D42226.id128836.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D42226.id128836.diff
View Options

	diff --git a/sys/arm64/include/asm.h b/sys/arm64/include/asm.h
	--- a/sys/arm64/include/asm.h
	+++ b/sys/arm64/include/asm.h
	@@ -142,6 +142,28 @@
	#define BTI_J
	#endif

	+/*
	+ * To help protect against ROP attacks we can use Pointer Authentication
	+ * to sign the return address before pushing it to the stack.
	+ *
	+ * PAC_LR_SIGN can be used at the start of a function to sign the link
	+ * register with the stack pointer as the modifier. As this is in the hint
	+ * space it is safe to use on CPUs that don't implement pointer
	+ * authentication. It can be used in place of the BTI_C instruction above as
	+ * a valid BTI landing pad instruction.
	+ *
	+ * PAC_LR_AUTH is used to authenticate the link register using the stack
	+ * pointer as the modifier. It should be used in any function that uses
	+ * PAC_LR_SIGN. The stack pointer must be identical in each case.
	+ */
	+#ifdef __ARM_FEATURE_PAC_DEFAULT
	+#define PAC_LR_SIGN hint #25 /* paciasp */
	+#define PAC_LR_AUTH hint #29 /* autiasp */
	+#else
	+#define PAC_LR_SIGN
	+#define PAC_LR_AUTH
	+#endif
	+
	#if defined(__ARM_FEATURE_BTI_DEFAULT)
	#if defined(__ARM_FEATURE_PAC_DEFAULT)
	/* BTI, PAC */