ArmPkg/Include/AsmMacroIoLibV8.h | 3 +- ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S | 3 +- ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S | 4 +- ArmPkg/Library/GccLto/liblto-aarch64.a | Bin 1016 -> 1128 bytes ArmPkg/Library/GnuNoteBti.bin | Bin 0 -> 32 bytes ArmPlatformPkg/PrePeiCore/AArch64/Exception.S | 2 + ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 2 + BaseTools/Conf/tools_def.template | 4 +- BaseTools/Source/C/GenFw/Elf64Convert.c | 104 +++++++++++++++++--- BaseTools/Source/C/GenFw/GenFw.c | 3 +- BaseTools/Source/C/GenFw/elf_common.h | 9 ++ BaseTools/Source/C/Include/IndustryStandard/PeImage.h | 13 ++- MdeModulePkg/Core/Dxe/DxeMain.h | 2 + MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++ MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +- MdePkg/Include/AArch64/ProcessorBind.h | 31 ++++++ MdePkg/Include/Guid/MemoryAttributesTable.h | 8 +- MdePkg/Include/IndustryStandard/PeImage.h | 13 ++- MdePkg/Include/Library/PeCoffLib.h | 6 ++ MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S | 1 + MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S | 1 + MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S | 8 ++ MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S | 1 + MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S | 1 + MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S | 1 + MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S | 1 + MdePkg/Library/BaseLib/AArch64/MemoryFence.S | 1 + MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 5 +- MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S | 1 + MdePkg/Library/BaseLib/AArch64/SwitchStack.S | 2 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S | 5 + MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 46 ++++++--- MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 3 +- MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 1 + MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S | 5 + 39 files changed, 270 insertions(+), 42 deletions(-) create mode 100644 ArmPkg/Library/GnuNoteBti.bin
Implement version 2 of the memory attributes table, which now contains a flag informing the OS whether or not code regions may be mapped with CFI mitigations such as IBT or BTI enabled. This series covers roughly the following parts: - (AARCH64) Annotate ELF objects generated from asm as BTI compatible when BTI codegen is enabled - Update the BaseTools to emit the appropriate PE/COFF annotation when a BTI/IBT compatible ELF executable is converted to PE/COFF - Take this PE/COFF annotation into account when populating the memory attributes table in the DXE core TODO: - X64 changes to make the code IBT compatible and emit the ELF note - Figure out how to generate such executables with native PE toolchains - Implement BTI/IBT enforcement at boot time - this is something I intend to look into next. Can be tested with the CLANG38 toolchain (both Clang compiler and LLD linker, version 3.8 or newer) with the following build options. [BuildOptions] GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti GCC:*_*_AARCH64_DLINK_FLAGS = -fuse-ld=lld -Wl,--no-relax,--no-pie,-z,bti-report=error Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Rebecca Cran <quic_rcran@quicinc.com> Cc: Leif Lindholm <quic_llindhol@quicinc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Taylor Beebe <t@taylorbeebe.com> Cc: Marvin Häuser <mhaeuser@posteo.de> Cc: Bob Feng <bob.c.feng@intel.com> Ard Biesheuvel (17): MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible MdePkg/BaseLib AARCH64: Make asm files BTI compatible MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible ArmPkg: Emit BTI opcodes when BTI codegen is enabled ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible BaseTools/GenFw: Parse IBT/BTI support status from ELF note BaseTools/GenFw: Add DllCharacteristicsEx field to debug data MdePkg: Update MemoryAttributesTable to v2.10 MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context MdeModulePkg: Enable forward edge CFI in mem attributes table ArmPkg/Include/AsmMacroIoLibV8.h | 3 +- ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S | 3 +- ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S | 4 +- ArmPkg/Library/GccLto/liblto-aarch64.a | Bin 1016 -> 1128 bytes ArmPkg/Library/GnuNoteBti.bin | Bin 0 -> 32 bytes ArmPlatformPkg/PrePeiCore/AArch64/Exception.S | 2 + ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 2 + BaseTools/Conf/tools_def.template | 4 +- BaseTools/Source/C/GenFw/Elf64Convert.c | 104 +++++++++++++++++--- BaseTools/Source/C/GenFw/GenFw.c | 3 +- BaseTools/Source/C/GenFw/elf_common.h | 9 ++ BaseTools/Source/C/Include/IndustryStandard/PeImage.h | 13 ++- MdeModulePkg/Core/Dxe/DxeMain.h | 2 + MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++ MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +- MdePkg/Include/AArch64/ProcessorBind.h | 31 ++++++ MdePkg/Include/Guid/MemoryAttributesTable.h | 8 +- MdePkg/Include/IndustryStandard/PeImage.h | 13 ++- MdePkg/Include/Library/PeCoffLib.h | 6 ++ MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S | 1 + MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S | 1 + MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S | 8 ++ MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S | 1 + MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S | 1 + MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S | 1 + MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S | 1 + MdePkg/Library/BaseLib/AArch64/MemoryFence.S | 1 + MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 5 +- MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S | 1 + MdePkg/Library/BaseLib/AArch64/SwitchStack.S | 2 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S | 1 + MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S | 5 + MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 46 ++++++--- MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 3 +- MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 1 + MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S | 5 + 39 files changed, 270 insertions(+), 42 deletions(-) create mode 100644 ArmPkg/Library/GnuNoteBti.bin -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101924): https://edk2.groups.io/g/devel/message/101924 Mute This Topic: https://groups.io/mt/97879281/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On Mon, Mar 27, 2023 at 13:00:55 +0200, Ard Biesheuvel wrote:
> Implement version 2 of the memory attributes table, which now contains a
> flag informing the OS whether or not code regions may be mapped with CFI
> mitigations such as IBT or BTI enabled.
>
> This series covers roughly the following parts:
>
> - (AARCH64) Annotate ELF objects generated from asm as BTI compatible
> when BTI codegen is enabled
> - Update the BaseTools to emit the appropriate PE/COFF annotation when a
> BTI/IBT compatible ELF executable is converted to PE/COFF
> - Take this PE/COFF annotation into account when populating the memory
> attributes table in the DXE core
For any patches I haven't explicitly commented on in this set:
Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com>
(but I did comment on patch 17 in the review of patch 15)
/
Leif
> TODO:
> - X64 changes to make the code IBT compatible and emit the ELF note
> - Figure out how to generate such executables with native PE toolchains
> - Implement BTI/IBT enforcement at boot time - this is something I
> intend to look into next.
>
> Can be tested with the CLANG38 toolchain (both Clang compiler and LLD
> linker, version 3.8 or newer) with the following build options.
>
> [BuildOptions]
> GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti
> GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti
> GCC:*_*_AARCH64_DLINK_FLAGS = -fuse-ld=lld -Wl,--no-relax,--no-pie,-z,bti-report=error
>
> Cc: Michael Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael Kubacki <michael.kubacki@microsoft.com>
> Cc: Sean Brogan <sean.brogan@microsoft.com>
> Cc: Rebecca Cran <quic_rcran@quicinc.com>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Taylor Beebe <t@taylorbeebe.com>
> Cc: Marvin H??user <mhaeuser@posteo.de>
> Cc: Bob Feng <bob.c.feng@intel.com>
>
> Ard Biesheuvel (17):
> MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note
> MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible
> MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible
> MdePkg/BaseLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible
> MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible
> ArmPkg: Emit BTI opcodes when BTI codegen is enabled
> ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library
> ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects
> ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible
> BaseTools/GenFw: Parse IBT/BTI support status from ELF note
> BaseTools/GenFw: Add DllCharacteristicsEx field to debug data
> MdePkg: Update MemoryAttributesTable to v2.10
> MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context
> MdeModulePkg: Enable forward edge CFI in mem attributes table
>
> ArmPkg/Include/AsmMacroIoLibV8.h | 3 +-
> ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S | 3 +-
> ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S | 4 +-
> ArmPkg/Library/GccLto/liblto-aarch64.a | Bin 1016 -> 1128 bytes
> ArmPkg/Library/GnuNoteBti.bin | Bin 0 -> 32 bytes
> ArmPlatformPkg/PrePeiCore/AArch64/Exception.S | 2 +
> ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 2 +
> BaseTools/Conf/tools_def.template | 4 +-
