From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1616DEC2 for ; Mon, 19 Dec 2022 06:18:52 +0000 (UTC) Received: by mail-pl1-f172.google.com with SMTP id n4so8077755plp.1 for ; Sun, 18 Dec 2022 22:18:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=xnpXqtwOk4096xQXoOsXv/+jlvNNs1plcpDQ4+FbXcY=; b=f5SsS5D6geDdwx+aToSFbt6cMP51JtPToFXyr5jHxwdLI4WSk6hOf48aT8glAfqCvn 1Eml0QrvgNw0UJfDVnSWYDF06oS4u1i8+r0e9zFfCydME80/R3Mr3lXAYV6cZgY8CeEY Fb/nMcQryf70aU+Wm15zQcGRSqNnbP7XnzyW2hU6PN63VmotEs3KUCcNALaLYS7lPzH/ k4IiuhV08eDBYcbMdUKvuUwF/DcMi0Nw7YDgsR4QtvDjJIEKpZJtZ+hsDOlDvp2r/pkw owrBst7912yrBXNeIj33ssafNCJJDsDsd8Wu+U+sqKATIM3pOkSPNJovf3sVprTJ4Eqd lZqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xnpXqtwOk4096xQXoOsXv/+jlvNNs1plcpDQ4+FbXcY=; b=XS9XYB4HIPCMuzuQQ+29f4noS/iD6OQB5K62puN78Of7Vr30dKhw8nbAfwBwYqkKRj LQMeCpDVa9dlR4qkAS0M/DG/Y2TySXdfgxKQC/NWkxtadYVu7t70AthwLbT0kdzT9f4p zWXFmJoQCQGlTaj7DCyhScIIjPLP72sO0VrbbTYmW+fYddoBsKMFNC4kzv7E+JEuLQqb Q6DxqFUyR3irbAxJzYsPv57Vt/CzVz/cR1BsZqDAxOvbd966lUCzohWHHjL5YfruSSxS B9HdkPADozLXtcAW9tD+O61uMdA5+HJ8tQz0RCuMAnX2w+NcbOcWWXJ6b4QeNeEs3BLw 6k9A== X-Gm-Message-State: ANoB5pmj6ax8pDCzOrfzwFJvibnFm/Y/8wPQWNdkBb1p5TTHP8/EVob9 GtE6cgIfYxbw0pmlPHFIsfl0tD9jTbQRBQ== X-Google-Smtp-Source: AA0mqf7hGnk98vtE8qLeNNbC1u6TGcRYq1xoT+Bc1efX+VUb6hK1CPaw+Oe7bKOtZs9KnrklkOi0SA== X-Received: by 2002:a05:6a20:4e25:b0:ad:f155:7b47 with SMTP id gk37-20020a056a204e2500b000adf1557b47mr22721668pzb.22.1671430731434; Sun, 18 Dec 2022 22:18:51 -0800 (PST) Received: from localhost ([103.152.220.92]) by smtp.gmail.com with ESMTPSA id f28-20020a63101c000000b00478f87eaa44sm5461503pgl.35.2022.12.18.22.18.50 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2022 22:18:51 -0800 (PST) From: Dan Li To: Masahiro Yamada , Michal Marek , Nick Desaulniers , Catalin Marinas , Will Deacon , Sami Tolvanen , Kees Cook , Nathan Chancellor , Tom Rix , Peter Zijlstra , "Paul E. McKenney" , Mark Rutland , Josh Poimboeuf , Frederic Weisbecker , "Eric W. Biederman" , Dan Li , Marco Elver , Christophe Leroy , Song Liu , Andrew Morton , Uros Bizjak , Kumar Kartikeya Dwivedi , Juergen Gross , Luis Chamberlain , Borislav Petkov , Masami Hiramatsu , Dmitry Torokhov , Aaron Tomlin , Kalesh Singh , Yuntao Wang , Changbin Du Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: [RFC/RFT] CFI: Add support for gcc CFI in aarch64 Date: Sun, 18 Dec 2022 22:17:58 -0800 Message-Id: <20221219061758.23321-1-ashimida.1990@gmail.com> X-Mailer: git-send-email 2.17.1 Precedence: bulk X-Mailing-List: llvm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on Sami's patch[1], this patch makes the corresponding kernel configuration of CFI available when compiling the kernel with the gcc[2]. The code after enabling cfi is as follows: int (*p)(void); int func (int) { p(); } __cfi_func: .4byte 0x439d3502 func: ...... adrp x0, p add x0, x0, :lo12:p mov w1, 23592 movk w1, 0x4601, lsl 16 cmp w0, w1 beq .L2 ...... bl cfi_check_failed .L2: blr x19 ret In the compiler part[4], there are some differences from Sami's implementation[3], mainly including: 1. When a typeid mismatch is detected, the cfi_check_failed function will be called instead of the brk instruction. This function needs to be implemented by the compiler user. If there are user mode programs or other systems that want to use this feature, it may be more convenient to use a callback (so this compilation option is set to -fsanitize=cfi instead of kcfi). 2. A reserved typeid (such as 0x0U on the aarch64 platform) is always inserted in front of functions that should not be called indirectly. Functions that can be called indirectly will not use this hash value, which prevents instructions/data before the function from being used as a typeid by an attacker. 