aarch64: Enable GCS in static linked exe

Use the ARCH_SETUP_TLS hook to enable GCS in the static linked case.
The system call must be inlined and then GCS is enabled on a top
level stack frame that does not return and has no exception handlers
above it.

sysdeps/unix/sysv/linux/aarch64/libc-start.h

@@ -0,0 +1,49 @@
+/* AArch64 definitions for libc main startup.
+   Copyright (C) 2024 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#ifndef _LIBC_START_H
+#define _LIBC_START_H
+
+#ifndef SHARED
+
+# ifndef PR_SET_SHADOW_STACK_STATUS
+#  define PR_GET_SHADOW_STACK_STATUS	74
+#  define PR_SET_SHADOW_STACK_STATUS	75
+#  define PR_LOCK_SHADOW_STACK_STATUS	76
+#  define PR_SHADOW_STACK_ENABLE	(1UL << 0)
+#  define PR_SHADOW_STACK_WRITE		(1UL << 1)
+#  define PR_SHADOW_STACK_PUSH		(1UL << 2)
+# endif
+
+/* Must be on a top-level stack frame that does not return.  */
+static inline void __attribute__((always_inline))
+aarch64_libc_setup_tls (void)
+{
+  __libc_setup_tls ();
+
+  uint64_t s = GL(dl_aarch64_gcs);
+  if (s != 0)
+    INLINE_SYSCALL_CALL (prctl, PR_SET_SHADOW_STACK_STATUS, s, 0, 0, 0);
+}
+
+# define ARCH_SETUP_IREL() apply_irel ()
+# define ARCH_SETUP_TLS() aarch64_libc_setup_tls ()
+# define ARCH_APPLY_IREL()
+#endif /* ! SHARED  */
+
+#endif /* _LIBC_START_H  */