[PATCH] libebl: Handle aarch64 bti, pac bits in gnu property note

Mark Wielaard mark@klomp.org
Thu Sep 3 15:28:05 GMT 2020


On Thu, 2020-09-03 at 11:56 +0200, Mark Wielaard wrote:
> When building with gcc -mbranch-protection= we might get a gnu property
> note indicating BTI (Branch Target Identification) and/or PAC (Pointer
> Authentication Code) is being used.
> 
> Add a small testcase to show eu-readelf -n now properly lists those
> bits in the gnu property note.

Oops. Forgot to add the new testfile to EXTRA_DIST.

diff --git a/tests/ChangeLog b/tests/ChangeLog
index cb2e9956..61c6cb7c 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -2,6 +2,8 @@
 
 	* testfile-gnu-property-note-aarch64.bz2: New file.
 	* run-readelf-n.sh: Handle testfile-gnu-property-note-aarch64.
+	* Makefile.am (EXTRA_DIST): Add
+	testfile-gnu-property-note-aarch64.bz2.
 
 2020-07-19  Mark Wielaard  <mark@klomp.org>
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d30b8218..939bbb6a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -319,6 +319,7 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     testfile_gnu_props.64le.o.bz2 \
 	     testfile_gnu_props.32be.o.bz2 \
 	     testfile_gnu_props.64be.o.bz2 \
+	     testfile-gnu-property-note-aarch64.bz2 \
 	     run-allfcts-multi.sh \
 	     test-offset-loop.bz2 test-offset-loop.alt.bz2 \
 	     run-prelink-addr-test.sh \