3. Some bits are ignored in the typeid to avoid conflicts between the typeid and the instruction set of a specific platform, thereby preventing an attacker from bypassing the CFI check by using the instruction as a typeid, such as on the aarch64 platform: * If the following instruction sequence exists: 400620: a9be7bfd stp x29, x30, [sp, #-32]! 400624: 910003fd mov x29, sp 400628: f9000bf3 str x19, [sp, #16] * If the expected typeid of the indirect call is exactly 0x910003fd, the attacker can jump to the next instruction position of any "mov x29,sp" instruction (such as 0x400628 here). 4. Insert a symbol __cfi_ before each function's typeid, which may be helpful for fine-grained KASLR implementations (or not?). 5. The current implementation of gcc only supports the aarch64 platform. This produces the following oops on CFI failure (generated using lkdtm): /kselftest_install/lkdtm # ./CFI_FORWARD_PROTO.sh [ 74.856516] lkdtm: Performing direct entry CFI_FORWARD_PROTO [ 74.856878] lkdtm: Calling matched prototype ... [ 74.857011] lkdtm: Calling mismatched prototype ... [ 74.857133] CFI failure at lkdtm_indirect_call+0x30/0x50 (target: lkdtm_increment_int+0x0/0x1c; expected type: 0xc59c68f1) [ 74.858185] Kernel panic - not syncing: Oops - CFI [ 74.859240] CPU: 0 PID: 129 Comm: cat Not tainted 6.0.0-rc4-00024-g32bf7f14f497-dirty #150 [ 74.859481] Hardware name: linux,dummy-virt (DT) [ 74.859795] Call trace: [ 74.859959] dump_backtrace.part.0+0xcc/0xe0 [ 74.860212] show_stack+0x18/0x5c [ 74.860327] dump_stack_lvl+0x64/0x84 [ 74.860398] dump_stack+0x18/0x38 [ 74.860443] panic+0x170/0x36c [ 74.860496] cfi_check_failed+0x38/0x44 [ 74.860564] lkdtm_indirect_call+0x30/0x50 [ 74.860614] lkdtm_CFI_FORWARD_PROTO+0x3c/0x6c [ 74.860701] lkdtm_do_action+0x44/0x58 [ 74.860764] direct_entry+0x148/0x160 [ 74.860814] full_proxy_write+0x74/0xe0 [ 74.860874] vfs_write+0xd8/0x2d0 [ 74.860942] ksys_write+0x70/0x110 [ 74.861000] __arm64_sys_write+0x1c/0x30 [ 74.861067] invoke_syscall+0x5c/0x140 [ 74.861117] el0_svc_common.constprop.0+0x44/0xf0 [ 74.861190] do_el0_svc+0x2c/0xc0 [ 74.861233] el0_svc+0x20/0x60 [ 74.861287] el0t_64_sync_handler+0xf4/0x124 [ 74.861340] el0t_64_sync+0x160/0x164 [ 74.861782] SMP: stopping secondary CPUs [ 74.862336] Kernel Offset: disabled [ 74.862439] CPU features: 0x0000,00075024,699418af [ 74.862799] Memory Limit: none [ 74.863373] ---[ end Kernel panic - not syncing: Oops - CFI ]--- The gcc-related patches[4] are based on tag: releases/gcc-12.2.0. Any suggestion please let me know :). Thanks, Dan. [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/ [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107048 [3] https://reviews.llvm.org/D119296 [4] https://lore.kernel.org/linux-hardening/20221219055431.22596-1-ashimida.1990@gmail.com/ Signed-off-by: Dan Li --- Makefile | 6 ++++++ arch/Kconfig | 24 +++++++++++++++++++++++- arch/arm64/Kconfig | 1 + include/linux/cfi_types.h | 15 +++++++++++---- include/linux/compiler-gcc.h | 4 ++++ kernel/Makefile | 1 + kernel/cfi.c | 23 +++++++++++++++++++++++ scripts/kallsyms.c | 4 +++- 8 files changed, 72 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 43e08c9f95e9..7c74dac57aa4 100644 --- a/Makefile +++ b/Makefile @@ -926,6 +926,12 @@ KBUILD_CFLAGS += $(CC_FLAGS_CFI) export CC_FLAGS_CFI endif +ifdef CONFIG_CFI_GCC +CC_FLAGS_CFI := -fsanitize=cfi +KBUILD_CFLAGS += $(CC_FLAGS_CFI) +export CC_FLAGS_CFI +endif + ifdef CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B KBUILD_CFLAGS += -falign-functions=64 endif diff --git a/arch/Kconfig b/arch/Kconfig index 1c1eca0c0019..8b43a9fd3b54 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -756,9 +756,31 @@ config CFI_CLANG https://clang.llvm.org/docs/ControlFlowIntegrity.html +config ARCH_SUPPORTS_CFI_GCC + bool + help + An architecture should select this option if it can support GCC's + Control-Flow Integrity (CFI) checking. + +config CFI_GCC + bool "Use GCC's Control Flow Integrity (CFI)" + depends on ARCH_SUPPORTS_CFI_GCC + depends