1# REQUIRES: aarch64 2# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu %s -o %t.o 3# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu --defsym CANONICAL_PLT=1 %s -o %tcanon.o 4# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu --defsym RELVTABLE_PLT=1 %s -o %trelvtable.o 5# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu %p/Inputs/aarch64-bti1.s -o %t1.o 6# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu %p/Inputs/aarch64-func3.s -o %t2.o 7# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu %p/Inputs/aarch64-func3-bti.s -o %t3.o 8# RUN: llvm-mc -filetype=obj -triple=aarch64-linux-gnu %p/Inputs/aarch64-func2.s -o %tno.o 9 10## We do not add BTI support when the inputs don't have the .note.gnu.property 11## field. 12 13# RUN: ld.lld %tno.o %t3.o --shared -o %tno.so 14# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %tno.so | FileCheck --check-prefix=NOBTI %s 15# RUN: llvm-readelf -x .got.plt %tno.so | FileCheck --check-prefix SOGOTPLT %s 16# RUN: llvm-readelf --dynamic-table %tno.so | FileCheck --check-prefix NOBTIDYN %s 17 18# NOBTIDYN-NOT: 0x0000000070000001 (AARCH64_BTI_PLT) 19# NOBTIDYN-NOT: 0x0000000070000003 (AARCH64_PAC_PLT) 20 21# NOBTI: 00000000000102b8 <func2>: 22# NOBTI-NEXT: 102b8: bl 0x102f0 <func3@plt> 23# NOBTI-NEXT: 102bc: ret 24# NOBTI: Disassembly of section .plt: 25# NOBTI: 00000000000102d0 <.plt>: 26# NOBTI-NEXT: 102d0: stp x16, x30, [sp, #-16]! 27# NOBTI-NEXT: 102d4: adrp x16, 0x30000 28# NOBTI-NEXT: 102d8: ldr x17, [x16, #960] 29# NOBTI-NEXT: 102dc: add x16, x16, #960 30# NOBTI-NEXT: 102e0: br x17 31# NOBTI-NEXT: 102e4: nop 32# NOBTI-NEXT: 102e8: nop 33# NOBTI-NEXT: 102ec: nop 34# NOBTI: 00000000000102f0 <func3@plt>: 35# NOBTI-NEXT: 102f0: adrp x16, 0x30000 36# NOBTI-NEXT: 102f4: ldr x17, [x16, #968] 37# NOBTI-NEXT: 102f8: add x16, x16, #968 38# NOBTI-NEXT: 102fc: br x17 39 40## The .got.plt should be identical between the BTI and no BTI DSO PLT. 41# SOGOTPLT: Hex dump of section '.got.plt' 42# SOGOTPLT-NEXT: 0x000303b0 00000000 00000000 00000000 00000000 43# SOGOTPLT-NEXT: 0x000303c0 00000000 00000000 d0020100 00000000 44 45## Expect a bti c at the start of plt[0], the plt entries do not need bti c as 46## their address doesn't escape the shared object, so they can't be indirectly 47## called. Expect no other difference. 48 49# RUN: ld.lld %t1.o %t3.o --shared --soname=t.so -o %t.so 50# RUN: llvm-readelf -n %t.so | FileCheck --check-prefix BTIPROP %s 51# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %t.so | FileCheck --check-prefix BTISO %s 52# RUN: llvm-readelf -x .got.plt %t.so | FileCheck --check-prefix SOGOTPLT2 %s 53# RUN: llvm-readelf --dynamic-table %t.so | FileCheck --check-prefix BTIDYN %s 54 55# BTIPROP: Properties: aarch64 feature: BTI 56 57# BTIDYN: 0x0000000070000001 (AARCH64_BTI_PLT) 58# BTIDYN-NOT: 0x0000000070000003 (AARCH64_PAC_PLT) 59 60# BTISO: 0000000000010348 <func2>: 61# BTISO-NEXT: 10348: bl 0x10380 <func3@plt> 62# BTISO-NEXT: ret 63# BTISO: 0000000000010350 <func3>: 64# BTISO-NEXT: 10350: ret 65# BTISO: Disassembly of section .plt: 66# BTISO: 0000000000010360 <.plt>: 67# BTISO-NEXT: 10360: bti c 68# BTISO-NEXT: stp x16, x30, [sp, #-16]! 