This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [PATCH v2][GDB][ARM]: gdb cannot step across CMSE secure entry function code.
- From: Srinath Parvathaneni <Srinath dot Parvathaneni at arm dot com>
- To: Alan Hayward <Alan dot Hayward at arm dot com>
- Cc: "gdb-patches at sourceware dot org" <gdb-patches at sourceware dot org>, nd <nd at arm dot com>, Simon Marchi <simark at simark dot ca>, "tom at tromey dot com" <tom at tromey dot com>
- Date: Fri, 19 Jul 2019 15:48:09 +0000
- Subject: Re: [PATCH v2][GDB][ARM]: gdb cannot step across CMSE secure entry function code.
- Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=arm.com;dmarc=pass action=none header.from=arm.com;dkim=pass header.d=arm.com;arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=W2W02jbg4CvfYKtA8b9hBAwzW5Ac20LLUN3Vc/sEcgs=; b=Dj/R6AATf3lqWU9zui35v5CgJjkl/wIPTuQPq0FGuBXIrG6gbqLI8qQGzsxvfhsHZqVu2RLiJTT8wxf5nJDymV64qGSE7W5XEu3DH2aOX7E+uvK9uOsHYsIkc51IZ+uaPJ7DdhlPku6SMu2FnhwigKVtIond0m24pBvi/5oro/Gt/u5+P1nGuo7jgzlH0oxXtmQf7Zo9AawjyqMphFmq6O9K50+TF02BwWZlo1eH+XcqtxgdkllWbFu6v2pXUM4SGcXmAhne8Ml/kGJyrbYHGGPQ3w1mV62BAVTrbmyUHHIxjt+pK6tY0GQB3Fx4hMD4rW8erlJxp1/YxnCGOzaYgg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PkR8dr4jmu3qKE+cfG1iuZPXB7vGkoLN6TONLubU/4ijoBn8QMjc75Djr2H1wwsN2xxGCgsJGRN7SwFxuehVSmQBT9GHoZGTfPdWGTtoJQA1u5UqdL7D4A/D/w2n5Jq5M0dSvuTrURA+wJueb90J4CAPM4Bh8mqyoyPnD4XL9y7C3datX/KtZRHY1WyOElO9b/8zUIoSJB/6gcZfXddIxs04c5ReLkCzXxlV85b3f+ShtGYrpYzMlahF69hIatnzuvXErlu5BQ7CebspCiEeHCcYj6m/6u+sanGH+q8AqIxIGPl97dnL08qL25b1ArHC89YSj2qq/sJOUrVFMWPNpA==
- Original-authentication-results: spf=none (sender IP is ) smtp.mailfrom=Srinath dot Parvathaneni at arm dot com;
- References: <DBBPR08MB4775278C11A77742825FC97E9BCB0@DBBPR08MB4775.eurprd08.prod.outlook.com> <056372DC-9E53-4640-A97C-1E31DF1F53BA@arm.com>
On 7/19/19 3:58 PM, Alan Hayward wrote:
>
>
>> On 19 Jul 2019, at 13:23, Srinath Parvathaneni <Srinath.Parvathaneni@arm.com> wrote:
>>
>> Hello Alan, Simon and Tom.
>>
>> Thank you very much for reviewing my first patch to GDB and providing me your feedback.
>> https://sourceware.org/ml/gdb-patches/2019-07/msg00392.html
>>
>> I have incorporating all your review comments and sending a new patch here.
>>
>> Hello,
>>
>> GDB is not able to execute "step" command on function calls of Armv8-M cmse secure entry functions.
>> Everytime GNU linker come across definition of any cmse secure entry function in object file(s),
>> it creates two new instructions secure gateway (sg) and original branch destination (b.w),
>> place those two instructions in ".gnu.sgstubs" section of executable.
>> Any function calls to these cmse secure entry functions is re-directed through secure gateway (sg)
>> present in ".gnu.sgstubs" section.
>>
>> Example:
>> Following is a function call to cmse secure entry function "foo":
>> ...
>> bl xxxx <foo> --->(a)
>> ...
>> <foo>
>> xxxx: push {r7, lr}
>>
>> GNU linker on finding out "foo" is a cmse secure entry function, created sg and b.w instructions and
>> place them in ".gnu.sgstubs" section (marked by c).
>>
>> The "bl" instruction (marked by a) which is a call to cmse secure entry function is modified by GNU linker
>> (as marked by b) and call flow is re-directly through secure gateway (sg) in ".gnu.sgstubs" section.
>> ...
>> bl yyyy <foo> ---> (b)
>> ...
>> section .gnu.sgstubs: ---> (c)
>> yyyy <foo>
>> yyyy: sg // secure gateway
>> b.w xxxx <__acle_se_foo> // original_branch_dest
>> ...
>> 0000xxxx <__acle_se_foo>
>> xxxx: push {r7, lr} ---> (d)
>>
>> On invoking GDB, when the control is at "b" and we pass "step" command, the pc returns "yyyy"
>> (sg address) which is a trampoline and which does not exist in source code. So GDB jumps
>> to next line without jumping to "__acle_se_foo" (marked by d).
