Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PAUTHABIELF64] Add R_AARCH64_AUTH_GOT_ADR_PREL_LO21 relocation #259

Merged
merged 1 commit into from
Jul 2, 2024

Conversation

smithp35
Copy link
Contributor

With the tiny code model and a signed GOT, an adr instruction is needed to get the address of the GOT entry for input to the authenication. For example:

adr x8, :got_auth: symbol
ldr x0, [x8]
// Authenticate to get unsigned pointer
autia x0, x8

The adr requires a new relocation code where there isn't a direct equivalent in the main ABI as there is not need to take the address of the GOT slot when no authentication is required.

We define R_AARCH64_AUTH_GOT_ADR_PREL21_LO21 for this purpose following the naming convention of R__ADR_PREL_LO21. which is its closest equivalent.

Comment on lines +1104 to +1095
Compared to the tiny code model without pointer authentication an
additonal adr is required to get the address of the GOT entry.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I am following here - all PLT sequences as currently defined(1) must compute the address of the GOT entry for the dynamic linker. So the ADR is required even without PAUTH, and it would be worth having the equivalent relocation if it doesn't already exist (given that just having PC-relative LDR won't work).

(1) It is possible to define PLT sequences that compute the address of the GOT entry in a different way.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is intended for something like:

int x;
int* f(void) {
  return &x;
}

Which with the tiny code-model is

f:
        ldr     x0, :got:x
        ret

There's no need for the adr, in the non PAuth case. In the PAuth case the address is needed for authentication.

All the current linker PLT implementations use the small code-model so they use adrp. I take the point that we could have a tiny PLT sequence, off the top of my head something like:

adr x16, <address of .got.plt entry>
ldr x17, [x16]
br x17

Which would need a non-Auth equivalent relocation like R_AARCH64_GOT_ADR_PREL_LO21. Although as the linker generates the .plt and the .got.plt so it could just implement the calculation without a relocation directive.

Is there a need for something like R_AARCH64_GOT_ADR_PREL_LO21 in user code?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, there doesn't seem a case for user code, so if linkers use internal relocations then there is no need to add one.

@@ -1167,6 +1179,11 @@ The GOT entries must be relocated by AUTH variant dynamic relocations.
| | | | value to bits [11:0] of |
| | | | X. No overflow check. |
+-------------+----------------------------------------+----------------------------------+--------------------------+
| 0x811D | R\AARCH64\_AUTH\_GOT\_ADR\_PREL\_LO21 | G(ENCD(GDAT(S + A))) - P | Set the immediate |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove the +A

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to keep the +A until we've come to a conclusion about #217 and then I'll submit a patch to remove all of the addends from GOT generating relocations at once.

Reminds me to ping for responses to an internal proposal on #217

kovdan01 added a commit to kovdan01/llvm-project that referenced this pull request Jul 1, 2024
@asl
Copy link

asl commented Jul 2, 2024

We double checked and aligned all names in the implementation according to the spec (see llvm/llvm-project@029ba55)

With the tiny code model and a signed GOT, an adr instruction is
needed to get the address of the GOT entry for input to the
authenication. For example:

adr x8, :got_auth: symbol
ldr x0, [x8]
// Authenticate to get unsigned pointer
autia x0, x8

The adr requires a new relocation code where there isn't a direct
equivalent in the main ABI as there is not need to take the
address of the GOT slot when no authentication is required.

We define R_AARCH64_AUTH_GOT_ADR_PREL21_LO21 for this purpose
following the naming convention of R_<CLS>_ADR_PREL_LO21. which is
its closest equivalent.
@smithp35 smithp35 force-pushed the AUTH_GOT_ADR_PREL_LO21 branch from abdfbd1 to 221bb91 Compare July 2, 2024 15:21
@smithp35
Copy link
Contributor Author

smithp35 commented Jul 2, 2024

Thanks for the confirmation.

@smithp35 smithp35 merged commit f14c8ff into ARM-software:main Jul 2, 2024
1 check passed
Copy link

@sallyarmneale sallyarmneale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No changes required

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants