to the
> +## user as a warning. Then the handler returns an error that will cause no
> +## creation of a SFrame FDE later (hence "Num FDEs: 0").
> +## Note: this test will be expected to fail when the support of PAuth_LR in
> +## SFrame will be added, so will have to be fixed.
> +
> +#...
> +Contents of the SFrame section .sframe:
> +
> + Header :
> +
> + Version: SFRAME_VERSION_2
> + Flags: NONE
> + Num FDEs: 0
> + Num FREs: 0
> +
> + Function Index :
> +
> +#pass
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
> new file mode 100644
> index 00000000000..5fec6740047
> --- /dev/null
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe-aarch64-4.s
> @@ -0,0 +1,23 @@
> +## ARMv9.5 enhanced the existing PAuth feature with a new extensio called
> +## PAuth_LR. It aims at hardening the PAC in a signed return address. When
> +## signing the return address in LR, the PC is used as a diversifier, in
> +## addition to the SP to generate the PAC code.
> +## As for PAuth, when the pointers are mangled with PAuth_LR, the stack trace
> +## generator needs to know so it can mask off the PAC from the pointer value to
> +## recover the return address, and conversely, skip doing so if the pointers are
> +## not mangled.
> +##
> +## .cfi_negate_ra_state_with_pc CFI directive is used to convey this information.
> +##
> +## SFrame has currently no support for this. The support is expected in SFrame
> +## v3. This testcase ensures that the directive is understood, and outputs
> +## a warning to the user before failing to generate the FDE.
> + .cfi_startproc
> + .long 0
> + .cfi_def_cfa_offset 16
> + .cfi_negate_ra_state_with_pc
> + .long 0
> + .cfi_offset 29, -16
> + .cfi_offset 30, -8
> + .long 0
> + .cfi_endproc
> diff --git a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> index c646b109895..162c2b4573d 100644
> --- a/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> +++ b/gas/testsuite/gas/cfi-sframe/cfi-sframe.exp
> @@ -98,5 +98,6 @@ if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
> run_dump_test "cfi-sframe-aarch64-1"
> run_dump_test "cfi-sframe-aarch64-2"
> run_dump_test "cfi-sframe-aarch64-3"
> + run_dump_test "cfi-sframe-aarch64-4"
> run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
> }
@@ -1282,6 +1282,19 @@ sframe_xlate_do_aarch64_negate_ra_state (struct sframe_xlate_ctx *xlate_ctx,
return SFRAME_XLATE_OK;
}
+/* Translate DW_CFA_AARCH64_negate_ra_state_with_pc into SFrame context.
+ Return SFRAME_XLATE_OK if success. */
+
+static int
+sframe_xlate_do_aarch64_negate_ra_state_with_pc (struct sframe_xlate_ctx *xlate_ctx ATTRIBUTE_UNUSED,
+ struct cfi_insn_data *cfi_insn ATTRIBUTE_UNUSED)
+{
+ as_warn (_("skipping SFrame FDE; .cfi_negate_ra_state_with_pc"));
+ /* The used signing method should be encoded inside the FDE in SFrame v3.
+ For now, PAuth_LR extension is not supported with SFrame. */
+ return SFRAME_XLATE_ERR_NOTREPRESENTED; /* Not represented. */
+}
+
/* Translate DW_CFA_GNU_window_save into SFrame context.
DW_CFA_GNU_window_save is a DWARF Sparc extension, but is multiplexed with a
directive of DWARF AArch64 extension: DW_CFA_AARCH64_negate_ra_state.
@@ -1397,6 +1410,9 @@ sframe_do_cfi_insn (struct sframe_xlate_ctx *xlate_ctx,
case DW_CFA_GNU_window_save:
err = sframe_xlate_do_gnu_window_save (xlate_ctx, cfi_insn);
break;
+ case DW_CFA_AARCH64_negate_ra_state_with_pc:
+ err = sframe_xlate_do_aarch64_negate_ra_state_with_pc (xlate_ctx, cfi_insn);
+ break;
case DW_CFA_register:
err = sframe_xlate_do_register (xlate_ctx, cfi_insn);
break;
new file mode 100644
@@ -0,0 +1,25 @@
+#as: --gsframe
+#objdump: --sframe=.sframe
+#name: SFrame cfi_negate_ra_state_with_pc test
+#warning: Warning: skipping SFrame FDE; \.cfi_negate_ra_state_with_pc
+
+## The support for .cfi_negate_ra_state_with_pc is currently pending on SFrame
+## v3 (currently in development). The unimplemented support is reported to the
+## user as a warning. Then the handler returns an error that will cause no
+## creation of a SFrame FDE later (hence "Num FDEs: 0").
+## Note: this test will be expected to fail when the support of PAuth_LR in
+## SFrame will be added, so will have to be fixed.
+
+#...
+Contents of the SFrame section .sframe:
+
+ Header :
+
+ Version: SFRAME_VERSION_2
+ Flags: NONE
+ Num FDEs: 0
+ Num FREs: 0
+
+ Function Index :
+
+#pass
new file mode 100644
@@ -0,0 +1,23 @@
+## ARMv9.5 enhanced the existing PAuth feature with a new extensio called
+## PAuth_LR. It aims at hardening the PAC in a signed return address. When
+## signing the return address in LR, the PC is used as a diversifier, in
+## addition to the SP to generate the PAC code.
+## As for PAuth, when the pointers are mangled with PAuth_LR, the stack trace
+## generator needs to know so it can mask off the PAC from the pointer value to
+## recover the return address, and conversely, skip doing so if the pointers are
+## not mangled.
+##
+## .cfi_negate_ra_state_with_pc CFI directive is used to convey this information.
+##
+## SFrame has currently no support for this. The support is expected in SFrame
+## v3. This testcase ensures that the directive is understood, and outputs
+## a warning to the user before failing to generate the FDE.
+ .cfi_startproc
+ .long 0
+ .cfi_def_cfa_offset 16
+ .cfi_negate_ra_state_with_pc
+ .long 0
+ .cfi_offset 29, -16
+ .cfi_offset 30, -8
+ .long 0
+ .cfi_endproc
@@ -98,5 +98,6 @@ if { [istarget "aarch64*-*-*"] && [gas_sframe_check] } then {
run_dump_test "cfi-sframe-aarch64-1"
run_dump_test "cfi-sframe-aarch64-2"
run_dump_test "cfi-sframe-aarch64-3"
+ run_dump_test "cfi-sframe-aarch64-4"
run_dump_test "cfi-sframe-aarch64-pac-ab-key-1"
}