on $(cc-option,-fsanitize=cfi) + help + This option enables GCC’s forward-edge Control Flow Integrity + (CFI) checking, where the compiler injects a runtime check to each + indirect function call to ensure the target is a valid function with + the correct static type. This restricts possible call targets and + makes it more difficult for an attacker to exploit bugs that allow + the modification of stored function pointers. More information can be + found from the compiler's documentation: + + - Clang: https://clang.llvm.org/docs/ControlFlowIntegrity.html + - GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options + config CFI_PERMISSIVE bool "Use CFI in permissive mode" - depends on CFI_CLANG + depends on CFI_CLANG || CFI_GCC help When selected, Control Flow Integrity (CFI) violations result in a warning instead of a kernel panic. This option should only be used diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 9fb9fff08c94..60fdfb01cecb 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -89,6 +89,7 @@ config ARM64 select ARCH_SUPPORTS_LTO_CLANG if CPU_LITTLE_ENDIAN select ARCH_SUPPORTS_LTO_CLANG_THIN select ARCH_SUPPORTS_CFI_CLANG + select ARCH_SUPPORTS_CFI_GCC select ARCH_SUPPORTS_ATOMIC_RMW select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 select ARCH_SUPPORTS_NUMA_BALANCING diff --git a/include/linux/cfi_types.h b/include/linux/cfi_types.h index 6b8713675765..1c3b7ea6a79f 100644 --- a/include/linux/cfi_types.h +++ b/include/linux/cfi_types.h @@ -8,18 +8,25 @@ #ifdef __ASSEMBLY__ #include -#ifdef CONFIG_CFI_CLANG +#if defined(CONFIG_CFI_CLANG) || defined(CONFIG_CFI_GCC) /* - * Use the __kcfi_typeid_ type identifier symbol to + * Use the __[k]cfi_typeid_ type identifier symbol to * annotate indirectly called assembly functions. The compiler emits * these symbols for all address-taken function declarations in C * code. */ #ifndef __CFI_TYPE + +#ifdef CONFIG_CFI_GCC +#define __CFI_TYPE(name) \ + .4byte __cfi_typeid_##name +#else #define __CFI_TYPE(name) \ .4byte __kcfi_typeid_##name #endif +#endif + #define SYM_TYPED_ENTRY(name, linkage, align...) \ linkage(name) ASM_NL \ align ASM_NL \ @@ -29,12 +36,12 @@ #define SYM_TYPED_START(name, linkage, align...) \ SYM_TYPED_ENTRY(name, linkage, align) -#else /* CONFIG_CFI_CLANG */ +#else /* defined(CONFIG_CFI_CLANG) || defined(CONFIG_CFI_GCC) */ #define SYM_TYPED_START(name, linkage, align...) \ SYM_START(name, linkage, align) -#endif /* CONFIG_CFI_CLANG */ +#endif /* defined(CONFIG_CFI_CLANG) || defined(CONFIG_CFI_GCC) */ #ifndef SYM_TYPED_FUNC_START #define SYM_TYPED_FUNC_START(name) \ diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index 9b157b71036f..aec1ce327b1a 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -82,6 +82,10 @@ #define __noscs __attribute__((__no_sanitize__("shadow-call-stack"))) #endif +#ifdef CONFIG_CFI_GCC +#define __nocfi __attribute__((no_sanitize("cfi"))) +#endif + #if __has_attribute(__no_sanitize_address__) #define __no_sanitize_address __attribute__((no_sanitize_address)) #else diff --git a/kernel/Makefile b/kernel/Makefile index 318789c728d3..923d3e060852 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -114,6 +114,7 @@ obj-$(CONFIG_SHADOW_CALL_STACK) += scs.o obj-$(CONFIG_HAVE_STATIC_CALL) += static_call.o obj-$(CONFIG_HAVE_STATIC_CALL_INLINE) += static_call_inline.o obj-$(CONFIG_CFI_CLANG) += cfi.o +obj-$(CONFIG_CFI_GCC) += cfi.o obj-$(CONFIG_PERF_EVENTS) += events/ diff --git a/kernel/cfi.c b/kernel/cfi.c index 08caad776717..9bff35736756 100644 --- a/kernel/cfi.c +++ b/kernel/cfi.c @@ -25,6 +25,7 @@ enum bug_trap_type report_cfi_failure(struct pt_regs *regs, unsigned long addr, return BUG_TRAP_TYPE_BUG; } +#ifdef CONFIG_CFI_CLANG #ifdef CONFIG_ARCH_USES_CFI_TRAPS static inline unsigned long trap_address(s32 *p) { @@ -99,3 +100,25 @@ bool is_cfi_trap(unsigned long addr) return