aarch64: group software protection options under a same struct.

- declare a new struc aarch_protection_opts to store all the configuration options related to software protections (i.e. bti-plt, pac-plt, bti-report level). - add a new option "-z bti-report" to configure the log level of reported issues when BTI PLT is forced. - encapsulate the BTI report inside _bfd_aarch64_elf_check_bti_report.
author: Matthieu Longo <matthieu.longo@arm.com> 2024-10-28 18:12:38 +0000
committer: Matthieu Longo <matthieu.longo@arm.com> 2024-12-02 15:18:40 +0000
commit: 23189e9db77b280f88bb55ca8748e7edb72c61b1 (patch)
tree: e8474749c6d6b7b5b590ae532bf04e92ab28f15b /ld
parent: 79aff6ea0e8766a72c70679ae04767b6e57e192b (diff)
download: binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.zip
binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.tar.gz
binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.tar.bz2
1 files changed, 50 insertions, 16 deletions
diff --git a/ld/emultempl/aarch64elf.em b/ld/emultempl/aarch64elf.em
index c5edf26..33b239b 100644
--- a/ld/emultempl/aarch64elf.em
+++ b/ld/emultempl/aarch64elf.em
@@ -34,8 +34,13 @@ static int pic_veneer = 0;
 static int fix_erratum_835769 = 0;
 static erratum_84319_opts fix_erratum_843419 = ERRAT_NONE;
 static int no_apply_dynamic_relocs = 0;
-static aarch64_plt_type plt_type = PLT_NORMAL;
-static aarch64_enable_bti_type bti_type = BTI_NONE;
+static aarch64_protection_opts sw_protections = {
+  .plt_type = PLT_NORMAL,
+  .bti_report = BTI_WARN,
+};
+
+#define COMPILE_TIME_STRLEN(s) \
+  (sizeof(s) - 1)
 
 static void
 gld${EMULATION_NAME}_before_parse (void)
@@ -321,17 +326,13 @@ aarch64_elf_create_output_section_statements (void)
       return;
     }
 
-  aarch64_bti_pac_info bp_info;
-  bp_info.plt_type = plt_type;
-  bp_info.bti_type = bti_type;
-
   bfd_elf${ELFSIZE}_aarch64_set_options (link_info.output_bfd, &link_info,
 				 no_enum_size_warning,
 				 no_wchar_size_warning,
 				 pic_veneer,
 				 fix_erratum_835769, fix_erratum_843419,
 				 no_apply_dynamic_relocs,
-				 bp_info);
+				 &sw_protections);
 
   stub_file = lang_add_input_file ("linker stubs",
 				   lang_input_file_is_fake_enum,
@@ -350,6 +351,30 @@ aarch64_elf_create_output_section_statements (void)
   ldlang_add_file (stub_file);
 }
 
+static bool
+aarch64_parse_bti_report_option (const char *optarg)
+{
+  #define BTI_REPORT      "bti-report"
+  #define BTI_REPORT_LEN  COMPILE_TIME_STRLEN (BTI_REPORT)
+
+  if (strncmp (optarg, BTI_REPORT, BTI_REPORT_LEN) != 0)
+    return false;
+
+  if (strlen (optarg) == BTI_REPORT_LEN
+      || strcmp (optarg + BTI_REPORT_LEN, "=warning") == 0)
+    sw_protections.bti_report = BTI_WARN;
+  else if (strcmp (optarg + BTI_REPORT_LEN, "=none") == 0)
+    sw_protections.bti_report = BTI_NONE;
+  else if (strcmp (optarg + BTI_REPORT_LEN, "=error") == 0)
+    sw_protections.bti_report = BTI_ERROR;
+  else
+    einfo (_("%X%P: error: unrecognized value '-z %s'\n"), optarg);
+
+  return true;
+
+  #undef BTI_REPORT
+  #undef BTI_REPORT_LEN
+}
 EOF
 
 # Define some shell vars to insert bits of code into the standard elf
@@ -396,18 +421,27 @@ PARSE_AND_LIST_OPTIONS='
                                                  instruction into an ADR.  As such the workaround will always use a\n\
                                                  veneer and this will give you both a performance and size overhead.\n"));
   fprintf (file, _("  --no-apply-dynamic-relocs    Do not apply link-time values for dynamic relocations\n"));
-  fprintf (file, _("  -z force-bti                  Turn on Branch Target Identification mechanism and generate PLTs with BTI. Generate warnings for missing BTI on inputs\n"));
-  fprintf (file, _("  -z pac-plt                    Protect PLTs with Pointer Authentication.\n"));
+  fprintf (file, _("\
+  -z force-bti                         Turn on Branch Target Identification mechanism and generate PLTs with BTI.\n\
+                                         Generate warnings for missing BTI markings on inputs\n"));
+  fprintf (file, _("\
+  -z bti-report[=none|warning|error]   Emit warning/error on mismatch of BTI marking between input objects and ouput.\n\
+                                         none: Does not emit any warning/error messages.\n\
+                                         warning (default): Emit warning when the input objects are missing BTI markings\n\
+                                           and output has BTI marking.\n\
+                                         error: Emit error when the input objects are missing BTI markings\n\
+                                           and output has BTI marking.\n"));
+  fprintf (file, _("\
+  -z pac-plt                           Protect PLTs with Pointer Authentication.\n"));
 '
 
 PARSE_AND_LIST_ARGS_CASE_Z_AARCH64='
-      else if (strcmp (optarg, "force-bti") == 0)
-	{
-	  plt_type |= PLT_BTI;
-	  bti_type = BTI_WARN;
-	}
-      else if (strcmp (optarg, "pac-plt") == 0)
-	plt_type |= PLT_PAC;
+     else if (strcmp (optarg, "force-bti") == 0)
+	sw_protections.plt_type |= PLT_BTI;
+     else if (aarch64_parse_bti_report_option (optarg))
+	{}
+     else if (strcmp (optarg, "pac-plt") == 0)
+	sw_protections.plt_type |= PLT_PAC;
 '
 PARSE_AND_LIST_ARGS_CASE_Z="$PARSE_AND_LIST_ARGS_CASE_Z $PARSE_AND_LIST_ARGS_CASE_Z_AARCH64"
author	Matthieu Longo <matthieu.longo@arm.com>	2024-10-28 18:12:38 +0000
committer	Matthieu Longo <matthieu.longo@arm.com>	2024-12-02 15:18:40 +0000
commit	23189e9db77b280f88bb55ca8748e7edb72c61b1 (patch)
tree	e8474749c6d6b7b5b590ae532bf04e92ab28f15b /ld
parent	79aff6ea0e8766a72c70679ae04767b6e57e192b (diff)
download	binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.zip binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.tar.gz binutils-23189e9db77b280f88bb55ca8748e7edb72c61b1.tar.bz2