From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131])
 by mx.groups.io with SMTP id smtpd.web11.32669.1679917435907997325
 for <devel@edk2.groups.io>;
 Mon, 27 Mar 2023 04:43:55 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=YOYk4XFk;
 spf=permerror, err=parse error for token &{10 18 %{ir}.%{v}.%{d}.spf.has.pphosted.com}: invalid domain name (domain: quicinc.com, ip: 205.220.168.131, mailfrom: quic_llindhol@quicinc.com)
Received: from pps.filterd (m0279866.ppops.net [127.0.0.1])
	by mx0a-0031df01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 32RAJxms018789;
	Mon, 27 Mar 2023 11:43:46 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=date : from : to :
 cc : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=qcppdkim1; bh=ZqbvrVQZ2hokIXauOtEEUBGY4sNnVLt5mR3wVAORDpc=;
 b=YOYk4XFkQALqQFhOLwvvZxBjQeCsjnxkU+a/sWVoUnx5R76G5o0pd/r/ER/+AHruv0Mj
 AdSXK7W+5zYF9xTIzhYLn2BJMAKy5e8JzuifjuAL1+dY8agWgyXcuHXkbevyKikZB3oR
 tWSZB2aQ1cSedsfIatOHnQtIKq7FtdNB83j+zI8wXC/8tZo9UcsVyGejuT1XnapZCETp
 u9HJzqaV9oHpkLlDqi47nyS8559WtJx2dzceKItCIMvNB+5cPghj+cRu022Q2pVqBxbc
 UXglEK1QiptF6uOyo8x2FOXZGoLzn45b9FUS7H/PmCNXDiPIG+2PCOl7JQdUmFhu3TbP Jg== 
Received: from nasanppmta04.qualcomm.com (i-global254.qualcomm.com [199.106.103.254])
	by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3pht8f48nx-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 27 Mar 2023 11:43:45 +0000
Received: from nasanex01c.na.qualcomm.com (nasanex01c.na.qualcomm.com [10.45.79.139])
	by NASANPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 32RBhjBh004407
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 27 Mar 2023 11:43:45 GMT
Received: from qc-i7.hemma.eciton.net (10.80.80.8) by
 nasanex01c.na.qualcomm.com (10.45.79.139) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.986.41; Mon, 27 Mar 2023 04:43:42 -0700
Date: Mon, 27 Mar 2023 12:43:39 +0100
From: "Leif Lindholm" <quic_llindhol@quicinc.com>
To: Ard Biesheuvel <ardb@kernel.org>
CC: <devel@edk2.groups.io>, Michael Kinney <michael.d.kinney@intel.com>,
        Liming Gao <gaoliming@byosoft.com.cn>,
        Jiewen Yao <jiewen.yao@intel.com>,
        Michael Kubacki <michael.kubacki@microsoft.com>,
        Sean Brogan
	<sean.brogan@microsoft.com>,
        Rebecca Cran <quic_rcran@quicinc.com>,
        Sami
 Mujawar <sami.mujawar@arm.com>, Taylor Beebe <t@taylorbeebe.com>,
        Marvin
 =?iso-8859-1?Q?H=E4user?= <mhaeuser@posteo.de>,
        Bob Feng
	<bob.c.feng@intel.com>
Subject: Re: [PATCH v2 00/17] Enable BTI support in memory attributes table
Message-ID: <ZCGBa8iRpvYOHdWy@qc-i7.hemma.eciton.net>
References: <20230327110112.262503-1-ardb@kernel.org>
MIME-Version: 1.0
In-Reply-To: <20230327110112.262503-1-ardb@kernel.org>
X-Originating-IP: [10.80.80.8]
X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To
 nasanex01c.na.qualcomm.com (10.45.79.139)
X-QCInternal: smtphost
X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085
X-Proofpoint-GUID: jtTyMXmPQVbigvZka7q0oVuCHvV1B6oY
X-Proofpoint-ORIG-GUID: jtTyMXmPQVbigvZka7q0oVuCHvV1B6oY
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
 definitions=2023-03-24_11,2023-03-27_01,2023-02-09_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 phishscore=0
 adultscore=0 priorityscore=1501 lowpriorityscore=0 spamscore=0
 suspectscore=0 malwarescore=0 impostorscore=0 clxscore=1011
 mlxlogscore=777 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2303200000 definitions=main-2303270091
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline

On Mon, Mar 27, 2023 at 13:00:55 +0200, Ard Biesheuvel wrote:
> Implement version 2 of the memory attributes table, which now contains a
> flag informing the OS whether or not code regions may be mapped with CFI
> mitigations such as IBT or BTI enabled.