is_module_cfi_trap(addr); } #endif /* CONFIG_ARCH_USES_CFI_TRAPS */ +#endif /* CONFIG_CFI_CLANG */ + + +#ifdef CONFIG_CFI_GCC +void cfi_check_failed(u32 caller_hash, u32 callee_hash, void *callee_addr) +{ + unsigned long pc, target; + + pc = (unsigned long)__builtin_return_address(0); + target = (unsigned long)callee_addr; + + switch (report_cfi_failure(NULL, pc, &target, caller_hash)) { + case BUG_TRAP_TYPE_WARN: + break; + + default: + panic("Oops - CFI"); + } +} +EXPORT_SYMBOL(cfi_check_failed); + +#endif /* CONFIG_CFI_GCC */ diff --git a/scripts/kallsyms.c b/scripts/kallsyms.c index ccdf0c897f31..ed8db513b918 100644 --- a/scripts/kallsyms.c +++ b/scripts/kallsyms.c @@ -119,7 +119,9 @@ static bool is_ignored_symbol(const char *name, char type) "__ThumbV7PILongThunk_", "__LA25Thunk_", /* mips lld */ "__microLA25Thunk_", - "__kcfi_typeid_", /* CFI type identifiers */ + "__kcfi_typeid_", /* CFI type identifiers in Clang */ + "__cfi_", /* CFI type identifiers in GCC */ + "__pi___cfi", /* CFI type identifiers in GCC */ NULL }; -- 2.17.1 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0C938C4332F for ; Mon, 19 Dec 2022 06:20:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=AsORSsoHGd8ev+vG/AQqro0Y3cVBQxt7w5t8GrUPLcc=; b=aHvygZOEiXFKvG nRS7cwDleFLXESYeWasWwopm6G27glUin5YVThrKjgq4kUtAiGBda/1gEhiRPzWr73PGc/JrmL+tl naCfpXdtmAg2R0nKJpdZBQ27R/wqUJRCkF3o7e3qOSnT3t6Z5dXu2Jv0yDVt06oF653YIACykt+s7 eWGCv4GqryW1vkVMdUpwuvPL/KVre8c3MopDt/PvpFzTVtoUysziTHjdOfaRlye4ixh55ioIejN0s 9PexaQKyv6tty4YByTySC3P313r5dHo7nIuXXyuUI+Fm13s0PoMKxceiKv6JTGhKsEHrcNH9mSWmf MeSJputjiPTRHj2TF2kQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1p79Uq-009BuF-GA; Mon, 19 Dec 2022 06:19:32 +0000 Received: from mail-pj1-x1035.google.com ([2607:f8b0:4864:20::1035]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1p79UD-009BRl-NG for linux-arm-kernel@lists.infradead.org; Mon, 19 Dec 2022 06:18:59 +0000 Received: by mail-pj1-x1035.google.com with SMTP id t11-20020a17090a024b00b0021932afece4so11929151pje.5 for ; Sun, 18 Dec 2022 22:18:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=xnpXqtwOk4096xQXoOsXv/+jlvNNs1plcpDQ4+FbXcY=; b=f5SsS5D6geDdwx+aToSFbt6cMP51JtPToFXyr5jHxwdLI4WSk6hOf48aT8glAfqCvn 1Eml0QrvgNw0UJfDVnSWYDF06oS4u1i8+r0e9zFfCydME80/R3Mr3lXAYV6cZgY8CeEY Fb/nMcQryf70aU+Wm15zQcGRSqNnbP7XnzyW2hU6PN63VmotEs3KUCcNALaLYS7lPzH/ k4IiuhV08eDBYcbMdUKvuUwF/DcMi0Nw7YDgsR4QtvDjJIEKpZJtZ+hsDOlDvp2r/pkw owrBst7912yrBXNeIj33ssafNCJJDsDsd8Wu+U+sqKATIM3pOkSPNJovf3sVprTJ4Eqd lZqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xnpXqtwOk4096xQXoOsXv/+jlvNNs1plcpDQ4+FbXcY=; b=u1V2KV1mtJmRy+G2eHMhzOtMWEc6FrET6e/COJOJ/W7GyX5+ZpJVAfmlmtAPJY96Oc fb/ExlQHxN2nOxzyCk/OQgvXsLWNmsTg8daASF4cXqp75rL2vWjJJkVZKPdWuIsINslI WeooD6H2j0wj89MooyxD7nC17V7CxEEHzKzfUIcMKcj5p7YblSza6cjeRfwJOq8RqJdk BiWH4ocd1QePu4bYWpDjvMPLFbb+3RSgrzO4SHKsVco0sE/b0hekFG4/pw4wDOPlhRxO kzMk/yBC1WjdeZiBXv+46E4BpqvUKwqF783ZY6Lzy0pgu0Czw2/ApQU137QuiA7PE2Oq g6Dg== X-Gm-Message-State: ANoB5pmAiCFxYw2zX03zXWrKDi4iQ2bY+TZlFNHJzN3DXWb/l1/IPRKK 5vZp0tvGW2i+sz95daciGE0= X-Google-Smtp-Source: AA0mqf7hGnk98vtE8qLeNNbC1u6TGcRYq1xoT+Bc1efX+VUb6hK1CPaw+Oe7bKOtZs9KnrklkOi0SA== X-Received: by 2002:a05:6a20:4e25:b0:ad:f155:7b47 with SMTP id gk37-20020a056a204e2500b000adf1557b47mr22721668pzb.22.1671430731434; Sun, 18 Dec 2022 22:18:51 -0800 (PST) Received: from localhost ([103.152.220.92]) by smtp.gmail.com with ESMTPSA id f28-20020a63101c000000b00478f87eaa44sm5461503pgl.35.2022.12.18.22.18.50 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2022 22:18:51 -0800 (PST) From: Dan Li To: Masahiro Yamada , Michal Marek , Nick Desaulniers , Catalin Marinas , Will Deacon , Sami Tolvanen , Kees Cook , Nathan Chancellor , Tom Rix , Peter Zijlstra , "Paul E. McKenney" , Mark Rutland , Josh Poimboeuf , Frederic Weisbecker , "Eric W. Biederman" , Dan Li , Marco Elver , Christophe Leroy , Song Liu , Andrew Morton , Uros