> 
> Signed-off-by: Mark Wielaard <mark@klomp.org>
> ---
>  libebl/ChangeLog                             |   5 ++
>  libebl/eblobjnote.c                          |  67 +++++++++++++++++++
>  tests/ChangeLog                              |   5 ++
>  tests/run-readelf-n.sh                       |  31 +++++++++
>  tests/testfile-gnu-property-note-aarch64.bz2 | Bin 0 -> 1952 bytes
>  5 files changed, 108 insertions(+)
>  create mode 100755 tests/testfile-gnu-property-note-aarch64.bz2
> 
> diff --git a/libebl/ChangeLog b/libebl/ChangeLog
> index e54aa2c9..aa43b31f 100644
> --- a/libebl/ChangeLog
> +++ b/libebl/ChangeLog
> @@ -1,3 +1,8 @@
> +2020-09-03  Mark Wielaard  <mark@klomp.org>
> +
> +	* eblobjnote.c (ebl_object_note): For EM_AARCH64 handle BTI and PAC
> +	in GNU_PROPERTY_AARCH64_FEATURE_1_AND.
> +
>  2020-07-19  Mark Wielaard  <mark@klomp.org>
>  
>  	* libebl.h: Only typedef Ebl if _LIBASM_H is undefined.
> diff --git a/libebl/eblobjnote.c b/libebl/eblobjnote.c
> index f7ac915c..37cbc499 100644
> --- a/libebl/eblobjnote.c
> +++ b/libebl/eblobjnote.c
> @@ -476,6 +476,73 @@ ebl_object_note (Ebl *ebl, uint32_t namesz, const char *name, uint32_t type,
>  			    }
>  			}
>  		    }
> +		  else if (prop.pr_type >= GNU_PROPERTY_LOPROC
> +			   && prop.pr_type <= GNU_PROPERTY_HIPROC
> +			   && ehdr.e_machine == EM_AARCH64)
> +		    {
> +		      printf ("AARCH64 ");
> +		      if (prop.pr_type == GNU_PROPERTY_AARCH64_FEATURE_1_AND)
> +			{
> +			  printf ("FEATURE_1_AND: ");
> +
> +			  if (prop.pr_datasz == 4)
> +			    {
> +			      GElf_Word data;
> +			      in.d_type = ELF_T_WORD;
> +			      out.d_type = ELF_T_WORD;
> +			      in.d_size = 4;
> +			      out.d_size = 4;
> +			      in.d_buf = (void *) desc;
> +			      out.d_buf = (void *) &data;
> +
> +			      if (gelf_xlatetom (ebl->elf, &out, &in,
> +						 elfident[EI_DATA]) == NULL)
> +				{
> +				  printf ("%s\n", elf_errmsg (-1));
> +				  return;
> +				}
> +			      printf ("%08" PRIx32 " ", data);
> +
> +			      if ((data & GNU_PROPERTY_AARCH64_FEATURE_1_BTI)
> +				  != 0)
> +				{
> +				  printf ("BTI");
> +				  data &= ~GNU_PROPERTY_AARCH64_FEATURE_1_BTI;
> +				  if (data != 0)
> +				    printf (" ");
> +				}
> +
> +			      if ((data & GNU_PROPERTY_AARCH64_FEATURE_1_PAC)
> +				  != 0)
> +				{
> +				  printf ("PAC");
> +				  data &= ~GNU_PROPERTY_AARCH64_FEATURE_1_PAC;
> +				  if (data != 0)
> +				    printf (" ");
> +				}
> +
> +			      if (data != 0)
> +				printf ("UNKNOWN");
> +			    }
> +			  else
> +			    printf ("<bad datasz: %" PRId32 ">",
> +				    prop.pr_datasz);
> +
> +			  printf ("\n");
> +			}
> +		      else
> +			{
> +			  printf ("%#" PRIx32, prop.pr_type);
> +			  if (prop.pr_datasz > 0)
> +			    {
> +			      printf (" data: ");
> +			      size_t i;
> +			      for (i = 0; i < prop.pr_datasz - 1; i++)
> +				printf ("%02" PRIx8 " ", (uint8_t) desc[i]);
> +			      printf ("%02" PRIx8 "\n", (uint8_t) desc[i]);
> +			    }
> +			}
> +		    }
>  		  else
>  		    {
>  		      if (prop.pr_type >= GNU_PROPERTY_LOPROC
> diff --git a/tests/ChangeLog b/tests/ChangeLog
> index 047100b0..cb2e9956 100644
> --- a/tests/ChangeLog
> +++ b/tests/ChangeLog
> @@ -1,3 +1,8 @@
> +2020-09-03  Mark Wielaard  <mark@klomp.org>
> +
> +	* testfile-gnu-property-note-aarch64.bz2: New file.
> +	* run-readelf-n.sh: Handle testfile-gnu-property-note-aarch64.
> +
>  2020-07-19  Mark Wielaard  <mark@klomp.org>
>  
>  	* asm-tst1.c: Include libebl.h after libasm.h.
> diff --git a/tests/run-readelf-n.sh b/tests/run-readelf-n.sh
> index cc7d7f66..4c98fd82 100755
> --- a/tests/run-readelf-n.sh
> +++ b/tests/run-readelf-n.sh
> @@ -226,3 +226,34 @@ Note section [ 4] '.note.gnu.property' of 56 bytes at offset 0x40:
>    GNU                    8  GNU_PROPERTY_TYPE_0
>      NO_COPY_ON_PROTECTION
>  EOF
> +
> +# - testfile-gnu-property-note.c
> +# int
> +# main ()
> +# {
> +#   return 0;
> +# }
> +#
