hare

[hare] The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE
commit 2aa4b9d2d3a576005593e3485423385f0b47cc57
parent 546650055c9ee84b467ebafadee45c36322b1e12
Author: Lorenz (xha) <me@xha.li>
Date:   Tue, 19 Dec 2023 13:23:03 +0100

rt/: prepare for IBT support

Signed-off-by: Lorenz (xha) <me@xha.li>

Diffstat:

Mrt/+x86_64/fenv.s | 5+++++


Mrt/+x86_64/getfp.s | 1+


Mrt/+x86_64/longjmp.s | 11++++++++++-


Mrt/+x86_64/setjmp.s | 3+++


4 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/rt/+x86_64/fenv.s b/rt/+x86_64/fenv.s
@@ -28,6 +28,7 @@
 .type rt.feclearexcept,@function
 rt.feclearexcept:
 		# maintain exceptions in the sse mxcsr, clear x87 exceptions
+	endbr64
 	mov %edi,%ecx
 	and $0x3f,%ecx
 	fnstsw %ax
@@ -49,6 +50,7 @@ rt.feclearexcept:
 .global rt.feraiseexcept
 .type rt.feraiseexcept,@function
 rt.feraiseexcept:
+	endbr64
 	and $0x3f,%edi
 	stmxcsr -8(%rsp)
 	or %edi,-8(%rsp)
@@ -60,6 +62,7 @@ rt.feraiseexcept:
 .global rt.fesetround
 .type rt.fesetround,@function
 rt.fesetround:
+	endbr64
 	push %rax
 	xor %eax,%eax
 	mov %edi,%ecx
@@ -79,6 +82,7 @@ rt.fesetround:
 .global rt.fegetround
 .type rt.fegetround,@function
 rt.fegetround:
+	endbr64
 	push %rax
 	stmxcsr (%rsp)
 	pop %rax
@@ -90,6 +94,7 @@ rt.fegetround:
 .global rt.fetestexcept
 .type rt.fetestexcept,@function
 rt.fetestexcept:
+	endbr64
 	and $0x3f,%edi
 	push %rax
 	stmxcsr (%rsp)
diff --git a/rt/+x86_64/getfp.s b/rt/+x86_64/getfp.s
@@ -2,5 +2,6 @@
 .global rt.getfp
 .type rt.getfp,@function
 rt.getfp:
+	endbr64
 	mov (%rbp),%rax
 	ret
diff --git a/rt/+x86_64/longjmp.s b/rt/+x86_64/longjmp.s
@@ -4,6 +4,9 @@
 .global rt.longjmp
 .type rt.longjmp,@function
 rt.longjmp:
+	/* no endbr64 here to avoid exploitation - this function cannot be the
+	 * result of an indirect branch.
+	 */
 	xor %eax,%eax
 	cmp $1,%esi             /* CF = val ? 0 : 1 */
 	adc %esi,%eax           /* eax = val + !val */
@@ -14,4 +17,10 @@ rt.longjmp:
 	mov 32(%rdi),%r14
 	mov 40(%rdi),%r15
 	mov 48(%rdi),%rsp
-	jmp *56(%rdi)           /* goto saved address without altering rsp */
+	/* IBT: we cannot directly jump to the saved adress since this might be
+	 * in the middle of the function where we are not going to have an
+	 * endbr64. instead, we push the address to the stack and return to it
+	 * in order to avoid an indirect branch.
+	 */
+	push 56(%rdi)           /* goto saved address without altering rsp */
+	ret
diff --git a/rt/+x86_64/setjmp.s b/rt/+x86_64/setjmp.s
@@ -4,6 +4,9 @@
 .global rt.setjmp
 .type rt.setjmp,@function
 rt.setjmp:
+	/* no endbr64 here to avoid exploitation - this function cannot be the
+	 * result of an indirect branch.
+ 	 */
 	mov %rbx,(%rdi)         /* rdi is jmp_buf, move registers onto it */
 	mov %rbp,8(%rdi)
 	mov %r12,16(%rdi)