From: Anton Korobeynikov <anton@korobeynikov.info>
To: Fangrui Song <i@maskray.me>
Cc: musl@lists.openwall.com, William Roberts <bill.c.roberts@gmail.com>
Subject: Re: [musl] PAC/BTI Support on aarch64
Date: Mon, 19 Feb 2024 22:21:58 -0800 [thread overview]
Message-ID: <CA+Ov9+mc7dJuZY-6xPuzH8OcmkBpngoy+8McbJKG-WU0gV-_7w@mail.gmail.com> (raw)
In-Reply-To: <DS7PR12MB57659BC5D5536574D1B91D26CB502@DS7PR12MB5765.namprd12.prod.outlook.com>
Thanks Fangrui!
For PAC / BTI no support from the C standard library is required. All
changes are ordinary source code changes and only assembler sources
should contain proper annotations / notes / BTI checks.
The links above are about pointer authentication ABI (aka "arm64e").
PAC / BTI could be considered as part of it, but only a small one.
Over the last few months we have been working on bringing pauth to
ELF-based platforms. Our aim is to have pauth ABI support to be
released as a part of LLVM 19.
That github Access Softek repo is a downstream fork that contains
rebased Apple changes to frontend, intrinsics, etc. and ELF codegen
bits. We are working on upstreaming code from it to LLVM mainline.
For pauth more deep interaction with standard library is required, as
dynamic loader should process pauth relocations, and sign pointers as
needed. Plus, some additional handling of the gnu.note segment would
be necessary as one would need to e.g. prohibit loading of DSOs with
incompatible ABI. We are having a proof-of-concept patch for MUSL to
process pauth relocations
(https://github.com/access-softek/musl/pull/1). We have not submitted
it to MUSL upstream as there are lots of moving pieces and we do not
want to submit something that could be changed (e.g. reloc numbers
already changed once).
Certainly, for pauth support additional code changes to assembler
sources would be required. As well as ABI marking.
PS: Please CC me on responses as I am not subscribed.
On Mon, Feb 19, 2024 at 4:01 PM Fangrui Song <i@maskray.me> wrote:
>
> On Mon, Feb 12, 2024 at 10:42 AM Rich Felker <dalias@libc.org> wrote:
> >
> > On Mon, Feb 12, 2024 at 10:38:50AM -0600, William Roberts wrote:
> > > Hello,
> > >
> > > I was just wondering if there was any work being done to support PAC
> > > and BTI in aarch64? I could add support but didn't want to duplicate
> > > the work.
> >
> > I'm not aware of any active work on this, but before writing a full
> > implementation, it would be really helpful to start with a basic
> > proposal for the scope of changes needed to make it work to assess
> > whether these are managable and acceptable cost.
> >
> > Rich
>
> Cc +Anton (other messages of this thread can be found at
> https://www.openwall.com/lists/musl/2024/02/12/ ).
>
> Per https://discourse.llvm.org/t/llvm-pointer-authentication-sync-ups/62661/23
> and an lld/ELF patch
>
> * https://github.com/access-softek/llvm-project/commits/elf-pauth
> * https://github.com/access-softek/musl/tree/dkovalev/pauth-code-drop
>
> contains a prototype.
>
> > We verified that LLVM testsuite compiled with pauth successfully passes on pauth-enabled AArch64 board.
>
> https://www.openwall.com/lists/musl/2024/02/12/
>
> It looks like there will be an LLVM Pointer Authentication discussion
> in a few hours:
> https://calendar.google.com/calendar/u/0/embed?src=calendar@llvm.org
--
With best regards, Anton Korobeynikov
prev parent reply other threads:[~2024-02-20 12:20 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-12 16:38 William Roberts
2024-02-12 18:42 ` Rich Felker
2024-02-12 21:25 ` William Roberts
2024-02-12 21:34 ` enh
2024-02-12 22:46 ` Rich Felker
2024-02-12 23:05 ` enh
2024-02-12 23:18 ` William Roberts
2024-02-13 2:08 ` Rich Felker
2024-02-13 14:47 ` William Roberts
2024-02-13 17:51 ` Markus Wichmann
2024-02-14 2:19 ` Rich Felker
2024-02-14 3:19 ` William Roberts
2024-02-14 4:44 ` Markus Wichmann
2024-02-14 13:32 ` Thorsten Glaser
2024-02-14 14:03 ` Rich Felker
2024-02-14 14:12 ` Thorsten Glaser
2024-02-15 13:29 ` Stefan O'Rear
2024-02-15 14:06 ` Rich Felker
2024-03-02 14:33 ` Szabolcs Nagy
2024-03-02 14:45 ` Rich Felker
2024-02-15 0:03 ` Szabolcs Nagy
2024-02-15 0:22 ` enh
2024-02-15 9:18 ` Szabolcs Nagy
2024-02-19 23:54 ` Fangrui Song
[not found] ` <DS7PR12MB57659BC5D5536574D1B91D26CB502@DS7PR12MB5765.namprd12.prod.outlook.com>
2024-02-20 6:21 ` Anton Korobeynikov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+Ov9+mc7dJuZY-6xPuzH8OcmkBpngoy+8McbJKG-WU0gV-_7w@mail.gmail.com \
--to=anton@korobeynikov.info \
--cc=bill.c.roberts@gmail.com \
--cc=i@maskray.me \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).