mirror of
git://gcc.gnu.org/git/gcc.git
synced 2024-11-28 17:40:01 +08:00
f531673917
This patch is only a refactoring of the existing implementation of PAuth and returned-address signing. The existing behavior is preserved. _Unwind_FrameState already contains several CIE and FDE information (see the attributes below the comment "The information we care about from the CIE/FDE" in libgcc/unwind-dw2.h). The patch aims at moving the information from DWARF CIE (signing key stored in the augmentation string) and FDE (the used signing method) into _Unwind_FrameState along the already-stored CIE and FDE information. Note: those information have to be saved in frame_state_reg_info instead of _Unwind_FrameState as they need to be savable by DW_CFA_remember_state and restorable by DW_CFA_restore_state, that both rely on the attribute "prev". Those new information in _Unwind_FrameState simplifies the look-up of the signing key when the return address is demangled. It also allows future signing methods to be easily added. _Unwind_FrameState is not a part of the public API of libunwind, so the change is backward compatible. A new architecture-specific handler MD_ARCH_EXTENSION_FRAME_INIT allows to reset values (if needed) in the frame state and unwind context before changing the frame state to the caller context. A new architecture-specific handler MD_ARCH_EXTENSION_CIE_AUG_HANDLER isolates the architecture-specific augmentation strings in AArch64 backend, and allows others architectures to reuse augmentation strings that would have clashed with AArch64 DWARF extensions. aarch64_demangle_return_addr, DW_CFA_AARCH64_negate_ra_state and DW_CFA_val_expression cases in libgcc/unwind-dw2-execute_cfa.h were documented to clarify where the value of the RA state register is stored (FS and CONTEXT respectively). libgcc/ChangeLog: * config/aarch64/aarch64-unwind.h (AARCH64_DWARF_RA_STATE_MASK): The mask for RA state register. (aarch64_ra_signing_method_t): The diversifiers used to sign a function's return address. (aarch64_pointer_auth_key): The key used to sign a function's return address. (aarch64_cie_signed_with_b_key): Deleted as the signing key is available now in _Unwind_FrameState. (MD_ARCH_EXTENSION_CIE_AUG_HANDLER): New CIE augmentation string handler for architecture extensions. (MD_ARCH_EXTENSION_FRAME_INIT): New architecture-extension initialization routine for DWARF frame state and context before execution of DWARF instructions. (aarch64_context_ra_state_get): Read RA state register from CONTEXT. (aarch64_ra_state_get): Read RA state register from FS. (aarch64_ra_state_set): Write RA state register into FS. (aarch64_ra_state_toggle): Toggle RA state register in FS. (aarch64_cie_aug_handler): Handler AArch64 augmentation strings. (aarch64_arch_extension_frame_init): Initialize defaults for the signing key (PAUTH_KEY_A), and RA state register (RA_no_signing). (aarch64_demangle_return_addr): Rely on the frame registers and the signing_key attribute in _Unwind_FrameState. * unwind-dw2-execute_cfa.h: Use the right alias DW_CFA_AARCH64_negate_ra_state for __aarch64__ instead of DW_CFA_GNU_window_save. (DW_CFA_AARCH64_negate_ra_state): Save the signing method in RA state register. Toggle RA state register without resetting 'how' to REG_UNSAVED. * unwind-dw2.c: (extract_cie_info): Save the signing key in the current _Unwind_FrameState while parsing the augmentation data. (uw_frame_state_for): Reset some attributes related to architecture extensions in _Unwind_FrameState. (uw_update_context): Move authentication code to AArch64 unwinding. * unwind-dw2.h (enum register_rule): Give a name to the existing enum for the register rules, and replace 'unsigned char' by 'enum register_rule' to facilitate debugging in GDB. (_Unwind_FrameState): Add a new architecture-extension attribute to store the signing key.
330 lines
9.7 KiB
C
330 lines
9.7 KiB
C
/* DWARF2 exception handling CFA execution engine.
|
|
Copyright (C) 1997-2024 Free Software Foundation, Inc.
|
|
|
|
This file is part of GCC.
|
|
|
|
GCC is free software; you can redistribute it and/or modify it
|
|
under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3, or (at your option)
|
|
any later version.
|
|
|
|
GCC is distributed in the hope that it will be useful, but WITHOUT
|
|
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
|
|
License for more details.
|
|
|
|
Under Section 7 of GPL version 3, you are granted additional
|
|
permissions described in the GCC Runtime Library Exception, version
|
|
3.1, as published by the Free Software Foundation.
