Re: arm64 BTI for libgcrypt

Sun, 19 Nov 2023 23:22:35 -0800 

On Sun, Nov 19 2023, Tobias Heider <tobias.hei...@stusta.de> wrote:
> Diff below fixes libgcrypt/gnupg on my m2.
>
> CFI_STARTPROC() seemed like a good place to add the bti instructions
> since it is called in all the right places.

It's not something that makes sense for upstream IMHO, but for ports
that use it, it's an obvious place for us to tuck in "endbr64" or
"bti c".  (eg I've been tempted to use such macros in lang/ocaml)

Using a macro named CFI_STARTPROC() can be considered either appropriate
or misleading, since the .cfi_* directives are about "Call Frame
Information", and endbr64/bti are about "Control-flow Integrity"...

> If this is too hacky I'm also fine with adding explicit instructions
> everywhere or even a new macro.

I'd say it's fine for our port.

I have one doubt: wouldn't it look more correct to have "bti c" *after*
.cfi_startproc:

  # define CFI_STARTPROC()            .cfi_startproc; bti c;

since "bti c" is intended to be part of the function?

> opinions? ok?

Just in case: the diff needs to be committed along with a REVISION bump,
so that the updated package ends up on users machines.

My two cents, I'll let others chime in.  (+cc maintainer)

> Index: patches/patch-cipher_asm-common-aarch64_h
> ===================================================================
> RCS file: patches/patch-cipher_asm-common-aarch64_h
> diff -N patches/patch-cipher_asm-common-aarch64_h
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-cipher_asm-common-aarch64_h 19 Nov 2023 20:22:40 -0000
> @@ -0,0 +1,21 @@
> +Index: cipher/asm-common-aarch64.h
> +--- cipher/asm-common-aarch64.h.orig
> ++++ cipher/asm-common-aarch64.h
> +@@ -45,7 +45,7 @@
> + 
> + #ifdef HAVE_GCC_ASM_CFI_DIRECTIVES
> + /* CFI directives to emit DWARF stack unwinding information. */
> +-# define CFI_STARTPROC()            .cfi_startproc
> ++# define CFI_STARTPROC()            bti c; .cfi_startproc;
> + # define CFI_ENDPROC()              .cfi_endproc
> + # define CFI_REMEMBER_STATE()       .cfi_remember_state
> + # define CFI_RESTORE_STATE()        .cfi_restore_state
> +@@ -87,7 +87,7 @@
> +         DW_SLEB128_28BIT(rsp_offs)
> + 
> + #else
> +-# define CFI_STARTPROC()
> ++# define CFI_STARTPROC() bti c;
> + # define CFI_ENDPROC()
> + # define CFI_REMEMBER_STATE()
> + # define CFI_RESTORE_STATE()
>

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply via email to