69# BTISO-NEXT: adrp x16, 0x30000 70# BTISO-NEXT: ldr x17, [x16, #1144] 71# BTISO-NEXT: add x16, x16, #1144 72# BTISO-NEXT: br x17 73# BTISO-NEXT: nop 74# BTISO-NEXT: nop 75# BTISO: 0000000000010380 <func3@plt>: 76# BTISO-NEXT: 10380: adrp x16, 0x30000 77# BTISO-NEXT: ldr x17, [x16, #1152] 78# BTISO-NEXT: add x16, x16, #1152 79# BTISO-NEXT: br x17 80 81# SOGOTPLT2: Hex dump of section '.got.plt' 82# SOGOTPLT2-NEXT: 0x00030468 00000000 00000000 00000000 00000000 83# SOGOTPLT2-NEXT: 0x00030478 00000000 00000000 60030100 00000000 84 85## Build an executable with all relocatable inputs having the BTI 86## .note.gnu.property. 87 88# RUN: ld.lld %t2.o --shared --soname=t2.so -o %t2.so 89 90# RUN: ld.lld %t.o %t.so %t2.so -o %t.exe 91# RUN: llvm-readelf --dynamic-table -n %t.exe | FileCheck --check-prefix=BTIPROP %s 92# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %t.exe | FileCheck --check-prefix=EXECBTI %s 93 94# EXECBTI: Disassembly of section .text: 95# EXECBTI: 0000000000210348 <func1>: 96# EXECBTI-NEXT: 210348: bl 0x210370 <func2@plt> 97# EXECBTI-NEXT: ret 98# EXECBTI: Disassembly of section .plt: 99# EXECBTI: 0000000000210350 <.plt>: 100# EXECBTI-NEXT: 210350: bti c 101# EXECBTI-NEXT: stp x16, x30, [sp, #-16]! 102# EXECBTI-NEXT: adrp x16, 0x230000 103# EXECBTI-NEXT: ldr x17, [x16, #1160] 104# EXECBTI-NEXT: add x16, x16, #1160 105# EXECBTI-NEXT: br x17 106# EXECBTI-NEXT: nop 107# EXECBTI-NEXT: nop 108# EXECBTI: 0000000000210370 <func2@plt>: 109# EXECBTI-NEXT: 210370: adrp x16, 0x230000 110# EXECBTI-NEXT: ldr x17, [x16, #1168] 111# EXECBTI-NEXT: add x16, x16, #1168 112# EXECBTI-NEXT: br x17 113# EXECBTI-NEXT: nop 114# EXECBTI-NEXT: nop 115 116## We expect a bti c in front of a canonical PLT entry because its address 117## can escape the executable. 118# RUN: ld.lld %tcanon.o %t.so %t2.so -o %t2.exe 119# RUN: llvm-readelf --dynamic-table -n %t2.exe | FileCheck --check-prefix=BTIPROP %s 120# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %t2.exe | FileCheck --check-prefix=EXECBTI2 %s 121# EXECBTI2: 0000000000210380 <func2@plt>: 122# EXECBTI2-NEXT: 210380: bti c 123# EXECBTI2-NEXT: adrp x16, 0x230000 124# EXECBTI2-NEXT: ldr x17, [x16, #1184] 125# EXECBTI2-NEXT: add x16, x16, #1184 126# EXECBTI2-NEXT: br x17 127# EXECBTI2-NEXT: nop 128 129 130## We expect the same for PIE, as the address of an ifunc can escape 131# RUN: ld.lld --pie %t.o %t.so %t2.so -o %tpie.exe 132# RUN: llvm-readelf -n %tpie.exe | FileCheck --check-prefix=BTIPROP %s 133# RUN: llvm-readelf --dynamic-table -n %tpie.exe | FileCheck --check-prefix=BTIPROP %s 134# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %tpie.exe | FileCheck --check-prefix=PIE %s 135 136# PIE: Disassembly of section .text: 137# PIE: 0000000000010348 <func1>: 138# PIE-NEXT: 10348: bl 0x10370 <func2@plt> 139# PIE-NEXT: ret 140# PIE: Disassembly of section .plt: 141# PIE: 0000000000010350 <.plt>: 142# PIE-NEXT: 10350: bti c 143# PIE-NEXT: stp x16, x30, [sp, #-16]! 144# PIE-NEXT: adrp x16, 0x30000 145# PIE-NEXT: ldr x17, [x16, #1176] 146# PIE-NEXT: add x16, x16, #1176 147# PIE-NEXT: br x17 148# PIE-NEXT: nop 149# PIE-NEXT: nop 150# PIE: 0000000000010370 <func2@plt>: 151# PIE-NEXT: 10370: adrp x16, 0x30000 152# PIE-NEXT: ldr x17, [x16, #1184] 153# PIE-NEXT: add x16, x16, #1184 154# PIE-NEXT: br x17 155# PIE-NEXT: nop 156# PIE-NEXT: nop 157 158## We expect the same for R_AARCH64_PLT32, as the address of an plt entry escapes 159# RUN: ld.lld --shared %trelvtable.o -o %trelv.exe 160# RUN: llvm-readelf -n %trelv.exe | FileCheck --check-prefix=BTIPROP %s 161# RUN: llvm-readelf --dynamic-table -n %trelv.exe | FileCheck --check-prefix=BTIPROP %s 162# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %trelv.exe | FileCheck --check-prefix=RELV %s 163 164# RELV: Disassembly of section .text: 165# RELV-LABEL: <func1>: 166# RELV-NEXT: 10380: bl 0x103b0 <func2@plt> 167# RELV-NEXT: bl 0x103c8 <funcRelVtable@plt> 168# RELV-NEXT: ret 169# RELV: Disassembly of section .plt: 170# RELV-LABEL: <.plt>: 171# RELV-NEXT: 10390: bti c 172# RELV-NEXT: stp x16, x30, [sp, #-16]! 173# RELV-NEXT: adrp x16, 0x30000 174# RELV-NEXT: ldr x17, [x16, #1200] 175# RELV-NEXT: add x16, x16, #1200 176# RELV-NEXT: br x17 177# RELV-NEXT: nop 178# RELV-NEXT: nop 179# RELV-LABEL: <func2@plt>: 180# RELV-NEXT: 103b0: adrp x16, 0x30000 181# RELV-NEXT: ldr x17, [x16, #1208] 182# RELV-NEXT: add x16, x16, #1208 183# RELV-NEXT: br x17 184# RELV-NEXT: nop 185# RELV-NEXT: nop 186# RELV-LABEL: <funcRelVtable@plt>: 187# RELV-NEXT: 103c8: bti c 188# RELV-NEXT: adrp x16, 0x30000 189# RELV-NEXT: ldr x17, [x16, #1216] 190# RELV-NEXT: add x16, x16, #1216 191# RELV-NEXT: br x17 192# RELV-NEXT: nop 193 194## Build and executable with not all relocatable inputs having the BTI 195## .note.property, expect no bti c and no .note.gnu.property entry 196 197# RUN: ld.lld %t.o %t2.o %t.so -o %tnobti.exe 198# RUN: llvm-readelf --dynamic-table %tnobti.exe | FileCheck --check-prefix NOBTIDYN %s 199# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %tnobti.exe | FileCheck --check-prefix=NOEX %s 200 201# NOEX: Disassembly of section .text: 202# NOEX: 00000000002102e0 <func1>: 203# NOEX-NEXT: 2102e0: bl 0x210310 <func2@plt> 204# NOEX-NEXT: ret 205# NOEX: 00000000002102e8 <func3>: 206# NOEX-NEXT: 2102e8: ret 207# NOEX: Disassembly of section .plt: 208# NOEX: 00000000002102f0 <.plt>: 209# NOEX-NEXT: 2102f0: stp x16, x30, [sp, #-16]! 