>>
>> The above details are published on the Arm website [1], please refer to section 5.4 (Entry functions)
>> and section 3.4.4 (C level development flow of secure code).
>>
>> [1] https://developer.arm.com/architectures/cpu-architecture/m-profile/docs/ecm0359818/latest/armv8-m-security-extensions-requirements-on-development-tools-engineering-specification
>>
>> This patch fixes above problem by returning target pc "xxxx" to GDB on executing "step"
>> command at "b", so that the control jumps to "__acle_se_foo" (marked by d).
>>
>> This patch is tested by debugging the CMSE executable using GDB on Aarch32 box.
>> Regression tested for armv7hl-redhat-linux-gnueabi and found no regressions.
>>
>> Ok for master? If ok, could someone commit this on my behalf,
>> I don't have the commit rights.
>
> LGTM.
> I tried the patch, and it works for me.
Thank you for the review.
> I’ll give it a few days for someone else to comment, and if not, then I'll commit
> early next week.
Understood and thank you once again.
> Thanks!
> Alan.
>
>
>
>>
>> gdb/ChangeLog:
>>
>> 2019-07-19 Srinath Parvathaneni <srinath.parvathaneni@arm.com>
>>
>> * gdb/arm-tdep.c (arm_skip_cmse_entry):New function. When gdb
>> encounters a "step" command on cmse secure entry function (eg:func),
>> this function return an address of "__acle_se_<func>" to PC instead
>> of secure gateaway (sg) address which is present in ".gnu.sgstubs"
>> section.
>> (arm_is_sgstubs_section):New function. To check the current section is
>> ".gnu.sgstubs".
>> (arm_skip_stub):Add call to arm_skip_cmse_entry function.
>> * gdb/arm-tdep.h (arm_is_sgstubs_section):New function declaration.
>>
>> gdb/testsuite/ChangeLog:
>>
>> 2019-07-19 Srinath Parvathaneni <srinath.parvathaneni@arm.com>
>>
>> * gdb.arch/arm-cmse-sgstubs.c: New test.
>> * gdb.arch/arm-cmse-sgstubs.exp: New file.
>>
>>
>>
>> ############### Attachment also inlined for ease of reply ###############
>>
>>
>> diff --git a/gdb/arm-tdep.h b/gdb/arm-tdep.h
>> index 23dd40ea8beb1b00289a4cd4e65647399d351580..9482e765a7fc5bb58676096f6b879eae2a7c858e 100644
>> --- a/gdb/arm-tdep.h
>> +++ b/gdb/arm-tdep.h
>> @@ -259,6 +259,7 @@ ULONGEST arm_get_next_pcs_read_memory_unsigned_integer (CORE_ADDR memaddr,
>>
>> CORE_ADDR arm_get_next_pcs_addr_bits_remove (struct arm_get_next_pcs *self,
>> CORE_ADDR val);
>> +bool arm_is_sgstubs_section (struct obj_section *);
>>
>> int arm_get_next_pcs_is_thumb (struct arm_get_next_pcs *self);
>>
>> diff --git a/gdb/arm-tdep.c b/gdb/arm-tdep.c
>> index d244707210628ab045f677c0cbad3d8b0c6d6269..e3b7ab6f096eb91da067d772b8798ffd0737e3d6 100644
>> --- a/gdb/arm-tdep.c
>> +++ b/gdb/arm-tdep.c
>> @@ -8211,6 +8211,53 @@ arm_get_longjmp_target (struct frame_info *frame, CORE_ADDR *pc)
>> *pc = extract_unsigned_integer (buf, INT_REGISTER_SIZE, byte_order);
>> return 1;
>> }
>> +/* A call to cmse secure entry function "foo" at "a" is modified by
>> + GNU ld as "b".