|
|
|
|
You should have received a copy of the GNU General Public License and
|
|
a copy of the GCC Runtime Library Exception along with this program;
|
|
see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
|
|
<http://www.gnu.org/licenses/>. */
|
|
|
|
/* This file is included from unwind-dw2.c to specialize the code for certain
|
|
values of DATA_ALIGN and CODE_ALIGN. These macros must be defined prior to
|
|
including this file. */
|
|
|
|
{
|
|
struct frame_state_reg_info *unused_rs = NULL;
|
|
|
|
/* Don't allow remember/restore between CIE and FDE programs. */
|
|
fs->regs.prev = NULL;
|
|
|
|
/* The comparison with the return address uses < rather than <= because
|
|
we are only interested in the effects of code before the call; for a
|
|
noreturn function, the return address may point to unrelated code with
|
|
a different stack configuration that we are not interested in. We
|
|
assume that the call itself is unwind info-neutral; if not, or if
|
|
there are delay instructions that adjust the stack, these must be
|
|
reflected at the point immediately before the call insn.
|
|
In signal frames, return address is after last completed instruction,
|
|
so we add 1 to return address to make the comparison <=. */
|
|
while (insn_ptr < insn_end
|
|
&& fs->pc < context->ra + _Unwind_IsSignalFrame (context))
|
|
{
|
|
unsigned char insn = *insn_ptr++;
|
|
_uleb128_t reg, utmp;
|
|
_sleb128_t offset, stmp;
|
|
|
|
if ((insn & 0xc0) == DW_CFA_advance_loc)
|
|
fs->pc += (insn & 0x3f) * CODE_ALIGN;
|
|
else if ((insn & 0xc0) == DW_CFA_offset)
|
|
{
|
|
reg = insn & 0x3f;
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
offset = (_Unwind_Sword) utmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = offset;
|
|
}
|
|
}
|
|
else if ((insn & 0xc0) == DW_CFA_restore)
|
|
{
|
|
reg = insn & 0x3f;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
fs->regs.how[reg] = REG_UNSAVED;
|
|
}
|
|
else switch (insn)
|
|
{
|
|
case DW_CFA_set_loc:
|
|
{
|
|
_Unwind_Ptr pc;
|
|
|
|
insn_ptr = read_encoded_value (context, fs->fde_encoding,
|
|
insn_ptr, &pc);
|
|
fs->pc = (void *) pc;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_advance_loc1:
|
|
fs->pc += read_1u (insn_ptr) * CODE_ALIGN;
|
|
insn_ptr += 1;
|
|
break;
|
|
case DW_CFA_advance_loc2:
|
|
fs->pc += read_2u (insn_ptr) * CODE_ALIGN;
|
|
insn_ptr += 2;
|
|
break;
|
|
case DW_CFA_advance_loc4:
|
|
fs->pc += read_4u (insn_ptr) * CODE_ALIGN;
|
|
insn_ptr += 4;
|
|
break;
|
|
|
|
case DW_CFA_offset_extended:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
offset = (_Unwind_Sword) utmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = offset;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_restore_extended:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
/* FIXME, this is wrong; the CIE might have said that the
|
|
register was saved somewhere. */
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
fs->regs.how[reg] = REG_UNSAVED;
|
|
break;
|
|
|
|
case DW_CFA_same_value:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
fs->regs.how[reg] = REG_UNSAVED;
|
|
break;
|
|
|
|
case DW_CFA_undefined:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
fs->regs.how[reg] = REG_UNDEFINED;
|
|
break;
|
|
|
|
case DW_CFA_nop:
|
|
break;
|
|
|
|
case DW_CFA_register:
|
|
{
|
|
_uleb128_t reg2;
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_uleb128 (insn_ptr, ®2);
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_REG;
|
|
fs->regs.reg[reg].loc.reg = (_Unwind_Word)reg2;
|
|
}
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_remember_state:
|
|
{
|
|
struct frame_state_reg_info *new_rs;
|
|
if (unused_rs)
|
|
{
|
|
new_rs = unused_rs;
|
|
unused_rs = unused_rs->prev;
|
|
}
|
|
else
|
|
new_rs = alloca (sizeof (struct frame_state_reg_info));
|
|
|
|
*new_rs = fs->regs;
|
|
fs->regs.prev = new_rs;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_restore_state:
|
|
{
|
|
struct frame_state_reg_info *old_rs = fs->regs.prev;
|
|
fs->regs = *old_rs;
|
|
old_rs->prev = unused_rs;
|
|
unused_rs = old_rs;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_def_cfa:
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