Bizjak , Kumar Kartikeya Dwivedi , Juergen Gross , Luis Chamberlain , Borislav Petkov , Masami Hiramatsu , Dmitry Torokhov , Aaron Tomlin , Kalesh Singh , Yuntao Wang , Changbin Du Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev Subject: [RFC/RFT] CFI: Add support for gcc CFI in aarch64 Date: Sun, 18 Dec 2022 22:17:58 -0800 Message-Id: <20221219061758.23321-1-ashimida.1990@gmail.com> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221218_221853_848127_2DD980C9 X-CRM114-Status: GOOD ( 33.24 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org QmFzZWQgb24gU2FtaSdzIHBhdGNoWzFdLCB0aGlzIHBhdGNoIG1ha2VzIHRoZSBjb3JyZXNwb25k aW5nIGtlcm5lbApjb25maWd1cmF0aW9uIG9mIENGSSBhdmFpbGFibGUgd2hlbiBjb21waWxpbmcg dGhlIGtlcm5lbCB3aXRoIHRoZSBnY2NbMl0uCgpUaGUgY29kZSBhZnRlciBlbmFibGluZyBjZmkg aXMgYXMgZm9sbG93czoKCmludCAoKnApKHZvaWQpOwppbnQgZnVuYyAoaW50KQp7CglwKCk7Cn0K Cl9fY2ZpX2Z1bmM6CiAgICAgICAgLjRieXRlIDB4NDM5ZDM1MDIKZnVuYzoKICAgICAgICAuLi4u Li4KICAgICAgICBhZHJwICAgIHgwLCBwCiAgICAgICAgYWRkICAgICB4MCwgeDAsIDpsbzEyOnAK ICAgICAgICBtb3YgICAgIHcxLCAyMzU5MgogICAgICAgIG1vdmsgICAgdzEsIDB4NDYwMSwgbHNs IDE2CiAgICAgICAgY21wICAgICB3MCwgdzEKICAgICAgICBiZXEgICAgIC5MMgogICAgICAgIC4u Li4uLgogICAgICAgIGJsICAgICAgY2ZpX2NoZWNrX2ZhaWxlZAouTDI6CiAgICAgICAgYmxyICAg ICB4MTkKICAgICAgICByZXQKCkluIHRoZSBjb21waWxlciBwYXJ0WzRdLCB0aGVyZSBhcmUgc29t ZSBkaWZmZXJlbmNlcyBmcm9tIFNhbWkncwppbXBsZW1lbnRhdGlvblszXSwgbWFpbmx5IGluY2x1 ZGluZzoKCjEuIFdoZW4gYSB0eXBlaWQgbWlzbWF0Y2ggaXMgZGV0ZWN0ZWQsIHRoZSBjZmlfY2hl Y2tfZmFpbGVkIGZ1bmN0aW9uCiAgIHdpbGwgYmUgY2FsbGVkIGluc3RlYWQgb2YgdGhlIGJyayBp bnN0cnVjdGlvbi4gVGhpcyBmdW5jdGlvbiBuZWVkcwogICB0byBiZSBpbXBsZW1lbnRlZCBieSB0 aGUgY29tcGlsZXIgdXNlci4KICAgSWYgdGhlcmUgYXJlIHVzZXIgbW9kZSBwcm9ncmFtcyBvciBv dGhlciBzeXN0ZW1zIHRoYXQgd2FudCB0byB1c2UKICAgdGhpcyBmZWF0dXJlLCBpdCBtYXkgYmUg bW9yZSBjb252ZW5pZW50IHRvIHVzZSBhIGNhbGxiYWNrIChzbyB0aGlzCiAgIGNvbXBpbGF0aW9u IG9wdGlvbiBpcyBzZXQgdG8gLWZzYW5pdGl6ZT1jZmkgaW5zdGVhZCBvZiBrY2ZpKS4KCjIuIEEg cmVzZXJ2ZWQgdHlwZWlkIChzdWNoIGFzIDB4MFUgb24gdGhlIGFhcmNoNjQgcGxhdGZvcm0pIGlz IGFsd2F5cwogICBpbnNlcnRlZCBpbiBmcm9udCBvZiBmdW5jdGlvbnMgdGhhdCBzaG91bGQgbm90 IGJlIGNhbGxlZCBpbmRpcmVjdGx5LgogICBGdW5jdGlvbnMgdGhhdCBjYW4gYmUgY2FsbGVkIGlu ZGlyZWN0bHkgd2lsbCBub3QgdXNlIHRoaXMgaGFzaCB2YWx1ZSwKICAgd2hpY2ggcHJldmVudHMg aW5zdHJ1Y3Rpb25zL2RhdGEgYmVmb3JlIHRoZSBmdW5jdGlvbiBmcm9tIGJlaW5nIHVzZWQKICAg YXMgYSB0eXBlaWQgYnkgYW4gYXR0YWNrZXIuCgozLiBTb21lIGJpdHMgYXJlIGlnbm9yZWQgaW4g dGhlIHR5cGVpZCB0byBhdm9pZCBjb25mbGljdHMgYmV0d2VlbiB0aGUKICAgdHlwZWlkIGFuZCB0 aGUgaW5zdHJ1Y3Rpb24gc2V0IG9mIGEgc3BlY2lmaWMgcGxhdGZvcm0sIHRoZXJlYnkKICAgcHJl dmVudGluZyBhbiBhdHRhY2tlciBmcm9tIGJ5cGFzc2luZyB0aGUgQ0ZJIGNoZWNrIGJ5IHVzaW5n IHRoZQogICBpbnN0cnVjdGlvbiBhcyBhIHR5cGVpZCwgc3VjaCBhcyBvbiB0aGUgYWFyY2g2NCBw bGF0Zm9ybToKICAgKiBJZiB0aGUgZm9sbG93aW5nIGluc3RydWN0aW9uIHNlcXVlbmNlIGV4aXN0 czoKCSAgNDAwNjIwOiAgICAgICBhOWJlN2JmZCAgICAgICAgc3RwICAgICB4MjksIHgzMCwgW3Nw LCAjLTMyXSEKCSAgNDAwNjI0OiAgICAgICA5MTAwMDNmZCAgICAgICAgbW92ICAgICB4MjksIHNw CgkgIDQwMDYyODogICAgICAgZjkwMDBiZjMgICAgICAgIHN0ciAgICAgeDE5LCBbc3AsICMxNl0K ICAgKiBJZiB0aGUgZXhwZWN0ZWQgdHlwZWlkIG9mIHRoZSBpbmRpcmVjdCBjYWxsIGlzIGV4YWN0 bHkgMHg5MTAwMDNmZCwKICAgICB0aGUgYXR0YWNrZXIgY2FuIGp1bXAgdG8gdGhlIG5leHQgaW5z dHJ1Y3Rpb24gcG9zaXRpb24gb2YgYW55CiAgICAgIm1vdiB4Mjksc3AiIGluc3RydWN0aW9uIChz dWNoIGFzIDB4NDAwNjI4IGhlcmUpLgoKNC4gSW5zZXJ0IGEgc3ltYm9sIF9fY2ZpXzxmdW5jdGlv bj4gYmVmb3JlIGVhY2ggZnVuY3Rpb24ncyB0eXBlaWQsCiAgIHdoaWNoIG1heSBiZSBoZWxwZnVs IGZvciBmaW5lLWdyYWluZWQgS0FTTFIgaW1wbGVtZW50YXRpb25zIChvciBub3Q/KS4KCjUuIFRo ZSBjdXJyZW50IGltcGxlbWVudGF0aW9uIG9mIGdjYyBvbmx5IHN1cHBvcnRzIHRoZSBhYXJjaDY0 IHBsYXRmb3JtLgoKVGhpcyBwcm9kdWNlcyB0aGUgZm9sbG93aW5nIG9vcHMgb24gQ0ZJIGZhaWx1 cmUgKGdlbmVyYXRlZCB1c2luZyBsa2R0bSk6Cgova3NlbGZ0ZXN0X2luc3RhbGwvbGtkdG0gIyAu L0NGSV9GT1JXQVJEX1BST1RPLnNoClsgICA3NC44NTY1MTZdIGxrZHRtOiBQZXJmb3JtaW5nIGRp cmVjdCBlbnRyeSBDRklfRk9SV0FSRF9QUk9UTwpbICAgNzQuODU2ODc4XSBsa2R0bTogQ2FsbGlu