> BaseTools/Source/C/GenFw/Elf64Convert.c | 104 +++++++++++++++++---
> BaseTools/Source/C/GenFw/GenFw.c | 3 +-
> BaseTools/Source/C/GenFw/elf_common.h | 9 ++
> BaseTools/Source/C/Include/IndustryStandard/PeImage.h | 13 ++-
> MdeModulePkg/Core/Dxe/DxeMain.h | 2 +
> MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++
> MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +-
> MdePkg/Include/AArch64/ProcessorBind.h | 31 ++++++
> MdePkg/Include/Guid/MemoryAttributesTable.h | 8 +-
> MdePkg/Include/IndustryStandard/PeImage.h | 13 ++-
> MdePkg/Include/Library/PeCoffLib.h | 6 ++
> MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S | 1 +
> MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S | 1 +
> MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S | 8 ++
> MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S | 1 +
> MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S | 1 +
> MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S | 1 +
> MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S | 1 +
> MdePkg/Library/BaseLib/AArch64/MemoryFence.S | 1 +
> MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 5 +-
> MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S | 1 +
> MdePkg/Library/BaseLib/AArch64/SwitchStack.S | 2 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S | 5 +
> MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 46 ++++++---
> MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 3 +-
> MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 1 +
> MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S | 5 +
> 39 files changed, 270 insertions(+), 42 deletions(-)
> create mode 100644 ArmPkg/Library/GnuNoteBti.bin
>
> --
> 2.39.2
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#102129): https://edk2.groups.io/g/devel/message/102129
Mute This Topic: https://groups.io/mt/97879281/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/xyzzy [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
On Wed, 29 Mar 2023 at 18:31, Leif Lindholm <quic_llindhol@quicinc.com> wrote: > > On Mon, Mar 27, 2023 at 13:00:55 +0200, Ard Biesheuvel wrote: > > Implement version 2 of the memory attributes table, which now contains a > > flag informing the OS whether or not code regions may be mapped with CFI > > mitigations such as IBT or BTI enabled. > > > > This series covers roughly the following parts: > > > > - (AARCH64) Annotate ELF objects generated from asm as BTI compatible > > when BTI codegen is enabled > > - Update the BaseTools to emit the appropriate PE/COFF annotation when a > > BTI/IBT compatible ELF executable is converted to PE/COFF > > - Take this PE/COFF annotation into account when populating the memory > > attributes table in the DXE core > > For any patches I haven't explicitly commented on in this set: > Reviewed-by: Leif Lindholm <quic_llindhol@quicinc.com> > > (but I did comment on patch 17 in the review of patch 15) > Thanks. I have pushed the AArch64 specific codegen changes and the MdePkg one that updates the definition of the table. That leaves the following changes: BaseTools/GenFw: Parse IBT/BTI support status from ELF note BaseTools/GenFw: Add DllCharacteristicsEx field to debug data Liming, Bob, Rebecca: any comments here? MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context MdeModulePkg: Enable forward edge CFI in mem attributes table Jiewen, Liming? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#102157): https://edk2.groups.io/g/devel/message/102157 Mute This Topic: https://groups.io/mt/97879281/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
For the patchset: Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com> Thanks! On 3/27/2023 4:00 AM, Ard Biesheuvel wrote: > Implement version 2 of the memory attributes table, which now contains a > > flag informing the OS whether or not code regions may be mapped with CFI > > mitigations such as IBT or BTI enabled. > > > > This series covers roughly the following parts: > > > > - (AARCH64) Annotate ELF objects generated from asm as BTI compatible > > when BTI codegen is enabled > > - Update the BaseTools to emit the appropriate PE/COFF annotation when a > > BTI/IBT compatible ELF executable is converted to PE/COFF > > - Take this PE/COFF annotation into account when populating the memory > > attributes table in the DXE core > > > > TODO: > > - X64 changes to make the code IBT compatible and emit the ELF note > > - Figure out how to generate such executables with native PE toolchains > > - Implement BTI/IBT enforcement at boot time - this is something I > > intend to look into next. > > > > Can be tested with the CLANG38 toolchain (both Clang compiler and LLD > > linker, version 3.8 or newer) with the following build