> 
> This series covers roughly the following parts:
> 
> - (AARCH64) Annotate ELF objects generated from asm as BTI compatible
>   when BTI codegen is enabled
> - Update the BaseTools to emit the appropriate PE/COFF annotation when a
>   BTI/IBT compatible ELF executable is converted to PE/COFF
> - Take this PE/COFF annotation into account when populating the memory
>   attributes table in the DXE core
> 
> TODO:
> - X64 changes to make the code IBT compatible and emit the ELF note
> - Figure out how to generate such executables with native PE toolchains
> - Implement BTI/IBT enforcement at boot time - this is something I
>   intend to look into next.
> 
> Can be tested with the CLANG38 toolchain (both Clang compiler and LLD
> linker, version 3.8 or newer) with the following build options.
> 
> [BuildOptions]
>   GCC:*_*_AARCH64_PP_FLAGS = -mbranch-protection=bti
>   GCC:*_*_AARCH64_CC_FLAGS = -mbranch-protection=bti

I know you point out to use CLANG38, but the set is also tagged PATCH
rather than RFC.
I believe this option was added to GCC in version 9, meaning this is a
breaking change for GCC8. Now, GCC8 is ancient, but I expect it's
still what's available in RHEL8 for example. So it's worth mentioning.

/
    Leif

>   GCC:*_*_AARCH64_DLINK_FLAGS = -fuse-ld=lld -Wl,--no-relax,--no-pie,-z,bti-report=error
>
> Cc: Michael Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael Kubacki <michael.kubacki@microsoft.com>
> Cc: Sean Brogan <sean.brogan@microsoft.com>
> Cc: Rebecca Cran <quic_rcran@quicinc.com>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Taylor Beebe <t@taylorbeebe.com>
> Cc: Marvin H??user <mhaeuser@posteo.de>
> Cc: Bob Feng <bob.c.feng@intel.com>
> 
> Ard Biesheuvel (17):
>   MdePkg/ProcessorBind AARCH64: Add asm macro to emit GNU BTI note
>   MdePkg/BaseCpuLib AARCH64: Make asm files BTI compatible
>   MdePkg/BaseIoLibIntrinsic AARCH64: Make asm files BTI compatible
>   MdePkg/BaseLib AARCH64: Make LongJump() BTI compatible
>   MdePkg/BaseLib AARCH64: Make asm files BTI compatible
>   MdePkg/BaseMemoryLibOptDxe AARCH64: Make asm files BTI compatible
>   MdePkg/BaseSynchronizationLib AARCH64: Make asm files BTI compatible
>   MdePkg/BaseRngLib AARCH64: Make asm files BTI compatible
>   ArmPkg: Emit BTI opcodes when BTI codegen is enabled
>   ArmPkg/GccLto AARCH64: Add BTI note to LTO helper library
>   ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects
>   ArmPlatformPkg/PrePeiCore: Make vector table object BTI compatible
>   BaseTools/GenFw: Parse IBT/BTI support status from ELF note
>   BaseTools/GenFw: Add DllCharacteristicsEx field to debug data
>   MdePkg: Update MemoryAttributesTable to v2.10
>   MdePkg/PeCoffLib: Capture DLL characteristics fieldis in image context
>   MdeModulePkg: Enable forward edge CFI in mem attributes table
> 
>  ArmPkg/Include/AsmMacroIoLibV8.h                                |   3 +-
>  ArmPkg/Library/ArmExceptionLib/AArch64/ExceptionSupport.S       |   3 +-