>> + a) bl xxxx <foo>
>> +
>> + <foo>
>> + xxxx:
>> +
>> + b) bl yyyy <__acle_se_foo>
>> +
>> + section .gnu.sgstubs:
>> + <foo>
>> + yyyy: sg // secure gateway
>> + b.w xxxx <__acle_se_foo> // original_branch_dest
>> +
>> + <__acle_se_foo>
>> + xxxx:
>> +
>> + When the control at "b", the pc contains "yyyy" (sg address) which is a
>> + trampoline and does not exist in source code. This function returns the
>> + target pc "xxxx". For more details please refer to section 5.4
>> + (Entry functions) and section 3.4.4 (C level development flow of secure code)
>> + of "armv8-m-security-extensions-requirements-on-development-tools-engineering-specification"
>> + document on www.developer.arm.com. */
>> +
>> +static CORE_ADDR
>> +arm_skip_cmse_entry (CORE_ADDR pc, const char *name, struct objfile *objfile)
>> +{
>> + struct bound_minimal_symbol minsym;
>> + int target_len = strlen (name) + strlen ("__acle_se_") + 1;
>> + char *target_name = (char *) alloca (target_len);
>> + xsnprintf (target_name, target_len, "%s%s", "__acle_se_",name);
>> + minsym = lookup_minimal_symbol (target_name, NULL, objfile);
>> + if (minsym.minsym != nullptr)
>> + return BMSYMBOL_VALUE_ADDRESS (minsym);
>> + return 0;
>> +}
>> +
>> +/* Return true when sec points to ".gnu.sgstubs" section. */
>> +bool
>> +arm_is_sgstubs_section (struct obj_section *sec)
>> +{
>> + if (sec != nullptr && sec->the_bfd_section != nullptr
>> + && sec->the_bfd_section->name != nullptr
>> + && streq (sec->the_bfd_section->name,".gnu.sgstubs"))
>> + return true;
>> + return false;
>> +}
>>
>> /* Recognize GCC and GNU ld's trampolines. If we are in a trampoline,
>> return the target PC. Otherwise return 0. */
>> @@ -8221,6 +8268,7 @@ arm_skip_stub (struct frame_info *frame, CORE_ADDR pc)
>> const char *name;
>> int namelen;
>> CORE_ADDR start_addr;
>> + struct obj_section *section;
>>
>> /* Find the starting address and name of the function containing the PC. */
>> if (find_pc_partial_function (pc, &name, &start_addr, NULL) == 0)
>> @@ -8290,6 +8338,10 @@ arm_skip_stub (struct frame_info *frame, CORE_ADDR pc)
>> return 0;
>> }
>>
>> + section = find_pc_section (pc);
>> + /* checks whether address pc holds belows to ".gnu.sgstubs" section. */
>> + if (arm_is_sgstubs_section (section))
>> + return arm_skip_cmse_entry (pc, name, section->objfile);
>> return 0;/* not a stub */
>> }
>>
>> diff --git a/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c
>> new file mode 100644
>> index 0000000000000000000000000000000000000000..7f3b40f20c67abfdd2410614e7ee29ae77d37966
>> --- /dev/null
>> +++ b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c
>> @@ -0,0 +1,29 @@
>> +#include <stdio.h>
>> +extern void func();
>> +void __acle_se_func ()
>> +{
>> + printf("__acle_se_func\n");
>> +}
>> +
>> +/* The following code is written using asm so that the instructions in function
>> + * "func" will be placed in .gnu.sgstubs section of the executable. */
>> +asm ("\t.section .gnu.sgstubs,\"ax\",%progbits\n"
>> + "\t.global func\n"
>> + "\t.type func, %function\n"
>> + "func:\n"
>> + "\tnop @sg\n"
>> + "\tb __acle_se_func @b.w");
>> +
>> +void fun1 ()
>> +{
>> + printf("In fun1\n");
>> +}
>> +
>> +int main (void)
>> +{
>> + func();
>> + fun1();
>> + __acle_se_func();
>> + func();
>> + return 0;
>> +}
>> diff --git a/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp
>> new file mode 100644
>> index 0000000000000000000000000000000000000000..3416e887d9ebe5ebc52336eff15ba83a6d16df21
>> --- /dev/null
>> +++ b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp
>> @@ -0,0 +1,60 @@
>> +# Copyright 2019 Free Software Foundation, Inc.
>> +
>> +# This program is free software; you can redistribute it and/or modify
>> +# it under the terms of the GNU General Public License as published by
>> +# the Free Software Foundation; either version 3 of the License, or
>> +# (at your option) any later version.
>> +#
>> +# This program is distributed in the hope that it will be useful,
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> +# GNU General Public License for more details.
>> +#
>> +# You should have received a copy of the GNU General Public License
>> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
>> +
>> +# This file is part of the gdb testsuite.
>> +
>> +if { ![istarget "arm*-*-*"]} {
>> + return 1
>> +}
>> +
>> +standard_testfile
>> +if { [prepare_for_testing "failed to prepare" $testfile $srcfile ]} {
>> + return -1
>> +}
>> +
>> +if ![runto_main] {
>> + untested "could not run to main"
>> + return -1
>> +}
>> +
>> +set test "branch to func from main"
>> +gdb_test "si" "0x.*" "$test"
>> +
>> +set test "next instruction in func"
>> +gdb_test "ni" "0x.*" "$test"
>> +
>> +set test "branch to __acle_se_func from func"
>> +gdb_test "ni" "__acle_se_func ().*" "${test}"
>> +
>> +set test "next in __acle_se_func function"
>> +gdb_test "next" "5 .*" "$test"
>> +
>> +set test "next in __acle_se_func function outputs __acle_se_func"
>> +gdb_test "next" "__acle_se_func.*" "$test"
>> +
>> +set test "next in __acle_se_func function controls returns to main"
>> +gdb_test "next" "main ().*" "$test"
>> +
>> +set test "next in main outputs In fun1"
>> +gdb_test "next" "In fun1.*" "$test"
>> +
>> +set test "next in main outputs __acle_se_func"
>> +gdb_test "next" "__acle_se_func.*" "$test"
>> +
>> +set test "control jumps to __acle_se_func from main via func"
>> +gdb_test "step" "__acle_se_func ().*" "${test}"
>> +
>> +set test "next in __acle_se_func function via func"
>> +gdb_test "next" "__acle_se_func.*" "$test"
>>
>> <rb11415.patch>
>