[v2,0/5] Enable PAC support in elfutils

  Hello,
This series enables Pointer Authentication (PAC) support in elfutils.

The first three patches were originally posted by German Gomez. I've
rewritten a new patch to extend the dwfl_thread_state_registers function
to handle the PAC mask and added an extra patch that was required to
debug core dumps from PAC enabled applications.

These patches were tested on Debian Testing and Fedora 40 running on an
Apple M1 MacBook Pro (the CFLAG -mbranch-protection=standard needs to be
supplied to the build).

Without this series applied, the following tests failed:
 * run-backtrace-native.sh
 * run-backtrace-dwarf.sh
 * run-backtrace-native-core.sh
 * run-deleted.sh

I am happy to chop/change bits as necessary. 

A guide to pointer authentication can be found here:
https://developer.arm.com/-/media/Arm%20Developer%20Community/PDF/Learn%20the%20Architecture/Providing%20protection%20for%20complex%20software.pdf

Changed in V2:
 * moved DW_AARCH64_RA_SIGN_STATE to cfi.h,
 * dwfl_thread_state_aarch64_pauth API dropped,
   (using dwfl_thread_state_registers instead)
 * AArch64 #ifdefs removed, ptrace logic for PAC consolidated into
   aarch64_initreg.c
 
Cheers,
  

Hi Steve,

On Mon, 2024-08-26 at 11:52 +0100, Steve Capper wrote:
> Hello,
> This series enables Pointer Authentication (PAC) support in elfutils.
> 
> The first three patches were originally posted by German Gomez. I've
> rewritten a new patch to extend the dwfl_thread_state_registers function
> to handle the PAC mask and added an extra patch that was required to
> debug core dumps from PAC enabled applications.
> 
> These patches were tested on Debian Testing and Fedora 40 running on an
> Apple M1 MacBook Pro (the CFLAG -mbranch-protection=standard needs to be
> supplied to the build).
> 
> Without this series applied, the following tests failed:
>  * run-backtrace-native.sh
>  * run-backtrace-dwarf.sh
>  * run-backtrace-native-core.sh
>  * run-deleted.sh
> 
> I am happy to chop/change bits as necessary. 
> 
> A guide to pointer authentication can be found here:
> https://developer.arm.com/-/media/Arm%20Developer%20Community/PDF/Learn%20the%20Architecture/Providing%20protection%20for%20complex%20software.pdf
> 
> Changed in V2:
>  * moved DW_AARCH64_RA_SIGN_STATE to cfi.h,
>  * dwfl_thread_state_aarch64_pauth API dropped,
>    (using dwfl_thread_state_registers instead)
>  * AArch64 #ifdefs removed, ptrace logic for PAC consolidated into
>    aarch64_initreg.c

Very nice. This addresses all my concerns. I looked over all 5 patches
and pushed them. The only thing I am concerned about is the usage of
struct user_pac_mask in aarch64_initreg.c. It might not be defined on
older aarch64 systems. Hopefully the buildbot (or some aarch64 user)
will catch that if it really is an issue.

Thanks,

Mark

> Cheers,
> -- 
> Steve
> 
> German Gomez (3):
>   aarch64: Create definitions for AARCH64_RA_SIGN_STATE register
>   libdw, aarch64: Implement DW_CFA_AARCH64_negate_ra_state CFI
>     instruction
>   libdwfl, aarch64: Demangle return addresses using a PAC mask
> 
> Steve Capper (2):
>   libdwfl, aarch64: extend dwfl_thread_state_registers to handle PAC
>   libdwfl, aarch64: Read PAC mask from core
> 
>  backends/aarch64_corenote.c | 17 +++++++++++++++--
>  backends/aarch64_initreg.c  | 12 ++++++++++++
>  backends/aarch64_regs.c     |  5 ++++-
>  libdw/cfi.c                 | 14 +++++++++++++-
>  libdw/cfi.h                 |  5 +++++
>  libdwfl/dwfl_frame.c        |  3 +++
>  libdwfl/dwfl_frame_regs.c   |  6 ++++++
>  libdwfl/frame_unwind.c      | 14 +++++++++++++-
>  libdwfl/libdwflP.h          |  6 ++++++
>  libdwfl/linux-core-attach.c | 34 ++++++++++++++++++++++++++++++++++
>  libdwfl/linux-pid-attach.c  |  9 +++++++--
>  tests/run-addrcfi.sh        |  1 +
>  tests/run-allregs.sh        |  1 +
>  13 files changed, 120 insertions(+), 7 deletions(-)
>