210# NOEX-NEXT: adrp x16, 0x230000 211# NOEX-NEXT: ldr x17, [x16, #1024] 212# NOEX-NEXT: add x16, x16, #1024 213# NOEX-NEXT: br x17 214# NOEX-NEXT: nop 215# NOEX-NEXT: nop 216# NOEX-NEXT: nop 217# NOEX: 0000000000210310 <func2@plt>: 218# NOEX-NEXT: 210310: adrp x16, 0x230000 219# NOEX-NEXT: ldr x17, [x16, #1032] 220# NOEX-NEXT: add x16, x16, #1032 221# NOEX-NEXT: br x17 222 223## Force BTI entries with the -z force-bti command line option. Expect a warning 224## from the file without the .note.gnu.property. 225 226# RUN: ld.lld %t.o %t2.o -z force-bti %t.so -o %tforcebti.exe 2>&1 | FileCheck --check-prefix=FORCE-WARN %s 227# RUN: not ld.lld %t.o %t2.o -z force-bti -z bti-report=error %t.so -o %tfailifnotbti.exe 2>&1 | FileCheck --check-prefix=BTI_REPORT-ERROR %s 228 229# FORCE-WARN: aarch64-feature-bti.s.tmp2.o: -z force-bti: file does not have GNU_PROPERTY_AARCH64_FEATURE_1_BTI property 230# BTI_REPORT-ERROR: aarch64-feature-bti.s.tmp2.o: -z bti-report: file does not have GNU_PROPERTY_AARCH64_FEATURE_1_BTI property 231# BTI_REPORT-ERROR-EMPTY: 232 233# RUN: llvm-readelf -n %tforcebti.exe | FileCheck --check-prefix=BTIPROP %s 234# RUN: llvm-readelf --dynamic-table %tforcebti.exe | FileCheck --check-prefix BTIDYN %s 235# RUN: llvm-objdump --no-print-imm-hex -d --mattr=+bti --no-show-raw-insn %tforcebti.exe | FileCheck --check-prefix=FORCE %s 236 237# FORCE: Disassembly of section .text: 238# FORCE: 0000000000210370 <func1>: 239# FORCE-NEXT: 210370: bl 0x2103a0 <func2@plt> 240# FORCE-NEXT: ret 241# FORCE: 0000000000210378 <func3>: 242# FORCE-NEXT: 210378: ret 243# FORCE: Disassembly of section .plt: 244# FORCE: 0000000000210380 <.plt>: 245# FORCE-NEXT: 210380: bti c 246# FORCE-NEXT: stp x16, x30, [sp, #-16]! 247# FORCE-NEXT: adrp x16, 0x230000 248# FORCE-NEXT: ldr x17, [x16, #1192] 249# FORCE-NEXT: add x16, x16, #1192 250# FORCE-NEXT: br x17 251# FORCE-NEXT: nop 252# FORCE-NEXT: nop 253# FORCE: 00000000002103a0 <func2@plt>: 254# FORCE-NEXT: 2103a0: adrp x16, 0x230000 255# FORCE-NEXT: ldr x17, [x16, #1200] 256# FORCE-NEXT: add x16, x16, #1200 257# FORCE-NEXT: br x17 258# FORCE-NEXT: nop 259# FORCE-NEXT: nop 260 261.section ".note.gnu.property", "a" 262.long 4 263.long 0x10 264.long 0x5 265.asciz "GNU" 266 267.long 0xc0000000 // GNU_PROPERTY_AARCH64_FEATURE_1_AND 268.long 4 269.long 1 // GNU_PROPERTY_AARCH64_FEATURE_1_BTI 270.long 0 271 272.text 273.globl _start 274.type func1,%function 275func1: 276.ifdef CANONICAL_PLT 277 adrp x0, func2 278 add x0, x0, :lo12:func2 279.else 280 bl func2 281.endif 282.ifdef RELVTABLE_PLT 283 bl funcRelVtable 284.endif 285 ret 286 287.ifdef RELVTABLE_PLT 288// R_AARCH64_PLT32 289.word funcRelVtable@PLT - . 290.endif 291