From nobody Wed May 22 17:03:31 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VkyLX0C0Dz5M3Gg;
	Wed, 22 May 2024 17:03:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4VkyLW6r1lz4d6t;
	Wed, 22 May 2024 17:03:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1716397412;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3e9tsb5JgtNyj0SNJvjy/9z6JDjec333DqryQ18e6+c=;
	b=tfNidW1Jp9Bn9+I0AzlLRVSGr35wfOZqMu7dB8Tlb/VF35P2NbFrbYrZqHHBsOhWbwLi5x
	lPGAicanuHji58kjNTDg12Rnx9EDad4sxKf7Ytytyjk+bxZpfi6Ha9BeXrHU0hNnx5XLKc
	jhUWcZ2cZU8w739sRNxcLEZOPx/o1sjusNDZutrqcGGRFKe9BoIkg9QItvRcDF56WZA4lN
	e9XqDulKNPK+K4ioPvXN41X8f56xpXXyiQoP8aXmhOJf1ufYUbz4prXXwXaD2PIF2MJwCW
	ZGuYUwIgogTwuLDhdxInh/dWsjPvrpfN03Emt+CF1nq9iv/w3hU2JoRll1YR9g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1716397412; a=rsa-sha256; cv=none;
	b=lrH+rkhOctOpworT+Nu7UlJg8cWeuYCQwJ7H2aB6vyGdezOxgQk1PuhlnNrP/8ROYptCeM
	Qw9SHxigiSVO7kNKV+Wz8nQIiSYpVArQQCcko9X9Vs94BMPFZwctThSa8O1xi4K0XDZN+s
	BcXgE4Ws1D/4hvFyCyEo3bSMbdFnJb3HewyXQkuxgbqSgb17UWMCU75FeEEouWHmZ77xvR
	l9fApW34O1Gu9/HkUmIkSuaoYRP2rwvQSGaU5FpQTtuTaqC7Ijwweq4boblZaYUtZBS5U4
	aHPRsEuP1eE7RdyCDO+IClAOONwqckc02mHceBNrWr+OdiIyDfwBYfTGvjgm3A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1716397412;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3e9tsb5JgtNyj0SNJvjy/9z6JDjec333DqryQ18e6+c=;
	b=QpzOfsR0/vNm7Bad1m56YZsvjVSk+KUfRt5tkBd6jExYXHc7joPSnucHqds3/5Y5ZiJP17
	ax42L61QBSSBRzlNmqvv749SX6w1f+4YRibYTJYuYzZ88hyMT0EW8+BA+dg9zbxaNNVjgM
	vAnMq9Zke8tn3Yz1UKtIprfC+BjT10Y2pcGdNoooUG54/QZCCvyX6YIJ4qu3v3NEjkQAsE
	CajQOLMaunATYGL4yXgIE2zQd/9Abcq+boPtVXRGBZcsfwryxJaOQWFEH9/PJu2NzBizoi
	oSLrLlCEDfzlP+3c62tbdLNf3cRTmMUwa7+YJOxHEAefGarqINi39UBFxr/XFQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VkyLW6RLKzDxs;
	Wed, 22 May 2024 17:03:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 44MH3VU4074793;
	Wed, 22 May 2024 17:03:31 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 44MH3VJA074790;
	Wed, 22 May 2024 17:03:31 GMT
	(envelope-from git)
Date: Wed, 22 May 2024 17:03:31 GMT
Message-Id: <202405221703.44MH3VJA074790@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Andrew Turner <andrew@FreeBSD.org>
Subject: git: 82854693aec1 - main - arm64: Allow userspace to be
  built with PAC and BTI
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: andrew
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 82854693aec11f87f1f0560e8395452b64f1770f
Auto-Submitted: auto-generated

The branch main has been updated by andrew:

URL: https://cgit.FreeBSD.org/src/commit/?id=82854693aec11f87f1f0560e8395452b64f1770f

commit 82854693aec11f87f1f0560e8395452b64f1770f
Author:     Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2024-05-22 15:54:32 +0000
Commit:     Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2024-05-22 17:02:26 +0000

    arm64: Allow userspace to be built with PAC and BTI
    
    Add the WITH/WITHOUT_BRANCH_PROTECTION build flags. This can be used
    to enable the use of pointer authentication (FEAT_PAuth) and branch
    target identification (FEAT_BTI) in userspace.
    
    The kernel already handles both of these is userspace, we just need
    to enable it.
    
    Leave disabled for a short period for this to settle before enabling.
    
    Reviewed by:    emaste
    Sponsored by:   Arm Ltd
    Differential Revision:  https://reviews.freebsd.org/D42596
---
 lib/libomp/Makefile                           | 3 +++
 share/mk/bsd.lib.mk                           | 6 ++++++
 share/mk/bsd.opts.mk                          | 5 +++++
 share/mk/bsd.prog.mk                          | 6 ++++++
 stand/Makefile.inc                            | 3 +++
 tools/build/options/WITHOUT_BRANCH_PROTECTION | 1 +
 tools/build/options/WITH_BRANCH_PROTECTION    | 4 ++++
 7 files changed, 28 insertions(+)

diff --git a/lib/libomp/Makefile b/lib/libomp/Makefile
index aa9e6799ab59..2be8a207a219 100644
--- a/lib/libomp/Makefile
+++ b/lib/libomp/Makefile
@@ -1,4 +1,7 @@
 
+# z_Linux_asm.S is missing BTI support
+MK_BRANCH_PROTECTION=no
+
 .include <bsd.compiler.mk>
 
 SHLIB_NAME=	libomp.so
diff --git a/share/mk/bsd.lib.mk b/share/mk/bsd.lib.mk
index 981d0b49df39..575b521bea55 100644
--- a/share/mk/bsd.lib.mk
+++ b/share/mk/bsd.lib.mk
@@ -97,6 +97,12 @@ LDFLAGS+= -Wl,-zretpolineplt
 .endif
 # LLD sensibly defaults to -znoexecstack, so do the same for BFD
 LDFLAGS.bfd+= -Wl,-znoexecstack
+.if ${MK_BRANCH_PROTECTION} != "no"
+CFLAGS+=  -mbranch-protection=standard
+.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+LDFLAGS+= -Wl,-zbti-report=error
+.endif
+.endif
 
 # Initialize stack variables on function entry
 .if ${OPT_INIT_ALL} != "none"
diff --git a/share/mk/bsd.opts.mk b/share/mk/bsd.opts.mk
index 65ae4f4cfa7c..18098c93605c 100644
--- a/share/mk/bsd.opts.mk
+++ b/share/mk/bsd.opts.mk
@@ -74,6 +74,7 @@ __DEFAULT_YES_OPTIONS = \
 __DEFAULT_NO_OPTIONS = \
     ASAN \
     BIND_NOW \
+    BRANCH_PROTECTION \
     CCACHE_BUILD \
     CTF \
     INSTALL_AS_USER \
@@ -102,6 +103,10 @@ __DEFAULT_NO_OPTIONS+= PIE
 __DEFAULT_YES_OPTIONS+=PIE
 .endif
 
+.if ${MACHINE_CPUARCH} != "aarch64"
+BROKEN_OPTIONS+=	BRANCH_PROTECTION
+.endif
+
 __SINGLE_OPTIONS = \
    INIT_ALL
 
diff --git a/share/mk/bsd.prog.mk b/share/mk/bsd.prog.mk
index c546c4f0b680..74a653057bda 100644
--- a/share/mk/bsd.prog.mk
+++ b/share/mk/bsd.prog.mk
@@ -69,6 +69,12 @@ LDFLAGS+= -Wl,-zretpolineplt
 .endif
 # LLD sensibly defaults to -znoexecstack, so do the same for BFD
 LDFLAGS.bfd+= -Wl,-znoexecstack
+.if ${MK_BRANCH_PROTECTION} != "no"
+CFLAGS+=  -mbranch-protection=standard
+.if ${MACHINE_ARCH} == "aarch64" && defined(BTI_REPORT_ERROR)
+LDFLAGS+= -Wl,-zbti-report=error
+.endif
+.endif
 
 # Initialize stack variables on function entry
 .if ${OPT_INIT_ALL} != "none"
diff --git a/stand/Makefile.inc b/stand/Makefile.inc
index 13b3f2a1f418..391de6abc6d4 100644
--- a/stand/Makefile.inc
+++ b/stand/Makefile.inc
@@ -1,4 +1,7 @@
 
 SUBDIR_PARALLEL=	yes
 
+# Firmware may not be able to handle branch protection failures
+MK_BRANCH_PROTECTION=	no
+
 .include "defs.mk"
diff --git a/tools/build/options/WITHOUT_BRANCH_PROTECTION b/tools/build/options/WITHOUT_BRANCH_PROTECTION
new file mode 100644
index 000000000000..97b459b53c92
--- /dev/null
+++ b/tools/build/options/WITHOUT_BRANCH_PROTECTION
@@ -0,0 +1 @@
+Build with branch protection disabled.
diff --git a/tools/build/options/WITH_BRANCH_PROTECTION b/tools/build/options/WITH_BRANCH_PROTECTION
new file mode 100644
index 000000000000..3326aa5db965
--- /dev/null
+++ b/tools/build/options/WITH_BRANCH_PROTECTION
@@ -0,0 +1,4 @@
+Build with branch protection enabled.
+On arm64 enable the use of pointer authentication and
+branch target identification instructions on arm64.
+These can be used to help mitigate some exploit techniques.