ZyBtYXRjaGVkIHByb3RvdHlwZSAuLi4KWyAgIDc0Ljg1NzAxMV0gbGtkdG06IENhbGxpbmcgbWlz bWF0Y2hlZCBwcm90b3R5cGUgLi4uClsgICA3NC44NTcxMzNdIENGSSBmYWlsdXJlIGF0IGxrZHRt X2luZGlyZWN0X2NhbGwrMHgzMC8weDUwICh0YXJnZXQ6IGxrZHRtX2luY3JlbWVudF9pbnQrMHgw LzB4MWM7IGV4cGVjdGVkIHR5cGU6IDB4YzU5YzY4ZjEpClsgICA3NC44NTgxODVdIEtlcm5lbCBw YW5pYyAtIG5vdCBzeW5jaW5nOiBPb3BzIC0gQ0ZJClsgICA3NC44NTkyNDBdIENQVTogMCBQSUQ6 IDEyOSBDb21tOiBjYXQgTm90IHRhaW50ZWQgNi4wLjAtcmM0LTAwMDI0LWczMmJmN2YxNGY0OTct ZGlydHkgIzE1MApbICAgNzQuODU5NDgxXSBIYXJkd2FyZSBuYW1lOiBsaW51eCxkdW1teS12aXJ0 IChEVCkKWyAgIDc0Ljg1OTc5NV0gQ2FsbCB0cmFjZToKWyAgIDc0Ljg1OTk1OV0gIGR1bXBfYmFj a3RyYWNlLnBhcnQuMCsweGNjLzB4ZTAKWyAgIDc0Ljg2MDIxMl0gIHNob3dfc3RhY2srMHgxOC8w eDVjClsgICA3NC44NjAzMjddICBkdW1wX3N0YWNrX2x2bCsweDY0LzB4ODQKWyAgIDc0Ljg2MDM5 OF0gIGR1bXBfc3RhY2srMHgxOC8weDM4ClsgICA3NC44NjA0NDNdICBwYW5pYysweDE3MC8weDM2 YwpbICAgNzQuODYwNDk2XSAgY2ZpX2NoZWNrX2ZhaWxlZCsweDM4LzB4NDQKWyAgIDc0Ljg2MDU2 NF0gIGxrZHRtX2luZGlyZWN0X2NhbGwrMHgzMC8weDUwClsgICA3NC44NjA2MTRdICBsa2R0bV9D RklfRk9SV0FSRF9QUk9UTysweDNjLzB4NmMKWyAgIDc0Ljg2MDcwMV0gIGxrZHRtX2RvX2FjdGlv bisweDQ0LzB4NTgKWyAgIDc0Ljg2MDc2NF0gIGRpcmVjdF9lbnRyeSsweDE0OC8weDE2MApbICAg NzQuODYwODE0XSAgZnVsbF9wcm94eV93cml0ZSsweDc0LzB4ZTAKWyAgIDc0Ljg2MDg3NF0gIHZm c193cml0ZSsweGQ4LzB4MmQwClsgICA3NC44NjA5NDJdICBrc3lzX3dyaXRlKzB4NzAvMHgxMTAK WyAgIDc0Ljg2MTAwMF0gIF9fYXJtNjRfc3lzX3dyaXRlKzB4MWMvMHgzMApbICAgNzQuODYxMDY3 XSAgaW52b2tlX3N5c2NhbGwrMHg1Yy8weDE0MApbICAgNzQuODYxMTE3XSAgZWwwX3N2Y19jb21t b24uY29uc3Rwcm9wLjArMHg0NC8weGYwClsgICA3NC44NjExOTBdICBkb19lbDBfc3ZjKzB4MmMv MHhjMApbICAgNzQuODYxMjMzXSAgZWwwX3N2YysweDIwLzB4NjAKWyAgIDc0Ljg2MTI4N10gIGVs MHRfNjRfc3luY19oYW5kbGVyKzB4ZjQvMHgxMjQKWyAgIDc0Ljg2MTM0MF0gIGVsMHRfNjRfc3lu YysweDE2MC8weDE2NApbICAgNzQuODYxNzgyXSBTTVA6IHN0b3BwaW5nIHNlY29uZGFyeSBDUFVz ClsgICA3NC44NjIzMzZdIEtlcm5lbCBPZmZzZXQ6IGRpc2FibGVkClsgICA3NC44NjI0MzldIENQ VSBmZWF0dXJlczogMHgwMDAwLDAwMDc1MDI0LDY5OTQxOGFmClsgICA3NC44NjI3OTldIE1lbW9y eSBMaW1pdDogbm9uZQpbICAgNzQuODYzMzczXSAtLS1bIGVuZCBLZXJuZWwgcGFuaWMgLSBub3Qg c3luY2luZzogT29wcyAtIENGSSBdLS0tCgpUaGUgZ2NjLXJlbGF0ZWQgcGF0Y2hlc1s0XSBhcmUg YmFzZWQgb24gdGFnOiByZWxlYXNlcy9nY2MtMTIuMi4wLgoKQW55IHN1Z2dlc3Rpb24gcGxlYXNl IGxldCBtZSBrbm93IDopLgoKVGhhbmtzLCBEYW4uCgpbMV0gaHR0cHM6Ly9sb3JlLmtlcm5lbC5v cmcvYWxsLzIwMjIwOTA4MjE1NTA0LjM2ODY4MjctMS1zYW1pdG9sdmFuZW5AZ29vZ2xlLmNvbS8K WzJdIGh0dHBzOi8vZ2NjLmdudS5vcmcvYnVnemlsbGEvc2hvd19idWcuY2dpP2lkPTEwNzA0OApb M10gaHR0cHM6Ly9yZXZpZXdzLmxsdm0ub3JnL0QxMTkyOTYKWzRdIGh0dHBzOi8vbG9yZS5rZXJu ZWwub3JnL2xpbnV4LWhhcmRlbmluZy8yMDIyMTIxOTA1NTQzMS4yMjU5Ni0xLWFzaGltaWRhLjE5 OTBAZ21haWwuY29tLwoKU2lnbmVkLW9mZi1ieTogRGFuIExpIDxhc2hpbWlkYS4xOTkwQGdtYWls LmNvbT4KLS0tCiBNYWtlZmlsZSAgICAgICAgICAgICAgICAgICAgIHwgIDYgKysrKysrCiBhcmNo L0tjb25maWcgICAgICAgICAgICAgICAgIHwgMjQgKysrKysrKysrKysrKysrKysrKysrKystCiBh cmNoL2FybTY0L0tjb25maWcgICAgICAgICAgIHwgIDEgKwogaW5jbHVkZS9saW51eC9jZmlfdHlw ZXMuaCAgICB8IDE1ICsrKysrKysrKysrLS0tLQogaW5jbHVkZS9saW51eC9jb21waWxlci1nY2Mu aCB8ICA0ICsrKysKIGtlcm5lbC9NYWtlZmlsZSAgICAgICAgICAgICAgfCAgMSArCiBrZXJuZWwv Y2ZpLmMgICAgICAgICAgICAgICAgIHwgMjMgKysrKysrKysrKysrKysrKysrKysrKysKIHNjcmlw dHMva2FsbHN5bXMuYyAgICAgICAgICAgfCAgNCArKystCiA4IGZpbGVzIGNoYW5nZWQsIDcyIGlu c2VydGlvbnMoKyksIDYgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvTWFrZWZpbGUgYi9NYWtl ZmlsZQppbmRleCA0M2UwOGM5Zjk1ZTkuLjdjNzRkYWM1N2FhNCAxMDA2NDQKLS0tIGEvTWFrZWZp bGUKKysrIGIvTWFrZWZpbGUKQEAgLTkyNiw2ICs5MjYsMTIgQEAgS0JVSUxEX0NGTEFHUwkrPSAk KENDX0ZMQUdTX0NGSSkKIGV4cG9ydCBDQ19GTEFHU19DRkkKIGVuZGlmCiAKK2lmZGVmIENPTkZJ R19DRklfR0NDCitDQ19GTEFHU19DRkkJOj0gLWZzYW5pdGl6ZT1jZmkKK0tCVUlMRF9DRkxBR1MJ Kz0gJChDQ19GTEFHU19DRkkpCitleHBvcnQgQ0NfRkxBR1NfQ0ZJCitlbmRpZgorCiBpZmRlZiBD T05GSUdfREVCVUdfRk9SQ0VfRlVOQ1RJT05fQUxJR05fNjRCCiBLQlVJTERfQ0ZMQUdTICs9IC1m YWxpZ24tZnVuY3Rpb25zPTY0CiBlbmRpZgpkaWZmIC0tZ2l0IGEvYXJjaC9LY29uZmlnIGIvYXJj aC9LY29uZmlnCmluZGV4IDFjMWVjYTBjMDAxOS4uOGI0M2E5ZmQzYjU0IDEwMDY0NAotLS0gYS9h