aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzabolcs Nagy <szabolcs.nagy@arm.com>2020-04-01 10:31:41 +0100
committerSzabolcs Nagy <szabolcs.nagy@arm.com>2020-07-08 13:04:04 +0100
commitf97789341dfddb8cf05350f6de5a4a05e4b79a09 (patch)
treee7a2477d4f33da49ea35387a4ae7255b56e205fc
parent706b5cf41102a7b52d8b3e0f6b84704441127524 (diff)
downloadglibc-f97789341dfddb8cf05350f6de5a4a05e4b79a09.zip
glibc-f97789341dfddb8cf05350f6de5a4a05e4b79a09.tar.gz
glibc-f97789341dfddb8cf05350f6de5a4a05e4b79a09.tar.bz2
aarch64: fix swapcontext for BTI
setcontext returns to the specified context via an indirect jump, so there should be a BTI j. In case of getcontext (and all other returns_twice functions) the compiler adds BTI j at the call site, but swapcontext is a normal c call that is currently not handled specially by the compiler. So we change swapcontext such that the saved context returns to a local address that has BTI j and then swapcontext returns to the caller via a normal RET. For this we save the original return address in the slot for x1 of the context because x1 need not be preserved by swapcontext but it is restored when the context saved by swapcontext is resumed. The alternative fix (which is done on x86) would make swapcontext special in the compiler so BTI j is emitted at call sites, on x86 there is an indirect_return attribute for this, on AArch64 we would have to use returns_twice. It was decided against because such fix may need user code updates: the attribute has to be added when swapcontext is called via a function pointer and it breaks always_inline functions with swapcontext. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
-rw-r--r--sysdeps/unix/sysv/linux/aarch64/swapcontext.S14
1 files changed, 12 insertions, 2 deletions
diff --git a/sysdeps/unix/sysv/linux/aarch64/swapcontext.S b/sysdeps/unix/sysv/linux/aarch64/swapcontext.S
index d30c543..f8c66f0 100644
--- a/sysdeps/unix/sysv/linux/aarch64/swapcontext.S
+++ b/sysdeps/unix/sysv/linux/aarch64/swapcontext.S
@@ -28,8 +28,12 @@
.text
ENTRY(__swapcontext)
DELOUSE (0)
- /* Set the value returned when swapcontext() returns in this context. */
- str xzr, [x0, oX0 + 0 * SZREG]
+ /* Set the value returned when swapcontext() returns in this context.
+ And set up x1 to become the return address of the caller, so we
+ can return there with a normal RET instead of an indirect jump. */
+ stp xzr, x30, [x0, oX0 + 0 * SZREG]
+ /* Arrange the oucp context to return to 2f. */
+ adr x30, 2f
stp x18, x19, [x0, oX0 + 18 * SZREG]
stp x20, x21, [x0, oX0 + 20 * SZREG]
@@ -97,5 +101,11 @@ ENTRY(__swapcontext)
1:
b C_SYMBOL_NAME(__syscall_error)
+2:
+ /* The oucp context is restored here via an indirect branch,
+ x1 must be restored too which has the real return address. */
+ BTI_J
+ mov x30, x1
+ RET
PSEUDO_END (__swapcontext)
weak_alias (__swapcontext, swapcontext)