git: 973bbdab4703 - main - mk: Add a BTI-report linker feature
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 30 Aug 2024 16:03:52 UTC
The branch main has been updated by andrew:
URL: https://cgit.FreeBSD.org/src/commit/?id=973bbdab47035ebd16200c63d095904924dc44d9
commit 973bbdab47035ebd16200c63d095904924dc44d9
Author: Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2024-08-22 03:23:59 +0000
Commit: Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2024-08-30 16:03:17 +0000
mk: Add a BTI-report linker feature
Add support for specifying how to report the missing Branch Target
Identification (BTI) linker feature on AArch64.
For:
Kernel: bti-report on when the linker supports it
Userspace: bti-report on when the linker supports it and
BTI_REPORT_ERROR is defined
Fixes: 43e8849bc294 ("conf: Enable BTI checking in the arm64 kernel")
Pull Request: https://github.com/freebsd/freebsd-src/pull/1393
---
share/mk/bsd.lib.mk | 2 +-
share/mk/bsd.linker.mk | 11 ++++++++---
share/mk/bsd.prog.mk | 2 +-
sys/conf/kern.mk | 2 +-
4 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/share/mk/bsd.lib.mk b/share/mk/bsd.lib.mk
index 575b521bea55..6e288b9cd4ce 100644
--- a/share/mk/bsd.lib.mk
+++ b/share/mk/bsd.lib.mk
@@ -99,7 +99,7 @@ LDFLAGS+= -Wl,-zretpolineplt
LDFLAGS.bfd+= -Wl,-znoexecstack
.if ${MK_BRANCH_PROTECTION} != "no"
CFLAGS+= -mbranch-protection=standard
-.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+.if ${LINKER_FEATURES:Mbti-report} && defined(BTI_REPORT_ERROR)
LDFLAGS+= -Wl,-zbti-report=error
.endif
.endif
diff --git a/share/mk/bsd.linker.mk b/share/mk/bsd.linker.mk
index 0e9477284ea3..cceeadd05b94 100644
--- a/share/mk/bsd.linker.mk
+++ b/share/mk/bsd.linker.mk
@@ -11,9 +11,11 @@
# LINKER_FEATURES may contain one or more of the following, based on
# linker support for that feature:
#
-# - build-id: support for generating a Build-ID note
-# - retpoline: support for generating PLT with retpoline speculative
-# execution vulnerability mitigation
+# - build-id: support for generating a Build-ID note
+# - retpoline: support for generating PLT with retpoline speculative
+# execution vulnerability mitigation
+# - bti-report: support for specifying how to report the missing
+# Branch Target Identification (BTI) property (AArch64)
#
# LINKER_FREEBSD_VERSION is the linker's internal source version.
#
@@ -112,6 +114,9 @@ ${X_}LINKER_FEATURES+= retpoline
.if ${${X_}LINKER_TYPE} == "lld" && ${${X_}LINKER_VERSION} >= 90000
${X_}LINKER_FEATURES+= ifunc-noplt
.endif
+.if ${${X_}LINKER_TYPE} == "lld" && ${${X_}LINKER_VERSION} >= 140000
+${X_}LINKER_FEATURES+= bti-report
+.endif
.endif
.else
# Use LD's values
diff --git a/share/mk/bsd.prog.mk b/share/mk/bsd.prog.mk
index 74a653057bda..89534b21d0e7 100644
--- a/share/mk/bsd.prog.mk
+++ b/share/mk/bsd.prog.mk
@@ -71,7 +71,7 @@ LDFLAGS+= -Wl,-zretpolineplt
LDFLAGS.bfd+= -Wl,-znoexecstack
.if ${MK_BRANCH_PROTECTION} != "no"
CFLAGS+= -mbranch-protection=standard
-.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+.if ${LINKER_FEATURES:Mbti-report} && defined(BTI_REPORT_ERROR)
LDFLAGS+= -Wl,-zbti-report=error
.endif
.endif
diff --git a/sys/conf/kern.mk b/sys/conf/kern.mk
index 079bd1173fad..00492584921b 100644
--- a/sys/conf/kern.mk
+++ b/sys/conf/kern.mk
@@ -143,7 +143,7 @@ CFLAGS += -mgeneral-regs-only
CFLAGS += -ffixed-x18
# Build with BTI+PAC
CFLAGS += -mbranch-protection=standard
-.if ${LINKER_TYPE} == "lld"
+.if ${LINKER_FEATURES:Mbti-report}
LDFLAGS += -Wl,-zbti-report=error
.endif
# TODO: support outline atomics