[RFC PATCH, binutils, ARM 8/11, ping] Add support for ARMv8-M Secure Gateway veneer generation

Thomas Preudhomme thomas.preudhomme@foss.arm.com
Thu Jul 14 09:15:00 GMT 2016 

Hi Richard,

On Thursday 07 July 2016 16:27:27 Thomas Preudhomme wrote:
> 
> On Thursday 07 July 2016 11:52:56 Richard Earnshaw wrote:
> > +   As per "ARMv8-M Security Extensions: Requirements on Development
> > Tools"
> > +   document, a secure gateway veneer is needed when there exists a
> > non-local
> > +   function symbol called "normal" symbol (eg. foo) with the same value
> > as a
> > +   symbol with the same type, binding a name save for a __acle_se_
> > prefix,
> > +   called a "special" symbol (eg. __acle_se_foo).  Entry functions
> > handling +   with secure state transition by themselves have these
> > symbols with different
> > +   values.
> > 
> > 
> > This is very unclear as to what is being/needs to be done.  Can you try
> > redrafting it?
> 
> What do you think of the attached updated patch?

Ping?

> 
> By the way, I realized I did not copy over the explanation for the changes
> to elf32_arm_get_plt_info from the original patch submission. I'm adding
> the full cover letter again here to have all the information in one email
> in the archive.
> 
> 
> 
> This patch is part of a patch series to add support for ARMv8-M security
> extension[1] to GNU ld. This specific patch adds support for creating
> ARMv8-M Secure Gateway veneers.
> 
> ARM v8-M security extensions require [3] secure gateway veneers to be
> generated for (secure) entry function in order for code to transition from
> non-secure state to secure state when calling these entry function. Unlike
> other veneers, these veneers are generated independently of relocations, ie
> a veneer can be generated in the absence of relocation. The condition for
> the generation is that the normal symbol (the one whose name is the same as
> in C) of an entry function has the same value as the special symbol (normal
> symbol prefixed with "__acle_se_"). When that happens, the normal symbol is
> rebound to the veneer generated. When the two symbols have different value
> it indicates that the entry function already contains an sg instruction to
> do the secure state transition and the normal symbol points to the sg
> instruction while the special symbol points after that.
> 
> This patch also makes use of the infrastructure laid out in previous patches
> to control the address of these veneers and to avoid the presence of the
> bit pattern of the SG instruction in non secure callable memory, as
> required [4] [5].
> 
> Finally, the patch also contains a small change to elf32_arm_get_plt_info ()
> to return FALSE when there is no PLT, ensuring that a NULL splt is not
> dereferenced in the block starting with "If the call goes through" in
> elf32_arm_final_relocate (). This was not necessary before because
> root_plt-
> >offset is set to -1 in elf32_arm_adjust_dynamic_symbol called by
> 
> _bfd_elf_adjust_dynamic_symbol from bfd_elf_size_dynamic_sections when
> dynobj is not NULL. However, dynobj is set in elf32_arm_check_relocs which
> is not called when there is no relocation in the input section. Such a
> situation is possible while still invoking elf32_arm_final_relocate () due
> to SG veneers being created in the absence of relocation but needing
> themselves relocation.
> 
> [1] Software requirements for ARMv8-M security extension are described in
> document ARM-ECM-0359818 [2]
> [2] Available on http://infocenter.arm.com in Developer guides and articles
> > Software development > ARM®v8-M Security Extensions: Requirements on
> Development Tools
> [3] See section 3.4.3 and requirement 44 of ARM-ECM-0359818 [2]
> [4] requirement 14 and following comment of ARM-ECM-0359818 [2]
> [5] requirement 12 and 13 and following comment of ARM-ECM-0359818 [2]
> 
> 
> ChangeLog entries remain unchanged:
> 
> *** bfd/ChangeLog ***
> 
> 2016-05-04  Thomas Preud'homme  <thomas.preudhomme@arm.com>
> 
>         * elf32-arm.c (CMSE_PREFIX): Define macro.
>         (elf32_arm_stub_cmse_branch_thumb_only): Define stub sequence.
>         (cmse_branch_thumb_only): Declare stub.
>         (struct elf32_arm_link_hash_table): Define cmse_stub_sec field.
>         (elf32_arm_get_plt_info): Add globals parameter.  Use it to return
>         FALSE if there is no PLT.
>         (arm_type_of_stub): Adapt to new elf32_arm_get_plt_info signature.
>         (elf32_arm_final_link_relocate): Likewise.
>         (elf32_arm_gc_sweep_hook): Likewise.
>         (elf32_arm_gc_mark_extra_sections): Mark sections holding ARMv8-M
>         secure entry functions.
>         (arm_stub_is_thumb): Add case for arm_stub_cmse_branch_thumb_only.
>         (arm_dedicated_stub_output_section_required): Change to a switch
> case and add a case for arm_stub_cmse_branch_thumb_only.
>         (arm_dedicated_stub_output_section_required_alignment): Likewise.
>         (arm_stub_dedicated_output_section_name): Likewise.
>         (arm_stub_dedicated_input_section_ptr): Likewise and remove
>         ATTRIBUTE_UNUSED for htab parameter.
>         (arm_stub_required_alignment): Likewise.
>         (arm_stub_sym_claimed): Likewise.
>         (arm_dedicated_stub_section_padding): Likewise.
>         (cmse_scan): New function.
>         (elf32_arm_size_stubs): Call cmse_scan for ARM M profile targets.
>         Set stub_changed to TRUE if such veneers were created.
>         (elf32_arm_swap_symbol_in): Add detection code for CMSE special
>         symbols.
> 
> 
> *** include/elf/ChangeLog ***
> 
> 2015-12-16  Thomas Preud'homme  <thomas.preudhomme@arm.com>
> 
>         * arm.h (ARM_GET_SYM_CMSE_SPCL): Define macro.
>         (ARM_SET_SYM_CMSE_SPCL): Likewise.
> 
> 
> *** ld/ChangeLog ***
> 
> 2016-02-17  Thomas Preud'homme  <thomas.preudhomme@arm.com>
> 
>         * ld.texinfo (Placement of SG veneers): New concept entry.
>         * testsuite/ld-arm/arm-elf.exp
>         (Secure gateway veneers: no .gnu.sgstubs section): New test.
>         (Secure gateway veneers: wrong entry functions): Likewise.
>         (Secure gateway veneers (ARMv8-M Baseline)): Likewise.
>         (Secure gateway veneers (ARMv8-M Mainline)): Likewise.
>         * testsuite/ld-arm/cmse-veneers.s: New file.
>         * testsuite/ld-arm/cmse-veneers.d: Likewise.
>         * testsuite/ld-arm/cmse-veneers.rd: Likewise.
>         * testsuite/ld-arm/cmse-veneers.sd: Likewise.
>         * testsuite/ld-arm/cmse-veneers-no-gnu_sgstubs.out: Likewise.
>         * testsuite/ld-arm/cmse-veneers-wrong-entryfct.out: Likewise.
> 
> 
> Best regards,
> 
> Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sg_veneers_support.patch
Type: text/x-patch
Size: 28720 bytes
Desc: not available
URL: <https://sourceware.org/pipermail/binutils/attachments/20160714/7dfb5247/attachment.bin>

More information about the Binutils mailing list