options. > > > > [BuildOptions] > > GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti > > GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti > > GCC:*_*_AARCH64_DLINK_FLAGS = -fuse-ld=lld -Wl,--no-relax,--no-pie,-z,bti-report=error > > > > Cc: Michael Kinney <michael.d.kinney@intel.com> > > Cc: Liming Gao <gaoliming@byosoft.com.cn> > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > Cc: Michael Kubacki <michael.kubacki@microsoft.com> > > Cc: Sean Brogan <sean.brogan@microsoft.com> > > Cc: Rebecca Cran <quic_rcran@quicinc.com> > > Cc: Leif Lindholm <quic_llindhol@quicinc.com> > > Cc: Sami Mujawar <sami.mujawar@arm.com> > > Cc: Taylor Beebe <t@taylorbeebe.com> > > Cc: Marvin Häuser <mhaeuser@posteo.de> > > Cc: Bob Feng <bob.c.feng@intel.com> > > > > Ard Biesheuvel (17): > > MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note > > MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible > > MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible > > MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible > > MdePkg/BaseLib AARCH64: Make asm files BTI compatible > > MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible > > MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible > > MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible > > ArmPkg: Emit BTI opcodes when BTI codegen is enabled > > ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library > > ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects > > ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible > > BaseTools/GenFw: Parse IBT/BTI support status from ELF note > > BaseTools/GenFw: Add DllCharacteristicsEx field to debug data > > MdePkg: Update MemoryAttributesTable to v2.10 > > MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context > > MdeModulePkg: Enable forward edge CFI in mem attributes table > > > > ArmPkg/Include/AsmMacroIoLibV8.h | 3 +- > > ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S | 3 +- > > ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S | 4 +- > > ArmPkg/Library/GccLto/liblto-aarch64.a | Bin 1016 -> 1128 bytes > > ArmPkg/Library/GnuNoteBti.bin | Bin 0 -> 32 bytes > > ArmPlatformPkg/PrePeiCore/AArch64/Exception.S | 2 + > > ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 2 + > > BaseTools/Conf/tools_def.template | 4 +- > > BaseTools/Source/C/GenFw/Elf64Convert.c | 104 +++++++++++++++++--- > > BaseTools/Source/C/GenFw/GenFw.c | 3 +- > > BaseTools/Source/C/GenFw/elf_common.h | 9 ++ > > BaseTools/Source/C/Include/IndustryStandard/PeImage.h | 13 ++- > > MdeModulePkg/Core/Dxe/DxeMain.h | 2 + > > MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++ > > MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +- > > MdePkg/Include/AArch64/ProcessorBind.h | 31 ++++++ > > MdePkg/Include/Guid/MemoryAttributesTable.h | 8 +- > > MdePkg/Include/IndustryStandard/PeImage.h | 13 ++- > > MdePkg/Include/Library/PeCoffLib.h | 6 ++ > > MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S | 1 + > > MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S | 1 + > > MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S | 8 ++ > > MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S | 1 + > > MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S | 1 + > > MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S | 1 + > > MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S | 1 + > > MdePkg/Library/BaseLib/AArch64/MemoryFence.S | 1 + > > MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 5 +- > > MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S | 1 + > > MdePkg/Library/BaseLib/AArch64/SwitchStack.S | 2 + > > MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S | 1 + > > MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S | 1 + > > MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S | 1 + > > MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S | 1 + > > MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S | 5 + > > MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 46 ++++++--- > > MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 3 +- > > MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 1 + > > MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S | 5 + > > 39 files changed, 270 insertions(+), 42 deletions(-) > > create mode 100644 ArmPkg/Library/GnuNoteBti.bin > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#102073): https://edk2.groups.io/g/devel/message/102073 Mute This Topic: https://groups.io/mt/97879281/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On Mon, Mar 27, 2023 at 13:00:55 +0200, Ard Biesheuvel wrote:
> Implement version 2 of the memory attributes table, which now contains a
> flag informing the OS whether or not code regions may be mapped with CFI
> mitigations such as IBT or BTI enabled.
