mirror of
https://sourceware.org/git/binutils-gdb.git
synced 2025-02-05 12:53:16 +08:00
6d0020873d
At the moment GDB only handles pointer authentication (pauth) for userspace
addresses and if we're debugging a Linux-hosted program.
The Linux Kernel can be configured to use pauth instructions for some
additional security hardening, but GDB doesn't handle this well.
To overcome this limitation, GDB needs a couple things:
1 - The target needs to advertise pauth support.
2 - The hook to remove non-address bits from a pointer needs to be registered
in aarch64-tdep.c as opposed to aarch64-linux-tdep.c.
There is a patch for QEMU that addresses the first point, and it makes
QEMU's gdbstub expose a couple more pauth mask registers, so overall we will
have up to 4 pauth masks (2 masks or 4 masks):
pauth_dmask
pauth_cmask
pauth_dmask_high
pauth_cmask_high
pauth_dmask and pauth_cmask are the masks used to remove pauth signatures
from userspace addresses. pauth_dmask_high and pauth_cmask_high masks are used
to remove pauth signatures from kernel addresses.
The second point is easily addressed by moving code around.
When debugging a Linux Kernel built with pauth with an unpatched GDB, we get
the following backtrace:
#0 __fput (file=0xffff0000c17a6400) at /repos/linux/fs/file_table.c:296
#1 0xffff8000082bd1f0 in ____fput (work=<optimized out>) at /repos/linux/fs/file_table.c:348
#2 0x30008000080ade30 [PAC] in ?? ()
#3 0x30d48000080ade30 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
With a patched GDB, we get something a lot more meaningful:
#0 __fput (file=0xffff0000c1bcfa00) at /repos/linux/fs/file_table.c:296
#1 0xffff8000082bd1f0 in ____fput (work=<optimized out>) at /repos/linux/fs/file_table.c:348
#2 0xffff8000080ade30 [PAC] in task_work_run () at /repos/linux/kernel/task_work.c:179
#3 0xffff80000801db90 [PAC] in resume_user_mode_work (regs=0xffff80000a96beb0) at /repos/linux/include/linux/resume_user_mode.h:49
#4 do_notify_resume (regs=regs@entry=0xffff80000a96beb0, thread_flags=4) at /repos/linux/arch/arm64/kernel/signal.c:1127
#5 0xffff800008fb9974 [PAC] in prepare_exit_to_user_mode (regs=0xffff80000a96beb0) at /repos/linux/arch/arm64/kernel/entry-common.c:137
#6 exit_to_user_mode (regs=0xffff80000a96beb0) at /repos/linux/arch/arm64/kernel/entry-common.c:142
#7 el0_svc (regs=0xffff80000a96beb0) at /repos/linux/arch/arm64/kernel/entry-common.c:638
#8 0xffff800008fb9d34 [PAC] in el0t_64_sync_handler (regs=<optimized out>) at /repos/linux/arch/arm64/kernel/entry-common.c:655
#9 0xffff800008011548 [PAC] in el0t_64_sync () at /repos/linux/arch/arm64/kernel/entry.S:586
Backtrace stopped: Cannot access memory at address 0xffff80000a96c0c8
150 lines
4.2 KiB
C
150 lines
4.2 KiB
C
/* Common target dependent code for GDB on AArch64 systems.
|
|
|
|
Copyright (C) 2009-2023 Free Software Foundation, Inc.
|
|
Contributed by ARM Ltd.
|
|
|
|
This file is part of GDB.
