From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: from second.openwall.net (second.openwall.net [193.110.157.125]) by inbox.vuxu.org (Postfix) with SMTP id 49C8D288C1 for ; Mon, 12 Feb 2024 22:26:13 +0100 (CET) Received: (qmail 27793 invoked by uid 550); 12 Feb 2024 21:23:14 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 27757 invoked from network); 12 Feb 2024 21:23:13 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707773160; x=1708377960; darn=lists.openwall.com; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=QWn3G6KlwN8GFwUIcRcfyLjd2rMv4NJH6TZWGQXdP78=; b=dDRSEQuQ3dBqQZ6ziq/s3gpHKTwlK/QEa5PCZYiq+C+iQiPOXB1BR2wsA5kLgbMr8h d0a3zy6q7oI3NKcQg7aOp0SAyXq5UphadQMHqmTlcSyJjt/oIfmQBpXhTVR+Bd/JTk5k yilM1lgvM9bTTUv+h0Kvh3i5lkCHTOx8xrhhq1UfY/dp0eb+FFn0sYYj6AJGrcio1K6j s/EtrClqOQVnK3UC6Cv6clU7zhxczVv+kbARy7bz4hzdCxHBKVnpakN+HEQHsXkL37J5 4WKCxUZbyU/nmCmg0q12lVV2HZe226jZgR6OhMcfCu6VGE21+qfUEF9RLu1xfT/b3Go3 Wr2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707773160; x=1708377960; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QWn3G6KlwN8GFwUIcRcfyLjd2rMv4NJH6TZWGQXdP78=; b=dTSf935cOjprtbJHjw3hMWWVh+y0wQCByjTYpjxFuLqC8u1Wx7iVg6REdqBowm0CnV 0YTuQOTtLLWQw66GBL/Yz50A3V/JxuXWoA1qxHL45mljAk3teh1PeU3CYKopNasJCifU dQ/0gZeG/1OcP0tkzy7mU2jaYlWHA/EAAqlDvvgDxlB7IY5YHOycyXzufny3t3MVNH2I zAtWXMOjlt4gACGEEy32Y4VhC7IsL3NFCrfsvIdEix8xnDgXf0HcSfoHU0ECSjuN8n8C vYMOjdSqRXo19PgNIhn2A6AmXne1bJu+n3VnZQDmZpFyUFMrmRKy2/7hwMcrzWR9PVB8 pRwA== X-Gm-Message-State: AOJu0Yxnvvbhx+7oygNyiDcIuYlrCdn/nhvY8AZw+xPPhkzuGVW/IYIo 6UmMsimTuV9iS7SrMEdvf0egPdcRzGAYuEGjBfpG4xfMKZBtM7Unbk+hFNrcQ0DGfhO75wxS8Qn rcUUaV3mCAk4wwZ/1+J+2S1JTfN+ehgNmDoWFPw== X-Google-Smtp-Source: AGHT+IHCcRgIEzdEfzxV3fVWtXaLf8ahz7Rtdj36t3u8WwcNta2e1O+aVigBKbqNxBoGtvoJ6XlA1GhzWoEpYSnNyDw= X-Received: by 2002:ac2:5df9:0:b0:511:8618:4e1d with SMTP id z25-20020ac25df9000000b0051186184e1dmr202234lfq.15.1707773159972; Mon, 12 Feb 2024 13:25:59 -0800 (PST) MIME-Version: 1.0 References: <20240212184236.GZ4163@brightrain.aerifal.cx> In-Reply-To: <20240212184236.GZ4163@brightrain.aerifal.cx> From: William Roberts Date: Mon, 12 Feb 2024 15:25:48 -0600 Message-ID: To: Rich Felker Cc: musl@lists.openwall.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [musl] PAC/BTI Support on aarch64 On Mon, Feb 12, 2024 at 12:42=E2=80=AFPM Rich Felker wrot= e: > > On Mon, Feb 12, 2024 at 10:38:50AM -0600, William Roberts wrote: > > Hello, > > > > I was just wondering if there was any work being done to support PAC > > and BTI in aarch64? I could add support but didn't want to duplicate > > the work. > > I'm not aware of any active work on this, but before writing a full > implementation, it would be really helpful to start with a basic > proposal for the scope of changes needed to make it work to assess > whether these are manageable and acceptable cost. It's a matter of building with -mbranch-protection=3Dstandard Just the ASM labels need the first instruction to be a BTI. They're in the NOP space so they are backwards compatible, older hardware will just NOP it. It's been done for many projects, glibc and bionic have it. The problem with BTI is that when one item in the link list doesn't support BTI the loader/linker turns it off. So when it's something like a libc that is fundamental in the link chain, it turns it off for everything. The initial scope of code changes would be what's reported when LDFLAGS=3D-Wl,-zforce-bti,--fatal-warnings /usr/bin/ld: obj/src/fenv/aarch64/fenv.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/ldso/aarch64/dlsym.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/ldso/aarch64/tlsdesc.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/process/aarch64/vfork.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/setjmp/aarch64/longjmp.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/setjmp/aarch64/setjmp.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/signal/aarch64/restore.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/signal/aarch64/sigsetjmp.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/string/aarch64/memcpy.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/string/aarch64/memset.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/thread/aarch64/__set_thread_area.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/thread/aarch64/__unmapself.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/thread/aarch64/clone.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. /usr/bin/ld: obj/src/thread/aarch64/syscall_cp.lo: warning: BTI turned on by -z force-bti when all inputs do not have BTI in NOTE section. > > Rich