From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131])
 by mx.groups.io with SMTP id smtpd.web10.34346.1679922608104011587
 for <devel@edk2.groups.io>;
 Mon, 27 Mar 2023 06:10:08 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=Gm7zr9tM;
 spf=permerror, err=parse error for token &{10 18 %{ir}.%{v}.%{d}.spf.has.pphosted.com}: invalid domain name (domain: quicinc.com, ip: 205.220.180.131, mailfrom: quic_llindhol@quicinc.com)
Received: from pps.filterd (m0279870.ppops.net [127.0.0.1])
	by mx0a-0031df01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 32RAMhjj028379;
	Mon, 27 Mar 2023 13:09:58 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=date : from : to :
 cc : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=qcppdkim1; bh=zDC9PEcYBdgf87qv0dDIa8PdpbVMBOqnhyMB6bEg+8g=;
 b=Gm7zr9tM30w5Sq+9pOr5pAxF9qLh2wgAnq2mLKXgfoooY0TvPJJ1KsPTutqS8SCJBbDc
 w7dgj7Ubmn0Fg2BTSSJGMm+r1v4oc/nQS62quAUDsno/o7lxd2mcD1kMBAlkQs3rir2K
 HRKcS96T7lnrylX0AQ2RyUzOk+hJXk4IU6QlrXDC0HbvjNvfNAdT/VB6RTpZmzSpMz4N
 o6KqbwWHsQad+xatwOcw6hzdSaLNnEgZuStW7sFXdTb+reoQUJV1TdGvo/iXNjgLNqUs
 MVNQsqyp3LQg46dAHrcJ8tH420W3ffeXhqJSn5KdByyPN8B6ByndJC0H1/oNBCgEpBbG ZQ== 
Received: from nasanppmta04.qualcomm.com (i-global254.qualcomm.com [199.106.103.254])
	by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3phsr34fmf-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 27 Mar 2023 13:09:58 +0000
Received: from nasanex01c.na.qualcomm.com (nasanex01c.na.qualcomm.com [10.45.79.139])
	by NASANPPMTA04.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 32RD9vcw017461
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 27 Mar 2023 13:09:57 GMT
Received: from qc-i7.hemma.eciton.net (10.80.80.8) by
 nasanex01c.na.qualcomm.com (10.45.79.139) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.986.41; Mon, 27 Mar 2023 06:09:54 -0700
Date: Mon, 27 Mar 2023 14:09:51 +0100
From: "Leif Lindholm" <quic_llindhol@quicinc.com>
To: Ard Biesheuvel <ardb@kernel.org>
CC: <devel@edk2.groups.io>, Michael Kinney <michael.d.kinney@intel.com>,
        Liming Gao <gaoliming@byosoft.com.cn>,
        Jiewen Yao <jiewen.yao@intel.com>,
        Michael Kubacki <michael.kubacki@microsoft.com>,
        Sean Brogan
	<sean.brogan@microsoft.com>,
        Rebecca Cran <quic_rcran@quicinc.com>,
        Sami
 Mujawar <sami.mujawar@arm.com>, Taylor Beebe <t@taylorbeebe.com>,
        Marvin
 =?iso-8859-1?Q?H=E4user?= <mhaeuser@posteo.de>,
        Bob Feng
	<bob.c.feng@intel.com>
Subject: Re: [PATCH v2 11/17] ArmPkg, BaseTools AARCH64: Add BTI ELF note to .hii objects
Message-ID: <ZCGVn7ITMMH0fCvC@qc-i7.hemma.eciton.net>
References: <20230327110112.262503-1-ardb@kernel.org>
 <20230327110112.262503-12-ardb@kernel.org>
MIME-Version: 1.0
In-Reply-To: <20230327110112.262503-12-ardb@kernel.org>
X-Originating-IP: [10.80.80.8]
X-ClientProxiedBy: nasanex01b.na.qualcomm.com (10.46.141.250) To
 nasanex01c.na.qualcomm.com (10.45.79.139)
X-QCInternal: smtphost
X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085
X-Proofpoint-GUID: 7dq2oSjECKsoBiEFtn1AJCZ_bGwlulfx
X-Proofpoint-ORIG-GUID: 7dq2oSjECKsoBiEFtn1AJCZ_bGwlulfx
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
 definitions=2023-03-24_11,2023-03-27_01,2023-02-09_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=872 mlxscore=0
 clxscore=1015 impostorscore=0 phishscore=0 suspectscore=0
 priorityscore=1501 spamscore=0 malwarescore=0 bulkscore=0
 lowpriorityscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.12.0-2303200000 definitions=main-2303270103
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline

On Mon, Mar 27, 2023 at 13:01:06 +0200, Ard Biesheuvel wrote:
> The ELF based toolchains use objcopy to create HII object files, which
> contain only a single .hii section. This means no GNU note is inserted
> that describes the object as compatible with BTI, even though the lack
> of executable code in such an object makes the distinction irrelevant.
> However, the linker will not add the note globally to the resulting ELF
> executable, and this breaks BTI compatibility.
> 
> So let's insert a GNU BTI-compatible ELF note by hand when generating
> such object files.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
>  ArmPkg/Library/GnuNoteBti.bin     | Bin 0 -> 32 bytes
>  BaseTools/Conf/tools_def.template |   4 ++--
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/ArmPkg/Library/GnuNoteBti.bin b/ArmPkg/Library/GnuNoteBti.bin
> new file mode 100644
> index 0000000000000000000000000000000000000000..339567b4e89943c610b44767ddad5f631229ed3b
> GIT binary patch
> literal 32
> dcmZQ!U|<jcVpbq__X`D*3<p?%1S5zA1OOf&0m%RW
> 
> literal 0
> HcmV?d00001
> 
> diff --git a/BaseTools/Conf/tools_def.template b/BaseTools/Conf/tools_def.template
> index 471eb67c0c839730..ed6050aa96157cb9 100755
> --- a/BaseTools/Conf/tools_def.template
> +++ b/BaseTools/Conf/tools_def.template
> @@ -2400,7 +2400,7 @@ RELEASE_GCC5_ARM_DLINK_FLAGS     = DEF(GCC5_ARM_DLINK_FLAGS) -flto -Os -L$(WORKS
>  *_GCC5_AARCH64_DTCPP_FLAGS       = DEF(GCC_DTCPP_FLAGS)
>  *_GCC5_AARCH64_PLATFORM_FLAGS    =
>  *_GCC5_AARCH64_PP_FLAGS          = $(PLATFORM_FLAGS) DEF(GCC_PP_FLAGS)
> -*_GCC5_AARCH64_RC_FLAGS          = DEF(GCC_AARCH64_RC_FLAGS)
> +*_GCC5_AARCH64_RC_FLAGS          = DEF(GCC_AARCH64_RC_FLAGS) --add-section .note.gnu.property=$(WORKSPACE)/ArmPkg/Library/GnuNoteBti.bin --set-section-flags .note.gnu.property=alloc,readonly
>  *_GCC5_AARCH64_VFRPP_FLAGS       = $(PLATFORM_FLAGS) DEF(GCC_VFRPP_FLAGS)
>  *_GCC5_AARCH64_CC_XIPFLAGS       = DEF(GCC5_AARCH64_CC_XIPFLAGS)
>  
> @@ -2735,7 +2735,7 @@ DEFINE CLANG38_AARCH64_DLINK_FLAGS  = DEF(CLANG38_AARCH64_TARGET) DEF(GCC_AARCH6
>  *_CLANG38_AARCH64_DLINK2_FLAGS   = DEF(GCC_DLINK2_FLAGS_COMMON) -Wl,--defsym=PECOFF_HEADER_SIZE=0x228
>  *_CLANG38_AARCH64_PLATFORM_FLAGS =
>  *_CLANG38_AARCH64_PP_FLAGS       = DEF(GCC_PP_FLAGS) DEF(CLANG38_AARCH64_TARGET) $(PLATFORM_FLAGS)
> -*_CLANG38_AARCH64_RC_FLAGS       = DEF(GCC_AARCH64_RC_FLAGS)
> +*_CLANG38_AARCH64_RC_FLAGS       = DEF(GCC_AARCH64_RC_FLAGS) --add-section .note.gnu.property=$(WORKSPACE)/ArmPkg/Library/GnuNoteBti.bin --set-section-flags .note.gnu.property=alloc,readonly

Bikeshedding, but could we have an AARCH64_BTI_RC_FLAGS or something
set, which is expanded for each toolchain profile? I think this is
esoteric enough that it's helpful to group just the
bti-note-incantations together in a single place.

/
    Leif

>  *_CLANG38_AARCH64_VFRPP_FLAGS    = DEF(GCC_VFRPP_FLAGS) DEF(CLANG38_AARCH64_TARGET) $(PLATFORM_FLAGS)
>  *_CLANG38_AARCH64_ASLPP_FLAGS    = DEF(GCC_ASLPP_FLAGS) DEF(CLANG38_AARCH64_TARGET)
>  *_CLANG38_AARCH64_CC_XIPFLAGS    = DEF(GCC_AARCH64_CC_XIPFLAGS)
> -- 
> 2.39.2
>