> +# gcc -mbranch-protection=standard -c testfile-gnu-property-note.c
> +# gcc -o testfile-gnu-property-note-aarch64 testfile-gnu-property-note.o
> +# eu-strip --remove-section=.gnu.build.attributes \
> +#	   testfile-gnu-property-note-aarch64
> +
> +testfiles testfile-gnu-property-note-aarch64
> +testrun_compare ${abs_top_builddir}/src/readelf -n testfile-gnu-property-note-aarch64 << EOF
> +
> +Note section [ 2] '.note.gnu.property' of 32 bytes at offset 0x2c8:
> +  Owner          Data size  Type
> +  GNU                   16  GNU_PROPERTY_TYPE_0
> +    AARCH64 FEATURE_1_AND: 00000003 BTI PAC
> +
> +Note section [ 3] '.note.gnu.build-id' of 36 bytes at offset 0x2e8:
> +  Owner          Data size  Type
> +  GNU                   20  GNU_BUILD_ID
> +    Build ID: af82d6df6f3b396487e3e27a826ca9cbbbecbe5f
> +
> +Note section [ 4] '.note.ABI-tag' of 32 bytes at offset 0x30c:
> +  Owner          Data size  Type
> +  GNU                   16  GNU_ABI_TAG
> +    OS: Linux, ABI: 3.7.0
> +EOF
> diff --git a/tests/testfile-gnu-property-note-aarch64.bz2 b/tests/testfile-gnu-property-note-aarch64.bz2
> new file mode 100755
> index 0000000000000000000000000000000000000000..2fe37b1957065c4ebeb5ffae4c933fe7da1310b6
> GIT binary patch
> literal 1952
> zcmV;R2VeL?T4*^jL0KkKSqDBAMgRyv|NsC0|Ns2||Nj5ye$M~r-+c6lZ^QU^#;x?+
> zU;F>fU+>@sJhOes+G-$|TXH)Tr-p<<C!wM=hoWT7H5i&{wKUMcnrI%Tnlxw{G-v<=
> zAkZ`b0iXjTK+qZh0BC3$Xf+A70$@y&CeYO$qfG-rrhotd000000MGyc00006K+&Vp
> z000CU0B8o7MngaY1jsbdX^?0PngB8}4Ke`142F#~05miMLnc4~0A$c)4KgATq-ayh
> zeyQllngi5+lmlXnfuMST9;c{!fB-!~rh$+&0LkilfuJ-113&<10QEFMpay_xgk&@T
> zFie9@2AKwc$)E!x5Yr$G5XflLKm$WSG%{oW00vD4K#@qArqMAcv`<2Zsk9NAC#H``
> zO{nq&8e)2xHi+6x$cBxgVKf;Si~&7O4X9*#k4C1{9!St)V2!mJ6RhYCR>LvGxcW7~
> z@(nZ~5&(EWl8^|qIRTI$fLM|YtYpa=^n%@A+rOYt<R>yX5jmp+0EnumLc=Mui!Ak~
> zBZCi3naaqv7?w@f6#Zx$Tgdaz;5AUv->tW^3W#$)m6=F%ofvXfs)eS2mI?E<6*<(X
> zC6px~Q1g(5&{m~iD#dBiWDANUs+ACm<c8&;F0Egwe3co<;Sp8SOT5pbwHZ+yg^rk_
> zZ8dsHE?w0eMhU;Wi#xr!8hs?ig9c`@q&yy9W2uja*T`OdzP>2Gn@>oR0y-+22o*7q
> zl0<|_6*IGTl`oT=pa4a=V&U_Ff_Ul@0T|!2qrI%1Y=cy1)le;=kRT`ip0yMB13>W?
> zD5XM@V!x1sLvV~Xfx0WD1yZpO6FtsqLm38VO-}mlvFT8GQi5!+ZNZ5NDZdOQG=NNG
> zY(SvFAXRMvuV$r)sbZST7-b^1VS!h>-baMh%lcSYKR5ovpBh3*SLrU?NDs-WntF(m
> z1Vq6X;}S?W%toQ0KcX7p49qjgVL`KTHW_XVjyFYVpKIi<7JFR_t~7IWar7P7n+EAf
> zzD;U^3e(Jk6}ZT-*Bg3-EngrGm=@y2Hye9Mgi8l`$r=0JW5L$;4%DzGU}`N%5ymT}
> zgSr4@78-H@W@d0e$r@u56;(71e?0p#&@$;v#DPI>jEB%!MNz2<vZJG?g`m(#&>odk
> z5We;pwu`tBLNZgIKBM>Mr4S;D8)az+AUQhJ!a9Y6nzn{aSPyrfL9u`=#U&w00tyGk
> z8MJGf`BcONPxmoB{2R#;lVYHm4&?ukC)>`DQ?VdImH;T&DbKXfVX#)to@B~+ql!9;
> zA;&KY1`7jVfq`npO6zW$29ao>*uo(Ne!CgatSbhgg%+S_WoJBqM7W^h+mJSGS}9rr
> zLviy_!da7QTr6|hMYegCwnLF~I#dhVZr!YVm^Ia1#|gH?H4R2CMCt_60`n|X9h!3!
> zctUHEI7V4%5m6Vehkif|O9oWQa2`aU{(G1YGS{1A@620<f-Tpc+E%A9l}ZF0*28hG
> ziO~ci6-bvX3)1d_0G9+H?t&!Qc(K2Dv#n!eV{MLFQWD523q2@%NLQzyZ>=rQsPW5+
> zDjKB@jwIUd%&iYtJ<zC|WCWIg%j@fc_BC8%Mq}of7e1v5EP%E4Hw0_TGm=1Z8&MA6
> zYPnS7y28h~EMo|dzXS_lUmqM(2!KBH;7>?MBD%;cbwiBE&^KlAg5JC>ov~e7RpL2}
> zo}24BvAbkgx_at|A_yvBcD7nhWjV?d$OsTxWF!fHDrAwxX63~z;PNPFbP{+H>5GtT
> z8xJzHj4|Eosga_~F=J-r%`9WeD}T{d?0C$I0(DK2Y#4;Y$Qs8mwO~W6SU+bugR6l`
> zOJLT#@HcB>r>KLCGtCIf>8`G5N;L{`rZR4hVpIn*rmiT$$q*9$i)=g5Nbq|_5=J{}
> zVE(cIU`YB!XlOos+?gF9P3B<DrLDjw2_ZN)5Cx4G7cu365(0^&IjA8hK6Dt-L##zi
> za0OOYXoSvA$hSx^WmgM^M9)}xwxo}0dIaEj@pMTN4iJDIG6QN6f$EHBhwg1L29%9)
> z37%w}aLJz)7&<~|U`k-p<tPpsK(P2elu<|`{;_?kIXImwtCzMcgq*lImxIRwZB66}
> zy9>iuv57t?V#(kg4`l#v>7C7tk%HXnqC~EXK(W{mjR;-d{_NuYq#jmD-Z%)L84H-`
> z0vwA&A)sEC#u}qDG|p-Wf?}S#Ow@X~t;?WUKVRO_g__*&4PWJ)6&}^&aO5QzuKc7n
> z+vOg0^5LU~q$D9MZtg!4-7i!E)oin|4XniER>Oy+Z3w)J>*NT%a9`@&r}W#YZ}(j7
> zn=ece4rzkTmk`02Fk*=WD+eLTHb01*`VKm;h32ka6Zu+W4{0Spa*<aW&2Rhq<sWL+
> z5B2QK2nPZRC>o5^5e3@smbFfv7=aEjh<9zi-x(y5uGctzTEaBy?7whp#GJYqMesAS
> z+jhy+1qA{iL{)xle}@cU-2noPMo5JW3RqKZD&KdOs<N-a+Syk^nrf=1PLzOBDAZf?
> mA|oTT(kP`(a*5$m0aG6S{eqyJfv*V{{x0N-aG@X$d@PKR?PwkV
> 
> literal 0
> HcmV?d00001
> 


More information about the Elfutils-devel mailing list