Commit 35b4f3a0 authored by Georgia Kouveli's avatar Georgia Kouveli Committed by Commit Bot

[arm64][cfi] Enable `sim_abort_on_bad_auth` by default.

This requires a small fix in {Push,Pop}CalleeSavedRegisters, where
the return address was signed/authenticated at the wrong point,
which meant the stack pointer used as modifier was different from
the one the StackFrameIterator expected.

Bug: v8:10026
Change-Id: Idebd2ee8f07312b5e99dd2ea5181fc7a7e4a87bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667861
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72542}
parent 831fa62b
......@@ -1199,10 +1199,6 @@ void MacroAssembler::PeekPair(const CPURegister& dst1, const CPURegister& dst2,
}
void MacroAssembler::PushCalleeSavedRegisters() {
#ifdef V8_ENABLE_CONTROL_FLOW_INTEGRITY
Pacibsp();
#endif
{
// Ensure that the macro-assembler doesn't use any scratch registers.
InstructionAccurateScope scope(this);
......@@ -1224,6 +1220,12 @@ void MacroAssembler::PushCalleeSavedRegisters() {
EntryFrameConstants::kCalleeSavedRegisterBytesPushedBeforeFpLrPair ==
18 * kSystemPointerSize);
#ifdef V8_ENABLE_CONTROL_FLOW_INTEGRITY
// Use the stack pointer's value immediately before pushing the LR as the
// context for signing it. This is what the StackFrameIterator expects.
pacibsp();
#endif
stp(x29, x30, tos); // fp, lr
STATIC_ASSERT(
......@@ -1240,6 +1242,12 @@ void MacroAssembler::PopCalleeSavedRegisters() {
ldp(x29, x30, tos); // fp, lr
#ifdef V8_ENABLE_CONTROL_FLOW_INTEGRITY
// The context (stack pointer value) for authenticating the LR here must
// match the one used for signing it (see `PushCalleeSavedRegisters`).
autibsp();
#endif
ldp(x19, x20, tos);
ldp(x21, x22, tos);
ldp(x23, x24, tos);
......@@ -1251,10 +1259,6 @@ void MacroAssembler::PopCalleeSavedRegisters() {
ldp(d12, d13, tos);
ldp(d14, d15, tos);
}
#ifdef V8_ENABLE_CONTROL_FLOW_INTEGRITY
Autibsp();
#endif
}
void TurboAssembler::AssertSpAligned() {
......
......@@ -1415,9 +1415,9 @@ DEFINE_BOOL(trace_sim_messages, false,
#if defined V8_TARGET_ARCH_ARM64
// pointer-auth-arm64.cc
DEFINE_DEBUG_BOOL(sim_abort_on_bad_auth, false,
"Stop execution when a pointer authentication fails in the "
"ARM64 simulator.")
DEFINE_BOOL(sim_abort_on_bad_auth, true,
"Stop execution when a pointer authentication fails in the "
"ARM64 simulator.")
#endif
// isolate.cc
......
......@@ -11861,9 +11861,7 @@ TEST(system_msr) {
}
TEST(system_pauth_b) {
#ifdef DEBUG
i::FLAG_sim_abort_on_bad_auth = false;
#endif
SETUP();
START();
......
......@@ -30,9 +30,7 @@ TEST(compute_pac) {
}
TEST(add_and_auth_pac) {
#ifdef DEBUG
i::FLAG_sim_abort_on_bad_auth = false;
#endif
Decoder<DispatchingDecoderVisitor>* decoder =
new Decoder<DispatchingDecoderVisitor>();
Simulator simulator(decoder);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment