Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 19 Feb 2024 16:45:10 GMT
From:      Andrew Turner <andrew@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 977d1ded2991 - stable/14 - arm64: Add PAC instruction macros
Message-ID:  <202402191645.41JGjABd095668@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by andrew:

URL: https://cgit.FreeBSD.org/src/commit/?id=977d1ded299177114c46f9f6d9a2001959f20996

commit 977d1ded299177114c46f9f6d9a2001959f20996
Author:     Andrew Turner <andrew@FreeBSD.org>
AuthorDate: 2023-10-12 09:48:38 +0000
Commit:     Andrew Turner <andrew@FreeBSD.org>
CommitDate: 2024-02-19 13:11:21 +0000

    arm64: Add PAC instruction macros
    
    To support Pointer Authentication (PAC) in assembly files add a pair of
    macros that sign the link register. When used before storing to the
    stack it will allow hardware to detect if it has changed before using
    it in the return instruction.
    
    Reviewed by:    markj, emaste
    Sponsored by:   Arm Ltd
    Differential Revision:  https://reviews.freebsd.org/D42226
    
    (cherry picked from commit 2b39a6f68c3839454cd255b91978202cd995182a)
---
 sys/arm64/include/asm.h | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/sys/arm64/include/asm.h b/sys/arm64/include/asm.h
index da3c3df5f647..16be39b3eae4 100644
--- a/sys/arm64/include/asm.h
+++ b/sys/arm64/include/asm.h
@@ -142,6 +142,28 @@
 #define	BTI_J
 #endif
 
+/*
+ * To help protect against ROP attacks we can use Pointer Authentication
+ * to sign the return address before pushing it to the stack.
+ *
+ * PAC_LR_SIGN can be used at the start of a function to sign the link
+ * register with the stack pointer as the modifier. As this is in the hint
+ * space it is safe to use on CPUs that don't implement pointer
+ * authentication. It can be used in place of the BTI_C instruction above as
+ * a valid BTI landing pad instruction.
+ *
+ * PAC_LR_AUTH is used to authenticate the link register using the stack
+ * pointer as the modifier. It should be used in any function that uses
+ * PAC_LR_SIGN. The stack pointer must be identical in each case.
+ */
+#ifdef __ARM_FEATURE_PAC_DEFAULT
+#define	PAC_LR_SIGN	hint	#25	/* paciasp */
+#define	PAC_LR_AUTH	hint	#29	/* autiasp */
+#else
+#define	PAC_LR_SIGN
+#define	PAC_LR_AUTH
+#endif
+
 /*
  * GNU_PROPERTY_AARCH64_FEATURE_1_NOTE can be used to insert a note that
  * the current assembly file is built with Pointer Authentication (PAC) or



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202402191645.41JGjABd095668>