fs->regs.cfa_reg = (_Unwind_Word)utmp;
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
fs->regs.cfa_offset = (_Unwind_Word)utmp;
|
|
fs->regs.cfa_how = CFA_REG_OFFSET;
|
|
break;
|
|
|
|
case DW_CFA_def_cfa_register:
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
fs->regs.cfa_reg = (_Unwind_Word)utmp;
|
|
fs->regs.cfa_how = CFA_REG_OFFSET;
|
|
break;
|
|
|
|
case DW_CFA_def_cfa_offset:
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
fs->regs.cfa_offset = utmp;
|
|
/* cfa_how deliberately not set. */
|
|
break;
|
|
|
|
case DW_CFA_def_cfa_expression:
|
|
fs->regs.cfa_exp = insn_ptr;
|
|
fs->regs.cfa_how = CFA_EXP;
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
insn_ptr += utmp;
|
|
break;
|
|
|
|
case DW_CFA_expression:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_EXP;
|
|
fs->regs.reg[reg].loc.exp = insn_ptr;
|
|
}
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
insn_ptr += utmp;
|
|
break;
|
|
|
|
/* Dwarf3. */
|
|
case DW_CFA_offset_extended_sf:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_sleb128 (insn_ptr, &stmp);
|
|
offset = stmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = offset;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_def_cfa_sf:
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
fs->regs.cfa_reg = (_Unwind_Word)utmp;
|
|
insn_ptr = read_sleb128 (insn_ptr, &stmp);
|
|
fs->regs.cfa_offset = (_Unwind_Sword)stmp;
|
|
fs->regs.cfa_how = CFA_REG_OFFSET;
|
|
fs->regs.cfa_offset *= DATA_ALIGN;
|
|
break;
|
|
|
|
case DW_CFA_def_cfa_offset_sf:
|
|
insn_ptr = read_sleb128 (insn_ptr, &stmp);
|
|
fs->regs.cfa_offset = (_Unwind_Sword)stmp;
|
|
fs->regs.cfa_offset *= DATA_ALIGN;
|
|
/* cfa_how deliberately not set. */
|
|
break;
|
|
|
|
case DW_CFA_val_offset:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
offset = (_Unwind_Sword) utmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_VAL_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = offset;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_val_offset_sf:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_sleb128 (insn_ptr, &stmp);
|
|
offset = stmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_VAL_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = offset;
|
|
}
|
|
break;
|
|
|
|
case DW_CFA_val_expression:
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_VAL_EXP;
|
|
fs->regs.reg[reg].loc.exp = insn_ptr;
|
|
}
|
|
/* Don't execute the expression, but jump over it by adding
|
|
DW_FORM_block's size to insn_ptr. */
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
insn_ptr += utmp;
|
|
break;
|
|
|
|
#if defined (__aarch64__) && !defined (__ILP32__)
|
|
case DW_CFA_AARCH64_negate_ra_state:
|
|
/* This CFA is multiplexed with SPARC.
|
|
On AArch64 it's used to toggle the status of return address signing
|
|
with SP as a diversifier.
|
|
- REG_ARCHEXT means that the RA state register in FS contains a
|
|
valid value, and that no other DWARF directive has changed the
|
|
value of this register.
|
|
- any other value is not compatible with negating the RA state. */
|
|
aarch64_fs_ra_state_toggle (fs);
|
|
break;
|
|
#else
|
|
case DW_CFA_GNU_window_save:
|
|
/* ??? Hardcoded for SPARC register window configuration. */
|
|
if (__LIBGCC_DWARF_FRAME_REGISTERS__ >= 32)
|
|
for (reg = 16; reg < 32; ++reg)
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = (reg - 16) * sizeof (void *);
|
|
}
|
|
break;
|
|
#endif
|
|
|
|
case DW_CFA_GNU_args_size:
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
context->args_size = (_Unwind_Word)utmp;
|
|
break;
|
|
|
|
case DW_CFA_GNU_negative_offset_extended:
|
|
/* Obsoleted by DW_CFA_offset_extended_sf, but used by
|
|
older PowerPC code. */
|
|
insn_ptr = read_uleb128 (insn_ptr, ®);
|
|
insn_ptr = read_uleb128 (insn_ptr, &utmp);
|
|
offset = (_Unwind_Word) utmp * DATA_ALIGN;
|
|
reg = DWARF_REG_TO_UNWIND_COLUMN (reg);
|
|
if (UNWIND_COLUMN_IN_RANGE (reg))
|
|
{
|
|
fs->regs.how[reg] = REG_SAVED_OFFSET;
|
|
fs->regs.reg[reg].loc.offset = -offset;
|
|
}
|
|
break;
|
|
|
|
default:
|
|
gcc_unreachable ();
|
|
}
|
|
}
|
|
}
|
|
|
|
#undef DATA_ALIGN
|
|
#undef CODE_ALIGN
|