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>. */
|
|
|
|
|
|
#ifndef AARCH64_TDEP_H
|
|
#define AARCH64_TDEP_H
|
|
|
|
#include "arch/aarch64.h"
|
|
#include "displaced-stepping.h"
|
|
#include "infrun.h"
|
|
#include "gdbarch.h"
|
|
|
|
/* Forward declarations. */
|
|
struct gdbarch;
|
|
struct regset;
|
|
|
|
/* AArch64 Dwarf register numbering. */
|
|
#define AARCH64_DWARF_X0 0
|
|
#define AARCH64_DWARF_SP 31
|
|
#define AARCH64_DWARF_PC 32
|
|
#define AARCH64_DWARF_RA_SIGN_STATE 34
|
|
#define AARCH64_DWARF_V0 64
|
|
#define AARCH64_DWARF_SVE_VG 46
|
|
#define AARCH64_DWARF_SVE_FFR 47
|
|
#define AARCH64_DWARF_SVE_P0 48
|
|
#define AARCH64_DWARF_SVE_Z0 96
|
|
|
|
/* Size of integer registers. */
|
|
#define X_REGISTER_SIZE 8
|
|
#define B_REGISTER_SIZE 1
|
|
#define H_REGISTER_SIZE 2
|
|
#define S_REGISTER_SIZE 4
|
|
#define D_REGISTER_SIZE 8
|
|
#define Q_REGISTER_SIZE 16
|
|
|
|
/* Total number of general (X) registers. */
|
|
#define AARCH64_X_REGISTER_COUNT 32
|
|
/* Total number of D registers. */
|
|
#define AARCH64_D_REGISTER_COUNT 32
|
|
|
|
/* The maximum number of modified instructions generated for one
|
|
single-stepped instruction. */
|
|
#define AARCH64_DISPLACED_MODIFIED_INSNS 1
|
|
|
|
/* Target-dependent structure in gdbarch. */
|
|
struct aarch64_gdbarch_tdep : gdbarch_tdep_base
|
|
{
|
|
/* Lowest address at which instructions will appear. */
|
|
CORE_ADDR lowest_pc = 0;
|
|
|
|
/* Offset to PC value in jump buffer. If this is negative, longjmp
|
|
support will be disabled. */
|
|
int jb_pc = 0;
|
|
|
|
/* And the size of each entry in the buf. */
|
|
size_t jb_elt_size = 0;
|
|
|
|
/* Types for AdvSISD registers. */
|
|
struct type *vnq_type = nullptr;
|
|
struct type *vnd_type = nullptr;
|
|
struct type *vns_type = nullptr;
|
|
struct type *vnh_type = nullptr;
|
|
struct type *vnb_type = nullptr;
|
|
struct type *vnv_type = nullptr;
|
|
|
|
/* syscall record. */
|
|
int (*aarch64_syscall_record) (struct regcache *regcache,
|
|
unsigned long svc_number) = nullptr;
|
|
|
|
/* The VQ value for SVE targets, or zero if SVE is not supported. */
|
|
uint64_t vq = 0;
|
|
|
|
/* Returns true if the target supports SVE. */
|
|
bool has_sve () const
|
|
{
|
|
return vq != 0;
|
|
}
|
|
|
|
int pauth_reg_base = 0;
|
|
/* Number of pauth masks. */
|
|
int pauth_reg_count = 0;
|
|
int ra_sign_state_regnum = 0;
|
|
|
|
/* Returns true if the target supports pauth. */
|
|
bool has_pauth () const
|
|
{
|
|
return pauth_reg_base != -1;
|
|
}
|
|
|
|
/* First MTE register. This is -1 if no MTE registers are available. */
|
|
int mte_reg_base = 0;
|
|
|
|
/* Returns true if the target supports MTE. */
|
|
bool has_mte () const
|
|
{
|
|
return mte_reg_base != -1;
|
|
}
|
|
|
|
/* TLS registers. This is -1 if the TLS registers are not available. */
|
|
int tls_regnum_base = 0;
|
|
int tls_register_count = 0;
|
|
|
|
bool has_tls() const
|
|
{
|
|
return tls_regnum_base != -1;
|
|
}
|
|
|
|
/* The W pseudo-registers. */
|
|
int w_pseudo_base = 0;
|
|
int w_pseudo_count = 0;
|
|
};
|
|
|
|
const target_desc *aarch64_read_description (const aarch64_features &features);
|
|
aarch64_features
|
|
aarch64_features_from_target_desc (const struct target_desc *tdesc);
|
|
|
|
extern int aarch64_process_record (struct gdbarch *gdbarch,
|
|
struct regcache *regcache, CORE_ADDR addr);
|
|
|
|
displaced_step_copy_insn_closure_up
|
|
aarch64_displaced_step_copy_insn (struct gdbarch *gdbarch,
|
|
CORE_ADDR from, CORE_ADDR to,
|
|
struct regcache *regs);
|
|
|
|
void aarch64_displaced_step_fixup (struct gdbarch *gdbarch,
|
|
displaced_step_copy_insn_closure *dsc,
|
|
CORE_ADDR from, CORE_ADDR to,
|
|
struct regcache *regs);
|
|
|
|
bool aarch64_displaced_step_hw_singlestep (struct gdbarch *gdbarch);
|
|
|
|
#endif /* aarch64-tdep.h */
|