Date: Mon, 19 Feb 2024 16:45:10 GMT From: Andrew Turner <andrew@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 977d1ded2991 - stable/14 - arm64: Add PAC instruction macros Message-ID: <202402191645.41JGjABd095668@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by andrew: URL: https://cgit.FreeBSD.org/src/commit/?id=977d1ded299177114c46f9f6d9a2001959f20996 commit 977d1ded299177114c46f9f6d9a2001959f20996 Author: Andrew Turner <andrew@FreeBSD.org> AuthorDate: 2023-10-12 09:48:38 +0000 Commit: Andrew Turner <andrew@FreeBSD.org> CommitDate: 2024-02-19 13:11:21 +0000 arm64: Add PAC instruction macros To support Pointer Authentication (PAC) in assembly files add a pair of macros that sign the link register. When used before storing to the stack it will allow hardware to detect if it has changed before using it in the return instruction. Reviewed by: markj, emaste Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D42226 (cherry picked from commit 2b39a6f68c3839454cd255b91978202cd995182a) --- sys/arm64/include/asm.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/sys/arm64/include/asm.h b/sys/arm64/include/asm.h index da3c3df5f647..16be39b3eae4 100644 --- a/sys/arm64/include/asm.h +++ b/sys/arm64/include/asm.h @@ -142,6 +142,28 @@ #define BTI_J #endif +/* + * To help protect against ROP attacks we can use Pointer Authentication + * to sign the return address before pushing it to the stack. + * + * PAC_LR_SIGN can be used at the start of a function to sign the link + * register with the stack pointer as the modifier. As this is in the hint + * space it is safe to use on CPUs that don't implement pointer + * authentication. It can be used in place of the BTI_C instruction above as + * a valid BTI landing pad instruction. + * + * PAC_LR_AUTH is used to authenticate the link register using the stack + * pointer as the modifier. It should be used in any function that uses + * PAC_LR_SIGN. The stack pointer must be identical in each case. + */ +#ifdef __ARM_FEATURE_PAC_DEFAULT +#define PAC_LR_SIGN hint #25 /* paciasp */ +#define PAC_LR_AUTH hint #29 /* autiasp */ +#else +#define PAC_LR_SIGN +#define PAC_LR_AUTH +#endif + /* * GNU_PROPERTY_AARCH64_FEATURE_1_NOTE can be used to insert a note that * the current assembly file is built with Pointer Authentication (PAC) or
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202402191645.41JGjABd095668>