diff options
| author | Indu Bhagat <indu.bhagat@oracle.com> | 2022-12-22 09:57:02 -0800 |
|---|---|---|
| committer | Indu Bhagat <indu.bhagat@oracle.com> | 2022-12-22 09:57:02 -0800 |
| commit | 41eed6e1878d93753ff82913d4577616c4778fa7 (patch) | |
| tree | 2e4142cd82b2dc6b93a377b60017fbdb39832896 /include | |
| parent | a5ce326cfeb364a33d8ee9c806780347a92b5d18 (diff) | |
| download | binutils-41eed6e1878d93753ff82913d4577616c4778fa7.zip binutils-41eed6e1878d93753ff82913d4577616c4778fa7.tar.gz binutils-41eed6e1878d93753ff82913d4577616c4778fa7.tar.bz2 | |
sframe.h: add support for .cfi_b_key_frame
ARM 8.3 provides five separate keys that can be used to authenticate
pointers. There are two key for executable (instruction) pointers. The
enum pointer_auth_key in gas/config/tc-aarch64.h currently holds two keys:
enum pointer_auth_key {
AARCH64_PAUTH_KEY_A,
AARCH64_PAUTH_KEY_B
};
Analogous to the above, in SFrame format V1, a bit is reserved in the SFrame
FDE to indicate which key is used for signing the frame's return addresses:
- SFRAME_AARCH64_PAUTH_KEY_A has a value of 0
- SFRAME_AARCH64_PAUTH_KEY_B has a value of 1
Note that the information in this bit will always be used along with the
mangled_ra_p bit, the latter indicates whether the return addresses are
mangled/contain PAC auth bits.
include/ChangeLog:
* sframe.h (SFRAME_AARCH64_PAUTH_KEY_A): New definition.
(SFRAME_AARCH64_PAUTH_KEY_B): Likewise.
(SFRAME_V1_FUNC_INFO): Adjust to accommodate pauth_key.
(SFRAME_V1_FUNC_PAUTH_KEY): New macro.
(SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY): Likewise.
Diffstat (limited to 'include')
| -rw-r--r-- | include/sframe.h | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/include/sframe.h b/include/sframe.h index b2bd41a..77071c9 100644 --- a/include/sframe.h +++ b/include/sframe.h @@ -165,6 +165,10 @@ typedef struct sframe_header #define SFRAME_V1_HDR_SIZE(sframe_hdr) \ ((sizeof (sframe_header) + (sframe_hdr).sfh_auxhdr_len)) +/* Two possible keys for executable (instruction) pointers signing. */ +#define SFRAME_AARCH64_PAUTH_KEY_A 0 /* Key A. */ +#define SFRAME_AARCH64_PAUTH_KEY_B 1 /* Key B. */ + typedef struct sframe_func_desc_entry { /* Function start address. Encoded as a signed offset, relative to the @@ -181,21 +185,30 @@ typedef struct sframe_func_desc_entry function. - 4-bits: Identify the FRE type used for the function. - 1-bit: Identify the FDE type of the function - mask or inc. - - 3-bits: Unused. - -------------------------------------------- - | Unused | FDE type | FRE type | - -------------------------------------------- - 8 5 4 0 */ + - 1-bit: PAC authorization A/B key (aarch64). + - 2-bits: Unused. + ------------------------------------------------------------------------ + | Unused | PAC auth A/B key (aarch64) | FDE type | FRE type | + | | Unused (amd64) | | | + ------------------------------------------------------------------------ + 8 6 5 4 0 */ uint8_t sfde_func_info; } ATTRIBUTE_PACKED sframe_func_desc_entry; /* Macros to compose and decompose function info in FDE. */ +/* Note: Set PAC auth key to SFRAME_AARCH64_PAUTH_KEY_A by default. */ #define SFRAME_V1_FUNC_INFO(fde_type, fre_enc_type) \ - ((((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) + (((SFRAME_AARCH64_PAUTH_KEY_A & 0x1) << 5) | \ + (((fde_type) & 0x1) << 4) | ((fre_enc_type) & 0xf)) #define SFRAME_V1_FUNC_FRE_TYPE(data) ((data) & 0xf) #define SFRAME_V1_FUNC_FDE_TYPE(data) (((data) >> 4) & 0x1) +#define SFRAME_V1_FUNC_PAUTH_KEY(data) (((data) >> 5) & 0x1) + +/* Set the pauth key as indicated. */ +#define SFRAME_V1_FUNC_INFO_UPDATE_PAUTH_KEY(pauth_key, fde_info) \ + ((((pauth_key) & 0x1) << 5) | ((fde_info) & 0xdf)) /* Size of stack frame offsets in an SFrame Frame Row Entry. A single SFrame FRE has all offsets of the same size. Offset size may vary |