diff options
| author | Andrew Turner <andrew@FreeBSD.org> | 2023-04-05 12:28:46 +0000 |
|---|---|---|
| committer | Andrew Turner <andrew@FreeBSD.org> | 2023-09-22 17:15:14 +0000 |
| commit | 450f731b7f2351d475b43bbc6234eea28adfd2b0 (patch) | |
| tree | 3e762cafd3eca901d39e8ac39924ab68c14e6969 | |
| parent | d61f9bfb0e5c119c97a559f187b1e9c73077307b (diff) | |
| download | src-450f731b7f2351d475b43bbc6234eea28adfd2b0.tar.gz src-450f731b7f2351d475b43bbc6234eea28adfd2b0.zip | |
Add BTI exceptions
We could hit these when executing code marked as using BTI but jumps
to a non-branch target instruction.
Sponsored by: Arm Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39450
| -rw-r--r-- | sys/arm64/arm64/locore.S | 2 | ||||
| -rw-r--r-- | sys/arm64/arm64/trap.c | 10 | ||||
| -rw-r--r-- | sys/arm64/include/armreg.h | 1 |
3 files changed, 12 insertions, 1 deletions
diff --git a/sys/arm64/arm64/locore.S b/sys/arm64/arm64/locore.S index 0ceb01eda5c0..bc2a84c404ab 100644 --- a/sys/arm64/arm64/locore.S +++ b/sys/arm64/arm64/locore.S @@ -864,7 +864,7 @@ sctlr_set: .quad (SCTLR_LSMAOE | SCTLR_nTLSMD | SCTLR_UCI | SCTLR_SPAN | \ SCTLR_nTWE | SCTLR_nTWI | SCTLR_UCT | SCTLR_DZE | \ SCTLR_I | SCTLR_SED | SCTLR_SA0 | SCTLR_SA | SCTLR_C | \ - SCTLR_M | SCTLR_CP15BEN) + SCTLR_M | SCTLR_CP15BEN | SCTLR_BT1 | SCTLR_BT0) sctlr_clear: /* Bits to clear */ .quad (SCTLR_EE | SCTLR_E0E | SCTLR_IESB | SCTLR_WXN | SCTLR_UMA | \ diff --git a/sys/arm64/arm64/trap.c b/sys/arm64/arm64/trap.c index d1a48a2fd9f4..c3221e9faf9f 100644 --- a/sys/arm64/arm64/trap.c +++ b/sys/arm64/arm64/trap.c @@ -559,6 +559,11 @@ do_el1h_sync(struct thread *td, struct trapframe *frame) panic("Undefined instruction: %08x", *(uint32_t *)frame->tf_elr); break; + case EXCP_BTI: + print_registers(frame); + print_gp_register("far", far); + panic("Branch Target exception"); + break; default: print_registers(frame); print_gp_register("far", far); @@ -699,6 +704,11 @@ do_el0_sync(struct thread *td, struct trapframe *frame) (void *)frame->tf_elr, exception); userret(td, frame); break; + case EXCP_BTI: + call_trapsignal(td, SIGILL, ILL_ILLOPC, (void *)frame->tf_elr, + exception); + userret(td, frame); + break; default: call_trapsignal(td, SIGBUS, BUS_OBJERR, (void *)frame->tf_elr, exception); diff --git a/sys/arm64/include/armreg.h b/sys/arm64/include/armreg.h index 8251a687a5d1..953c9af220b9 100644 --- a/sys/arm64/include/armreg.h +++ b/sys/arm64/include/armreg.h @@ -408,6 +408,7 @@ #define EXCP_UNKNOWN 0x00 /* Unkwn exception */ #define EXCP_TRAP_WFI_WFE 0x01 /* Trapped WFI or WFE */ #define EXCP_FP_SIMD 0x07 /* VFP/SIMD trap */ +#define EXCP_BTI 0x0d /* Branch Target Exception */ #define EXCP_ILL_STATE 0x0e /* Illegal execution state */ #define EXCP_SVC32 0x11 /* SVC trap for AArch32 */ #define EXCP_SVC64 0x15 /* SVC trap for AArch64 */ |