cmNoL0tjb25maWcKKysrIGIvYXJjaC9LY29uZmlnCkBAIC03NTYsOSArNzU2LDMxIEBAIGNvbmZp ZyBDRklfQ0xBTkcKIAogCSAgICBodHRwczovL2NsYW5nLmxsdm0ub3JnL2RvY3MvQ29udHJvbEZs b3dJbnRlZ3JpdHkuaHRtbAogCitjb25maWcgQVJDSF9TVVBQT1JUU19DRklfR0NDCisJYm9vbAor CWhlbHAKKwkgIEFuIGFyY2hpdGVjdHVyZSBzaG91bGQgc2VsZWN0IHRoaXMgb3B0aW9uIGlmIGl0 IGNhbiBzdXBwb3J0IEdDQydzCisJICBDb250cm9sLUZsb3cgSW50ZWdyaXR5IChDRkkpIGNoZWNr aW5nLgorCitjb25maWcgQ0ZJX0dDQworCWJvb2wgIlVzZSBHQ0MncyBDb250cm9sIEZsb3cgSW50 ZWdyaXR5IChDRkkpIgorCWRlcGVuZHMgb24gQVJDSF9TVVBQT1JUU19DRklfR0NDCisJZGVwZW5k cyBvbiAkKGNjLW9wdGlvbiwtZnNhbml0aXplPWNmaSkKKwloZWxwCisJICBUaGlzIG9wdGlvbiBl bmFibGVzIEdDQ+KAmXMgZm9yd2FyZC1lZGdlIENvbnRyb2wgRmxvdyBJbnRlZ3JpdHkKKwkgIChD RkkpIGNoZWNraW5nLCB3aGVyZSB0aGUgY29tcGlsZXIgaW5qZWN0cyBhIHJ1bnRpbWUgY2hlY2sg dG8gZWFjaAorCSAgaW5kaXJlY3QgZnVuY3Rpb24gY2FsbCB0byBlbnN1cmUgdGhlIHRhcmdldCBp cyBhIHZhbGlkIGZ1bmN0aW9uIHdpdGgKKwkgIHRoZSBjb3JyZWN0IHN0YXRpYyB0eXBlLiBUaGlz IHJlc3RyaWN0cyBwb3NzaWJsZSBjYWxsIHRhcmdldHMgYW5kCisJICBtYWtlcyBpdCBtb3JlIGRp ZmZpY3VsdCBmb3IgYW4gYXR0YWNrZXIgdG8gZXhwbG9pdCBidWdzIHRoYXQgYWxsb3cKKwkgIHRo ZSBtb2RpZmljYXRpb24gb2Ygc3RvcmVkIGZ1bmN0aW9uIHBvaW50ZXJzLiBNb3JlIGluZm9ybWF0 aW9uIGNhbiBiZQorCSAgZm91bmQgZnJvbSB0aGUgY29tcGlsZXIncyBkb2N1bWVudGF0aW9uOgor CisJICAtIENsYW5nOiBodHRwczovL2NsYW5nLmxsdm0ub3JnL2RvY3MvQ29udHJvbEZsb3dJbnRl Z3JpdHkuaHRtbAorCSAgLSBHQ0M6IGh0dHBzOi8vZ2NjLmdudS5vcmcvb25saW5lZG9jcy9nY2Mv SW5zdHJ1bWVudGF0aW9uLU9wdGlvbnMuaHRtbCNJbnN0cnVtZW50YXRpb24tT3B0aW9ucworCiBj b25maWcgQ0ZJX1BFUk1JU1NJVkUKIAlib29sICJVc2UgQ0ZJIGluIHBlcm1pc3NpdmUgbW9kZSIK LQlkZXBlbmRzIG9uIENGSV9DTEFORworCWRlcGVuZHMgb24gQ0ZJX0NMQU5HIHx8IENGSV9HQ0MK IAloZWxwCiAJICBXaGVuIHNlbGVjdGVkLCBDb250cm9sIEZsb3cgSW50ZWdyaXR5IChDRkkpIHZp b2xhdGlvbnMgcmVzdWx0IGluIGEKIAkgIHdhcm5pbmcgaW5zdGVhZCBvZiBhIGtlcm5lbCBwYW5p Yy4gVGhpcyBvcHRpb24gc2hvdWxkIG9ubHkgYmUgdXNlZApkaWZmIC0tZ2l0IGEvYXJjaC9hcm02 NC9LY29uZmlnIGIvYXJjaC9hcm02NC9LY29uZmlnCmluZGV4IDlmYjlmZmYwOGM5NC4uNjBmZGZi MDFjZWNiIDEwMDY0NAotLS0gYS9hcmNoL2FybTY0L0tjb25maWcKKysrIGIvYXJjaC9hcm02NC9L Y29uZmlnCkBAIC04OSw2ICs4OSw3IEBAIGNvbmZpZyBBUk02NAogCXNlbGVjdCBBUkNIX1NVUFBP UlRTX0xUT19DTEFORyBpZiBDUFVfTElUVExFX0VORElBTgogCXNlbGVjdCBBUkNIX1NVUFBPUlRT X0xUT19DTEFOR19USElOCiAJc2VsZWN0IEFSQ0hfU1VQUE9SVFNfQ0ZJX0NMQU5HCisJc2VsZWN0 IEFSQ0hfU1VQUE9SVFNfQ0ZJX0dDQwogCXNlbGVjdCBBUkNIX1NVUFBPUlRTX0FUT01JQ19STVcK IAlzZWxlY3QgQVJDSF9TVVBQT1JUU19JTlQxMjggaWYgQ0NfSEFTX0lOVDEyOAogCXNlbGVjdCBB UkNIX1NVUFBPUlRTX05VTUFfQkFMQU5DSU5HCmRpZmYgLS1naXQgYS9pbmNsdWRlL2xpbnV4L2Nm aV90eXBlcy5oIGIvaW5jbHVkZS9saW51eC9jZmlfdHlwZXMuaAppbmRleCA2Yjg3MTM2NzU3NjUu LjFjM2I3ZWE2YTc5ZiAxMDA2NDQKLS0tIGEvaW5jbHVkZS9saW51eC9jZmlfdHlwZXMuaAorKysg Yi9pbmNsdWRlL2xpbnV4L2NmaV90eXBlcy5oCkBAIC04LDE4ICs4LDI1IEBACiAjaWZkZWYgX19B U1NFTUJMWV9fCiAjaW5jbHVkZSA8bGludXgvbGlua2FnZS5oPgogCi0jaWZkZWYgQ09ORklHX0NG SV9DTEFORworI2lmIGRlZmluZWQoQ09ORklHX0NGSV9DTEFORykgfHwgZGVmaW5lZChDT05GSUdf Q0ZJX0dDQykKIC8qCi0gKiBVc2UgdGhlIF9fa2NmaV90eXBlaWRfPGZ1bmN0aW9uPiB0eXBlIGlk ZW50aWZpZXIgc3ltYm9sIHRvCisgKiBVc2UgdGhlIF9fW2tdY2ZpX3R5cGVpZF88ZnVuY3Rpb24+ IHR5cGUgaWRlbnRpZmllciBzeW1ib2wgdG8KICAqIGFubm90YXRlIGluZGlyZWN0bHkgY2FsbGVk IGFzc2VtYmx5IGZ1bmN0aW9ucy4gVGhlIGNvbXBpbGVyIGVtaXRzCiAgKiB0aGVzZSBzeW1ib2xz IGZvciBhbGwgYWRkcmVzcy10YWtlbiBmdW5jdGlvbiBkZWNsYXJhdGlvbnMgaW4gQwogICogY29k ZS4KICAqLwogI2lmbmRlZiBfX0NGSV9UWVBFCisKKyNpZmRlZiBDT05GSUdfQ0ZJX0dDQworI2Rl ZmluZSBfX0NGSV9UWVBFKG5hbWUpCQkJCVwKKwkuNGJ5dGUgX19jZmlfdHlwZWlkXyMjbmFtZQor I2Vsc2UKICNkZWZpbmUgX19DRklfVFlQRShuYW1lKQkJCQlcCiAJLjRieXRlIF9fa2NmaV90eXBl aWRfIyNuYW1lCiAjZW5kaWYKIAorI2VuZGlmCisKICNkZWZpbmUgU1lNX1RZUEVEX0VOVFJZKG5h bWUsIGxpbmthZ2UsIGFsaWduLi4uKQlcCiAJbGlua2FnZShuYW1lKSBBU01fTkwJCQkJXAogCWFs aWduIEFTTV9OTAkJCQkJXApAQCAtMjksMTIgKzM2LDEyIEBACiAjZGVmaW5lIFNZTV9UWVBFRF9T VEFSVChuYW1lLCBsaW5rYWdlLCBhbGlnbi4uLikJXAogCVNZTV9UWVBFRF9FTlRSWShuYW1lLCBs aW5rYWdlLCBhbGlnbikKIAotI2Vsc2UgLyogQ09ORklHX0NGSV9DTEFORyAqLworI2Vsc2UgLyog ZGVmaW5lZChDT05GSUdfQ0ZJX0NMQU5HKSB8fCBkZWZpbmVkKENPTkZJR19DRklfR0NDKSAqLwog