[AArch64] Add support for pointer authentication relocations#801
[AArch64] Add support for pointer authentication relocations#801nezetic wants to merge 1 commit intoqualcomm:mainfrom
Conversation
nezetic
force-pushed
the
auth-reloc-support
branch
2 times, most recently
from
2d93aa4 to
7c37e18
Compare
quic-seaswara
requested review from
apazos,
quic-areg,
quic-seaswara and
svs-quic
|
@pzhengqc might be a better suited to review this. |
| uint32_t relaCount = 0; | ||
| for (auto &R : m_Backend.getRelaDyn()->getRelocations()) { | ||
| if (R->type() == llvm::ELF::R_AARCH64_RELATIVE) | ||
| if (R->type() == llvm::ELF::R_AARCH64_RELATIVE || |
There was a problem hiding this comment.
I think this may lead to a potentially wrong DT_RELACOUNT value with eld (lld does not count AARCH64_AUTH_RELATIVE here).
There was a problem hiding this comment.
My understanding if that DT_RELACOUNT represents the number of relative relocations in .rela.dyn. AARCH64_AUTH_RELATIVE relocations will end up in this section, so they must be counted.
Relocation section '.rela.dyn' at offset 0x1e8 contains 11 entries:
Offset Info Type Symbol's Value Symbol's Name + Addend
0000000000001130 0000000000000411 R_AARCH64_AUTH_RELATIVE 341
0000000000001138 0000000000000411 R_AARCH64_AUTH_RELATIVE 1132
It's important to note LLD implement a very tedious (and optional) Relocation Compression (section 11) , that is not in the scope of this PR.
I did not perform a 1:1 comparaison with LLD, but made sure ELD is passing similar tests.
nezetic
force-pushed
the
auth-reloc-support
branch
from
7c37e18 to
4521653
Compare
|
@efriedma-quic can you please review this change ? |
| auto Entry = m_RelativeRelocMap.find(pReloc); | ||
| if (Entry == m_RelativeRelocMap.end()) | ||
| return nullptr; | ||
| return Entry->second; |
There was a problem hiding this comment.
| auto Entry = m_RelativeRelocMap.find(pReloc); | |
| if (Entry == m_RelativeRelocMap.end()) | |
| return nullptr; | |
| return Entry->second; | |
| return m_RelativeRelocMap.lookup(pReloc); |
| ValueType(0x23d, \ | ||
| MappedType(&unsupport, \ | ||
| "R_AARCH64_TLSLE_LDST128_DTPREL_LO12_NC", 32)), \ | ||
| ValueType(0x244, MappedType(&abs, "R_AARCH64_AUTH_ABS64", 64)), \ |
There was a problem hiding this comment.
Can we arrange this header in the same order as llvm/BinaryFormat/ELFRelocs/AArch64.def, to make future updates easier?
There was a problem hiding this comment.
I updated the header based on AArch64.def, adding all AUTH relocations in the same order
| // a dynamic relocations with RELATIVE type to this location is needed. | ||
| // Reserve an entry in .rel.dyn | ||
| if (config().isCodeIndep()) { | ||
| if (config().isCodeIndep() || isAuthReloc(pReloc)) { |
There was a problem hiding this comment.
Using isAuthReloc() instead of just pReloc.type() == llvm::ELF::R_AARCH64_AUTH_ABS64 feels a little strange.
There was a problem hiding this comment.
Indeed, I simplified the code a bit, testing only with R_AARCH64_AUTH_ABS64 where I'm only matching this one (abs function and relocation scan switch cases).
| # STATIC-NEXT: {{0x[0-9A-F]+}} R_AARCH64_AUTH_RELATIVE - {{0x[0-9A-F]+}} | ||
| # STATIC-NEXT: } | ||
|
|
||
| # Test PAuth relocations with static executable (without PIE) |
There was a problem hiding this comment.
In a static executable, what code actually processes the rela.dyn section?
There was a problem hiding this comment.
In the case of a baremetal binary (a firmware), a custom dynamic linker (as it's already the case for things like TZ).
| foo: | ||
|
|
||
| #--- main.s | ||
| .section .test, "aw" |
There was a problem hiding this comment.
Maybe worth adding a test to show what happens if you try to use R_AARCH64_AUTH_ABS64 in a readonly section?
There was a problem hiding this comment.
I added a few relocations in a read-only section in the tests.
As far I understand the specifications, there are no restrictions regarding read-only sections.
There was a problem hiding this comment.
The spec might not say anything, but eld defaults to -z text, which should forbid such relocations?
nezetic
force-pushed
the
auth-reloc-support
branch
from
4521653 to
4bf2f20
Compare
Implements basic PAuth support for AArch64 following the PAuth ABI Extension specification (2025Q1): https://github.com/ARM-software/abi-aa/blob/main/pauthabielf64/pauthabielf64.rst **Adds:** - R_AARCH64_AUTH_ABS64 (0x244): authenticated absolute relocations - R_AARCH64_AUTH_RELATIVE (0x411): authenticated relative relocations **Testing:** Covers PIE/non-PIE/static executables, as well as various corner cases from the spec like undefined weak references, COPY relocations and non-allocating sections. **Not included:** GOT/PLT signing, additional AUTH relocation types (future work). **Notes:** I changed the way *GNULDBackend::recordRelativeReloc* store relative relocations. The original map is only iterated once (in a linear way), but reversing the key / values allows to implement an efficient *GNULDBackend::findRelativeReloc*. No changes to existing non-AUTH relocation behavior. Signed-off-by: Cedric Tessier <ctessier@qti.qualcomm.com>
nezetic
force-pushed
the
auth-reloc-support
branch
from
4bf2f20 to
78f7b56
Compare
5 participants
Implements basic PAuth support for AArch64 following the PAuth ABI Extension specification (2025Q1):
https://github.com/ARM-software/abi-aa/blob/main/pauthabielf64/pauthabielf64.rst
Adds:
Testing:
Covers PIE/non-PIE/static executables, as well as various corner cases from the spec like undefined weak references, COPY relocations and non-allocating sections.
Not included:
GOT/PLT signing, additional AUTH relocation types (future work).
Notes:
I changed the way GNULDBackend::recordRelativeReloc store relative relocations. The original map is only iterated once (in a linear way), but reversing the key / values allows to implement an efficient GNULDBackend::findRelativeReloc.
No changes to existing non-AUTH relocation behavior.