>  ArmPkg/Library/ArmSvcLib/AArch64/ArmSvc.S                       |   4 +-
>  ArmPkg/Library/GccLto/liblto-aarch64.a                          | Bin 1016 -> 1128 bytes
>  ArmPkg/Library/GnuNoteBti.bin                                   | Bin 0 -> 32 bytes
>  ArmPlatformPkg/PrePeiCore/AArch64/Exception.S                   |   2 +
>  ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S                   |   2 +
>  BaseTools/Conf/tools_def.template                               |   4 +-
>  BaseTools/Source/C/GenFw/Elf64Convert.c                         | 104 +++++++++++++++++---
>  BaseTools/Source/C/GenFw/GenFw.c                                |   3 +-
>  BaseTools/Source/C/GenFw/elf_common.h                           |   9 ++
>  BaseTools/Source/C/Include/IndustryStandard/PeImage.h           |  13 ++-
>  MdeModulePkg/Core/Dxe/DxeMain.h                                 |   2 +
>  MdeModulePkg/Core/Dxe/Image/Image.c                             |  10 ++
>  MdeModulePkg/Core/Dxe/Misc/MemoryAttributesTable.c              |   8 +-
>  MdePkg/Include/AArch64/ProcessorBind.h                          |  31 ++++++
>  MdePkg/Include/Guid/MemoryAttributesTable.h                     |   8 +-
>  MdePkg/Include/IndustryStandard/PeImage.h                       |  13 ++-
>  MdePkg/Include/Library/PeCoffLib.h                              |   6 ++
>  MdePkg/Library/BaseCpuLib/AArch64/CpuFlushTlb.S                 |   1 +
>  MdePkg/Library/BaseCpuLib/AArch64/CpuSleep.S                    |   1 +
>  MdePkg/Library/BaseIoLibIntrinsic/AArch64/ArmVirtMmio.S         |   8 ++
>  MdePkg/Library/BaseLib/AArch64/CpuBreakpoint.S                  |   1 +
>  MdePkg/Library/BaseLib/AArch64/DisableInterrupts.S              |   1 +
>  MdePkg/Library/BaseLib/AArch64/EnableInterrupts.S               |   1 +
>  MdePkg/Library/BaseLib/AArch64/GetInterruptsState.S             |   1 +
>  MdePkg/Library/BaseLib/AArch64/MemoryFence.S                    |   1 +
>  MdePkg/Library/BaseLib/AArch64/SetJumpLongJump.S                |   5 +-
>  MdePkg/Library/BaseLib/AArch64/SpeculationBarrier.S             |   1 +
>  MdePkg/Library/BaseLib/AArch64/SwitchStack.S                    |   2 +
>  MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareGuid.S        |   1 +
>  MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CompareMem.S         |   1 +
>  MdePkg/Library/BaseMemoryLibOptDxe/AArch64/CopyMem.S            |   1 +
>  MdePkg/Library/BaseMemoryLibOptDxe/AArch64/ScanMem.S            |   1 +
>  MdePkg/Library/BaseMemoryLibOptDxe/AArch64/SetMem.S             |   5 +
>  MdePkg/Library/BasePeCoffLib/BasePeCoff.c                       |  46 ++++++---
>  MdePkg/Library/BaseRngLib/AArch64/ArmReadIdIsar0.S              |   3 +-
>  MdePkg/Library/BaseRngLib/AArch64/ArmRng.S                      |   1 +
>  MdePkg/Library/BaseSynchronizationLib/AArch64/Synchronization.S |   5 +
>  39 files changed, 270 insertions(+), 42 deletions(-)
>  create mode 100644 ArmPkg/Library/GnuNoteBti.bin
> 
> -- 
> 2.39.2
>