[Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS for CMSE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114837 Richard Ball changed: What|Removed |Added Resolution|--- |FIXED Status|ASSIGNED|RESOLVED --- Comment #8 from Richard Ball --- Fixed
[Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS for CMSE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114837 --- Comment #7 from Richard Ball --- Backported to gcc-11, gcc-12 and gcc-13
[Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS for CMSE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114837 --- Comment #6 from GCC Commits --- The releases/gcc-11 branch has been updated by Richard Ball : https://gcc.gnu.org/g:dabd742cc25f8992c24e639510df0965dbf14f21 commit r11-11364-gdabd742cc25f8992c24e639510df0965dbf14f21 Author: Richard Ball Date: Thu Apr 25 15:30:42 2024 +0100 arm: Zero/Sign extends for CMSE security Co-Authored by: Andre Simoes Dias Vieira This patch makes the following changes: 1) When calling a secure function from non-secure code then any arguments smaller than 32-bits that are passed in registers are zero- or sign-extended. 2) After a non-secure function returns into secure code then any return value smaller than 32-bits that is passed in a register is zero- or sign-extended. This patch addresses the following CVE-2024-0151. gcc/ChangeLog: PR target/114837 * config/arm/arm.c (cmse_nonsecure_call_inline_register_clear): Add zero/sign extend. (arm_expand_prologue): Add zero/sign extend. gcc/testsuite/ChangeLog: * gcc.target/arm/cmse/extend-param.c: New test. * gcc.target/arm/cmse/extend-return.c: New test. (cherry picked from commit ad45086178d833254d66fab518b14234418f002b)
[Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS for CMSE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114837 --- Comment #5 from GCC Commits --- The releases/gcc-12 branch has been updated by Richard Ball : https://gcc.gnu.org/g:441e194abcf3211de647d74c892f90879ae9ca8c commit r12-10394-g441e194abcf3211de647d74c892f90879ae9ca8c Author: Richard Ball Date: Thu Apr 25 15:30:42 2024 +0100 arm: Zero/Sign extends for CMSE security Co-Authored by: Andre Simoes Dias Vieira This patch makes the following changes: 1) When calling a secure function from non-secure code then any arguments smaller than 32-bits that are passed in registers are zero- or sign-extended. 2) After a non-secure function returns into secure code then any return value smaller than 32-bits that is passed in a register is zero- or sign-extended. This patch addresses the following CVE-2024-0151. gcc/ChangeLog: PR target/114837 * config/arm/arm.cc (cmse_nonsecure_call_inline_register_clear): Add zero/sign extend. (arm_expand_prologue): Add zero/sign extend. gcc/testsuite/ChangeLog: * gcc.target/arm/cmse/extend-param.c: New test. * gcc.target/arm/cmse/extend-return.c: New test. (cherry picked from commit ad45086178d833254d66fab518b14234418f002b)
[Bug target/114837] [11/12/13] Fix to security weaknesses in arm PCS for CMSE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114837 --- Comment #4 from GCC Commits --- The releases/gcc-13 branch has been updated by Richard Ball : https://gcc.gnu.org/g:5550214b58e95320b54e42ef0e37c6479e04b27b commit r13-8647-g5550214b58e95320b54e42ef0e37c6479e04b27b Author: Richard Ball Date: Thu Apr 25 15:30:42 2024 +0100 arm: Zero/Sign extends for CMSE security Co-Authored by: Andre Simoes Dias Vieira This patch makes the following changes: 1) When calling a secure function from non-secure code then any arguments smaller than 32-bits that are passed in registers are zero- or sign-extended. 2) After a non-secure function returns into secure code then any return value smaller than 32-bits that is passed in a register is zero- or sign-extended. This patch addresses the following CVE-2024-0151. gcc/ChangeLog: PR target/114837 * config/arm/arm.cc (cmse_nonsecure_call_inline_register_clear): Add zero/sign extend. (arm_expand_prologue): Add zero/sign extend. gcc/testsuite/ChangeLog: * gcc.target/arm/cmse/extend-param.c: New test. * gcc.target/arm/cmse/extend-return.c: New test. (cherry picked from commit ad45086178d833254d66fab518b14234418f002b)