Looks the patch was attached instead of in the body of the mail, but my
comments are as follows:
ASM_ARM64_PROPERTY_BTI=1
ASM_ARM64_BTI_C="bti c"
Don't use "bti c" or any of the bti and pac instructions on Linux. Instead use
the hint space
mnemonics so older tool chains can still assemble the code. I have added the
relevant bti ones
below for your reference.
bti c is hint 34
bti j is hint 36
I didn't see jump targets annotated with bti j? Are you sure you tested this on
a machine with
bti enabled?
On 7/15/24 3:21 AM, Daiki Ueno wrote:
Hello,
The attached is my attempt to enable PAC/BTI[1] support for AArch64. As
the Nettle assembly files only define leaf functions (i.e., no
subroutine calls with LR/SP save/restore), PAC is not applicable and
thus only BTI is enabled for now.
To test, I used the mock[2] environment with the fedora-40-aarch64
configuration:
$ mock -r fedora-40-aarch64 --init
<mock-chroot> sh-5.2# ./.bootstrap
<mock-chroot> sh-5.2# ./configure --disable-documentation
CFLAGS="-mbranch-protection=standard"
<mock-chroot> sh-5.2# make -j$(nproc)
<mock-chroot> sh-5.2# readelf -n libnettle.so
Displaying notes found in: .note.gnu.property
Owner Data size Description
GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0
Properties: AArch64 feature: BTI, PAC
...
Regards,
Footnotes:
[1] https://wiki.debian.org/ToolChain/PACBTI
[2] https://fedoraproject.org/wiki/Using_Mock_to_test_package_builds
_______________________________________________
nettle-bugs mailing list -- [email protected]
To unsubscribe send an email to [email protected]
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
_______________________________________________
nettle-bugs mailing list -- [email protected]
To unsubscribe send an email to [email protected]