>
> This series covers roughly the following parts:
>
> - (AARCH64) Annotate ELF objects generated from asm as BTI compatible
> when BTI codegen is enabled
> - Update the BaseTools to emit the appropriate PE/COFF annotation when a
> BTI/IBT compatible ELF executable is converted to PE/COFF
> - Take this PE/COFF annotation into account when populating the memory
> attributes table in the DXE core
>
> TODO:
> - X64 changes to make the code IBT compatible and emit the ELF note
> - Figure out how to generate such executables with native PE toolchains
> - Implement BTI/IBT enforcement at boot time - this is something I
> intend to look into next.
>
> Can be tested with the CLANG38 toolchain (both Clang compiler and LLD
> linker, version 3.8 or newer) with the following build options.
>
> [BuildOptions]
> GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti
> GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti
I know you point out to use CLANG38, but the set is also tagged PATCH
rather than RFC.
I believe this option was added to GCC in version 9, meaning this is a
breaking change for GCC8. Now, GCC8 is ancient, but I expect it's
still what's available in RHEL8 for example. So it's worth mentioning.
/
Leif
> GCC:*_*_AARCH64_DLINK_FLAGS = -fuse-ld=lld -Wl,--no-relax,--no-pie,-z,bti-report=error
>
> Cc: Michael Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael Kubacki <michael.kubacki@microsoft.com>
> Cc: Sean Brogan <sean.brogan@microsoft.com>
> Cc: Rebecca Cran <quic_rcran@quicinc.com>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Taylor Beebe <t@taylorbeebe.com>
> Cc: Marvin H??user <mhaeuser@posteo.de>
> Cc: Bob Feng <bob.c.feng@intel.com>
>
> Ard Biesheuvel (17):
> MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note
> MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible
> MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible
> MdePkg/BaseLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible
> MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible
> MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible
> ArmPkg: Emit BTI opcodes when BTI codegen is enabled
> ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library
> ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects
> ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible
> BaseTools/GenFw: Parse IBT/BTI support status from ELF note
> BaseTools/GenFw: Add DllCharacteristicsEx field to debug data
> MdePkg: Update MemoryAttributesTable to v2.10
> MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context
> MdeModulePkg: Enable forward edge CFI in mem attributes table
>
> ArmPkg/Include/AsmMacroIoLibV8.h | 3 +-
> ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S | 3 +-
> ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S | 4 +-
> ArmPkg/Library/GccLto/liblto-aarch64.a | Bin 1016 -> 1128 bytes
> ArmPkg/Library/GnuNoteBti.bin | Bin 0 -> 32 bytes
> ArmPlatformPkg/PrePeiCore/AArch64/Exception.S | 2 +
> ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 2 +
> BaseTools/Conf/tools_def.template | 4 +-
> BaseTools/Source/C/GenFw/Elf64Convert.c | 104 +++++++++++++++++---
> BaseTools/Source/C/GenFw/GenFw.c | 3 +-
> BaseTools/Source/C/GenFw/elf_common.h | 9 ++
> BaseTools/Source/C/Include/IndustryStandard/PeImage.h | 13 ++-
> MdeModulePkg/Core/Dxe/DxeMain.h | 2 +
> MdeModulePkg/Core/Dxe/Image/Image.c | 10 ++
> MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c | 8 +-
> MdePkg/Include/AArch64/ProcessorBind.h | 31 ++++++
> MdePkg/Include/Guid/MemoryAttributesTable.h | 8 +-
> MdePkg/Include/IndustryStandard/PeImage.h | 13 ++-
> MdePkg/Include/Library/PeCoffLib.h | 6 ++
> MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S | 1 +
> MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S | 1 +
> MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S | 8 ++
> MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S | 1 +
> MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S | 1 +
> MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S | 1 +
> MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S | 1 +
> MdePkg/Library/BaseLib/AArch64/MemoryFence.S | 1 +
> MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S | 5 +-
> MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S | 1 +
> MdePkg/Library/BaseLib/AArch64/SwitchStack.S | 2 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S | 1 +
> MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S | 5 +
> MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 46 ++++++---
> MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S | 3 +-
> MdePkg/Library/BaseRngLib/AArch64/ArmRng.S | 1 +
> MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S | 5 +
> 39 files changed, 270 insertions(+), 42 deletions(-)
> create mode 100644 ArmPkg/Library/GnuNoteBti.bin
>
> --
> 2.39.2
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101944): https://edk2.groups.io/g/devel/message/101944
Mute This Topic: https://groups.io/mt/97879281/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076/xyzzy [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
(update Rebecca's email) On Mon, 27 Mar 2023 at 13:43, Leif Lindholm <quic_llindhol@quicinc.com> wrote: > > On Mon, Mar 27, 2023 at 13:00:55 +0200, Ard Biesheuvel wrote: > > Implement version 2 of the memory attributes table, which now contains a > > flag informing the OS whether or not code regions may be mapped with CFI > > mitigations such as IBT or BTI enabled. > > > > This series covers roughly the following parts: > > > > - (AARCH64) Annotate ELF objects generated from asm as BTI compatible > > when BTI codegen is enabled > > - Update the BaseTools to emit the appropriate PE/COFF annotation when a > > BTI/IBT compatible ELF executable is converted to PE/COFF > > - Take this PE/COFF annotation into account when populating the memory > > attributes table in the DXE core > > > > TODO: > > - X64 changes to make the code IBT compatible and emit the ELF note > > - Figure out how to generate such executables with native PE toolchains > > - Implement BTI/IBT enforcement at boot time - this is something I > > intend to look into next. > > > > Can be tested with the CLANG38 toolchain (both Clang compiler and LLD > > linker, version 3.8 or newer) with the following build options. > > > > [BuildOptions] > > GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti > > GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti > > I know you point out to use CLANG38, but the set is also tagged PATCH > rather than RFC. > I believe this option was added to GCC in version 9, meaning this is a > breaking change for GCC8. Now, GCC8 is ancient, but I expect it's > still what's available in RHEL8 for example. So it's worth mentioning. > Indeed. So when and where to enable this (by default or not) is an open question. I thought we might enable this by default for CLANGDWARF once we add AArch64 support to it (which Rebecca is working on), and retire the CLANG3x toolchains entirely. Then, it is up to individual platforms to decide what they want to enable or disable - it also depends on any asm code the platforms are carrying. (This does not really matter for this series which only covers runtime DXE executables running under the OS, but i'd like to find ways to enable this at boot time as well) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#101951): https://edk2.groups.io/g/devel/message/101951 Mute This Topic: https://groups.io/mt/97879281/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Hi,
> > I know you point out to use CLANG38, but the set is also tagged PATCH
> > rather than RFC.
> > I believe this option was added to GCC in version 9, meaning this is a
> > breaking change for GCC8. Now, GCC8 is ancient, but I expect it's
> > still what's available in RHEL8 for example. So it's worth mentioning.
>
> Indeed.
>
> So when and where to enable this (by default or not) is an open question.
No objections to requiring a newer compiler from my side.
Even with the default system compiler not changing through the whole
live cycle RHEL typically offers newer gcc versions as an option
(packaged as gcc-toolset-${version}-gcc, latest version available for
RHEL-8 is gcc-12).
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#101957): https://edk2.groups.io/g/devel/message/101957
Mute This Topic: https://groups.io/mt/97879281/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2023 Red Hat, Inc.