From nobody Mon Feb 19 16:44:56 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TdpL04x5sz5C98h; Mon, 19 Feb 2024 16:44:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TdpL02z1Tz4b0d; Mon, 19 Feb 2024 16:44:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708361096; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ekQx/pMppzPPbfaymKiqnH+9xfroaMCxWzp9zdd1MK8=; b=LxftpL+98sZa7dn44p1WDD7QMdqagddTLm0MlHOJA07y2h3XjGwzru3oUOo2+bEpu7mwRJ +1s7MwwiG+Z9l4Pb0VFWVVNhDEOdtRJSLD2Gfl2Pqsvmi+rHXAocZMfMtNMT4CopxdqZyC zWHnJDu1SeQOQi0pdB/O1kJC6XHmj8ooyiz+c6EOmbtvGRayGayrYbEiSqYRKBggVnY7Gu /7v+ucqCD17kKTIS8BfuXLEY/s244zyl6A+gsbg/N5CulDLY7nwZSYWHHKADDD8G66gGXF +tIshze0Im5cJ/3RUod2mw3tviQgaBFGo9okgNXGKG7lnz/awNbYZguBYGE4rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708361096; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ekQx/pMppzPPbfaymKiqnH+9xfroaMCxWzp9zdd1MK8=; b=ToQN82F4W0o8X6Nkt6AOfYCN0vsXoHxfqcm50wfpDS9mq9UfTL/eZwyFHjphvcSXYIc6/d Ed+mqRPhicHGgddthKcJeIb5JYcNEEwQJ9Ejw+UN+46LmHhF0RZMJZPXjEbahJ7TjvSj6M DazeS1DoD9I003WQrcHn8zlag5smZ5sqLLAgnSYeKvgGTBT14u+A6pLmrJhYUNwJhxOM77 4Dqbn0W4vqy4r1SmzOdHV+Ihlk0EsL4+Sn3NtSoLDquAjLYAPxgD+hn/L3YKtvZNtPoGBn q7ZUt4SiLlrTTzd4cGnHWAtqTkdrEi4KJrv18E+MXfTC6Dnqc1nTh3rF63b/pw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708361096; a=rsa-sha256; cv=none; b=RgnTSJQLxBX3aD/EYTza7LzSYkr4ilAPFYCiuCWSsIijsu1Sp8nF+LgKRVv/qzWi7nzYTG jazUQqPmfnxOJSvYHsr2R3FDHCwGPlbBPklIHJ1euQnE4jFmIt4GdWeJgpk4YjXWjX0cik vMfYC4tdLEjfwLOSXD3VvQVvfWTZxCPByH1AfRGaWmWioqjipSv8O/0erGPqDJf+AIMRST OJkCKWb5FzOqK7MqI2Emgh0czxxEqcYRCuABY13JjsuAU3pB5it6GWX+YJsLsdvpIpIDkx 8Vf0FJLoyj6jA8bjxVX/WGhIzmOp0JmbBa0V1ixmuLEQ77lquasfA9dGvN1I4g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TdpL022FgzjGp; Mon, 19 Feb 2024 16:44:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 41JGiuDJ094258; Mon, 19 Feb 2024 16:44:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 41JGiusL094255; Mon, 19 Feb 2024 16:44:56 GMT (envelope-from git) Date: Mon, 19 Feb 2024 16:44:56 GMT Message-Id: <202402191644.41JGiusL094255@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Andrew Turner Subject: git: 729a561cefc3 - stable/13 - arm64: Add PAC instruction macros List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: andrew X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 729a561cefc3890e99c2b721eab6f97849c25a1c Auto-Submitted: auto-generated The branch stable/13 has been updated by andrew: URL: https://cgit.FreeBSD.org/src/commit/?id=729a561cefc3890e99c2b721eab6f97849c25a1c commit 729a561cefc3890e99c2b721eab6f97849c25a1c Author: Andrew Turner AuthorDate: 2023-10-12 09:48:38 +0000 Commit: Andrew Turner CommitDate: 2024-02-19 12:41:08 +0000 arm64: Add PAC instruction macros To support Pointer Authentication (PAC) in assembly files add a pair of macros that sign the link register. When used before storing to the stack it will allow hardware to detect if it has changed before using it in the return instruction. Reviewed by: markj, emaste Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D42226 (cherry picked from commit 2b39a6f68c3839454cd255b91978202cd995182a) --- sys/arm64/include/asm.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/sys/arm64/include/asm.h b/sys/arm64/include/asm.h index 955fb51af030..a5ee5b1ef5b7 100644 --- a/sys/arm64/include/asm.h +++ b/sys/arm64/include/asm.h @@ -138,6 +138,28 @@ #define BTI_J #endif +/* + * To help protect against ROP attacks we can use Pointer Authentication + * to sign the return address before pushing it to the stack. + * + * PAC_LR_SIGN can be used at the start of a function to sign the link + * register with the stack pointer as the modifier. As this is in the hint + * space it is safe to use on CPUs that don't implement pointer + * authentication. It can be used in place of the BTI_C instruction above as + * a valid BTI landing pad instruction. + * + * PAC_LR_AUTH is used to authenticate the link register using the stack + * pointer as the modifier. It should be used in any function that uses + * PAC_LR_SIGN. The stack pointer must be identical in each case. + */ +#ifdef __ARM_FEATURE_PAC_DEFAULT +#define PAC_LR_SIGN hint #25 /* paciasp */ +#define PAC_LR_AUTH hint #29 /* autiasp */ +#else +#define PAC_LR_SIGN +#define PAC_LR_AUTH +#endif + /* * GNU_PROPERTY_AARCH64_FEATURE_1_NOTE can be used to insert a note that * the current assembly file is built with Pointer Authentication (PAC) or