aarch64: redefine RETURN_ADDRESS to strip PAC

RETURN_ADDRESS is used at several places in glibc to mean a valid code address of the call site, but with pac-ret it may contain a pointer authentication code (PAC), so its definition is adjusted. This is gcc PR target/94891: __builtin_return_address should not expose signed pointers to user code where it can cause ABI issues. In glibc RETURN_ADDRESS is only changed if it is built with pac-ret. There is no detection for the specific gcc issue because it is hard to test and the additional xpac does not cause problems.
author: Szabolcs Nagy <szabolcs.nagy@arm.com> 2020-04-15 17:40:45 +0100
committer: Szabolcs Nagy <szabolcs.nagy@arm.com> 2020-07-02 09:27:05 +0100
commit: 09c1ff256bbfb8d21474e74ae3bd449239aa32c7 (patch)
tree: 09d976310dd8c1be8323b0b14281931f67c18595
parent: a8014c48c1a2a0398e49b04a08962355c7dcbb11 (diff)
download: glibc-09c1ff256bbfb8d21474e74ae3bd449239aa32c7.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/sysdeps/aarch64/sysdep.h b/sysdeps/aarch64/sysdep.h
index 2879aeaa5c..48fa8e9e90 100644
--- a/sysdeps/aarch64/sysdep.h
+++ b/sysdeps/aarch64/sysdep.h
@@ -44,6 +44,13 @@ strip_pac (void *p)
   asm ("hint 7 // xpaclri" : "+r"(ra));
   return ra;
 }
+
+/* This is needed when glibc is built with -mbranch-protection=pac-ret
+   with a gcc that is affected by PR target/94891.  */
+# if HAVE_AARCH64_PAC_RET
+#  undef RETURN_ADDRESS
+#  define RETURN_ADDRESS(n) strip_pac (__builtin_return_address (n))
+# endif
 #endif
 
 #ifdef	__ASSEMBLER__
author	Szabolcs Nagy <szabolcs.nagy@arm.com>	2020-04-15 17:40:45 +0100
committer	Szabolcs Nagy <szabolcs.nagy@arm.com>	2020-07-02 09:27:05 +0100
commit	09c1ff256bbfb8d21474e74ae3bd449239aa32c7 (patch)
tree	09d976310dd8c1be8323b0b14281931f67c18595
parent	a8014c48c1a2a0398e49b04a08962355c7dcbb11 (diff)
download	glibc-09c1ff256bbfb8d21474e74ae3bd449239aa32c7.tar.gz