CiAjZGVmaW5lIFNZTV9UWVBFRF9TVEFSVChuYW1lLCBsaW5rYWdlLCBhbGlnbi4uLikJXAogCVNZ TV9TVEFSVChuYW1lLCBsaW5rYWdlLCBhbGlnbikKIAotI2VuZGlmIC8qIENPTkZJR19DRklfQ0xB TkcgKi8KKyNlbmRpZiAvKiBkZWZpbmVkKENPTkZJR19DRklfQ0xBTkcpIHx8IGRlZmluZWQoQ09O RklHX0NGSV9HQ0MpICovCiAKICNpZm5kZWYgU1lNX1RZUEVEX0ZVTkNfU1RBUlQKICNkZWZpbmUg U1lNX1RZUEVEX0ZVTkNfU1RBUlQobmFtZSkgCQkJXApkaWZmIC0tZ2l0IGEvaW5jbHVkZS9saW51 eC9jb21waWxlci1nY2MuaCBiL2luY2x1ZGUvbGludXgvY29tcGlsZXItZ2NjLmgKaW5kZXggOWIx NTdiNzEwMzZmLi5hZWMxY2UzMjdiMWEgMTAwNjQ0Ci0tLSBhL2luY2x1ZGUvbGludXgvY29tcGls ZXItZ2NjLmgKKysrIGIvaW5jbHVkZS9saW51eC9jb21waWxlci1nY2MuaApAQCAtODIsNiArODIs MTAgQEAKICNkZWZpbmUgX19ub3NjcyBfX2F0dHJpYnV0ZV9fKChfX25vX3Nhbml0aXplX18oInNo YWRvdy1jYWxsLXN0YWNrIikpKQogI2VuZGlmCiAKKyNpZmRlZiBDT05GSUdfQ0ZJX0dDQworI2Rl ZmluZSBfX25vY2ZpIF9fYXR0cmlidXRlX18oKG5vX3Nhbml0aXplKCJjZmkiKSkpCisjZW5kaWYK KwogI2lmIF9faGFzX2F0dHJpYnV0ZShfX25vX3Nhbml0aXplX2FkZHJlc3NfXykKICNkZWZpbmUg X19ub19zYW5pdGl6ZV9hZGRyZXNzIF9fYXR0cmlidXRlX18oKG5vX3Nhbml0aXplX2FkZHJlc3Mp KQogI2Vsc2UKZGlmZiAtLWdpdCBhL2tlcm5lbC9NYWtlZmlsZSBiL2tlcm5lbC9NYWtlZmlsZQpp bmRleCAzMTg3ODljNzI4ZDMuLjkyM2QzZTA2MDg1MiAxMDA2NDQKLS0tIGEva2VybmVsL01ha2Vm aWxlCisrKyBiL2tlcm5lbC9NYWtlZmlsZQpAQCAtMTE0LDYgKzExNCw3IEBAIG9iai0kKENPTkZJ R19TSEFET1dfQ0FMTF9TVEFDSykgKz0gc2NzLm8KIG9iai0kKENPTkZJR19IQVZFX1NUQVRJQ19D QUxMKSArPSBzdGF0aWNfY2FsbC5vCiBvYmotJChDT05GSUdfSEFWRV9TVEFUSUNfQ0FMTF9JTkxJ TkUpICs9IHN0YXRpY19jYWxsX2lubGluZS5vCiBvYmotJChDT05GSUdfQ0ZJX0NMQU5HKSArPSBj Zmkubworb2JqLSQoQ09ORklHX0NGSV9HQ0MpICs9IGNmaS5vCiAKIG9iai0kKENPTkZJR19QRVJG X0VWRU5UUykgKz0gZXZlbnRzLwogCmRpZmYgLS1naXQgYS9rZXJuZWwvY2ZpLmMgYi9rZXJuZWwv Y2ZpLmMKaW5kZXggMDhjYWFkNzc2NzE3Li45YmZmMzU3MzY3NTYgMTAwNjQ0Ci0tLSBhL2tlcm5l bC9jZmkuYworKysgYi9rZXJuZWwvY2ZpLmMKQEAgLTI1LDYgKzI1LDcgQEAgZW51bSBidWdfdHJh cF90eXBlIHJlcG9ydF9jZmlfZmFpbHVyZShzdHJ1Y3QgcHRfcmVncyAqcmVncywgdW5zaWduZWQg bG9uZyBhZGRyLAogCXJldHVybiBCVUdfVFJBUF9UWVBFX0JVRzsKIH0KIAorI2lmZGVmIENPTkZJ R19DRklfQ0xBTkcKICNpZmRlZiBDT05GSUdfQVJDSF9VU0VTX0NGSV9UUkFQUwogc3RhdGljIGlu bGluZSB1bnNpZ25lZCBsb25nIHRyYXBfYWRkcmVzcyhzMzIgKnApCiB7CkBAIC05OSwzICsxMDAs MjUgQEAgYm9vbCBpc19jZmlfdHJhcCh1bnNpZ25lZCBsb25nIGFkZHIpCiAJcmV0dXJuIGlzX21v ZHVsZV9jZmlfdHJhcChhZGRyKTsKIH0KICNlbmRpZiAvKiBDT05GSUdfQVJDSF9VU0VTX0NGSV9U UkFQUyAqLworI2VuZGlmIC8qIENPTkZJR19DRklfQ0xBTkcgKi8KKworCisjaWZkZWYgQ09ORklH X0NGSV9HQ0MKK3ZvaWQgY2ZpX2NoZWNrX2ZhaWxlZCh1MzIgY2FsbGVyX2hhc2gsIHUzMiBjYWxs ZWVfaGFzaCwgdm9pZCAqY2FsbGVlX2FkZHIpCit7CisJdW5zaWduZWQgbG9uZyBwYywgdGFyZ2V0 OworCisJcGMgPSAodW5zaWduZWQgbG9uZylfX2J1aWx0aW5fcmV0dXJuX2FkZHJlc3MoMCk7CisJ dGFyZ2V0ID0gKHVuc2lnbmVkIGxvbmcpY2FsbGVlX2FkZHI7CisKKwlzd2l0Y2ggKHJlcG9ydF9j ZmlfZmFpbHVyZShOVUxMLCBwYywgJnRhcmdldCwgY2FsbGVyX2hhc2gpKSB7CisJY2FzZSBCVUdf VFJBUF9UWVBFX1dBUk46CisJCWJyZWFrOworCisJZGVmYXVsdDoKKwkJcGFuaWMoIk9vcHMgLSBD RkkiKTsKKwl9Cit9CitFWFBPUlRfU1lNQk9MKGNmaV9jaGVja19mYWlsZWQpOworCisjZW5kaWYg LyogQ09ORklHX0NGSV9HQ0MgKi8KZGlmZiAtLWdpdCBhL3NjcmlwdHMva2FsbHN5bXMuYyBiL3Nj cmlwdHMva2FsbHN5bXMuYwppbmRleCBjY2RmMGM4OTdmMzEuLmVkOGRiNTEzYjkxOCAxMDA2NDQK LS0tIGEvc2NyaXB0cy9rYWxsc3ltcy5jCisrKyBiL3NjcmlwdHMva2FsbHN5bXMuYwpAQCAtMTE5 LDcgKzExOSw5IEBAIHN0YXRpYyBib29sIGlzX2lnbm9yZWRfc3ltYm9sKGNvbnN0IGNoYXIgKm5h bWUsIGNoYXIgdHlwZSkKIAkJIl9fVGh1bWJWN1BJTG9uZ1RodW5rXyIsCiAJCSJfX0xBMjVUaHVu a18iLAkJLyogbWlwcyBsbGQgKi8KIAkJIl9fbWljcm9MQTI1VGh1bmtfIiwKLQkJIl9fa2NmaV90 eXBlaWRfIiwJLyogQ0ZJIHR5cGUgaWRlbnRpZmllcnMgKi8KKwkJIl9fa2NmaV90eXBlaWRfIiwJ LyogQ0ZJIHR5cGUgaWRlbnRpZmllcnMgaW4gQ2xhbmcgKi8KKwkJIl9fY2ZpXyIsCQkvKiBDRkkg dHlwZSBpZGVudGlmaWVycyBpbiBHQ0MgKi8KKwkJIl9fcGlfX19jZmkiLAkJLyogQ0ZJIHR5cGUg aWRlbnRpZmllcnMgaW4gR0NDICovCiAJCU5VTEwKIAl9OwogCi0tIAoyLjE3LjEKCgpfX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpsaW51eC1hcm0ta2VybmVs IG1haWxpbmcgbGlzdApsaW51eC1hcm0ta2VybmVsQGxpc3RzLmluZnJhZGVhZC5vcmcKaHR0cDov L2xpc3RzLmluZnJhZGVhZC5vcmcvbWFpbG1hbi9saXN0aW5mby9saW51eC1hcm0ta2VybmVsCg==