mirror of
https://github.com/crosstool-ng/crosstool-ng.git
synced 2025-01-06 12:58:41 +00:00
c175b21ce4
Bring in the fixes for GCC 7 through 13. https://rtx.meta.security/mitigation/2023/09/12/CVE-2023-4039.html https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64 Signed-off-by: Chris Packham <judge.packham@gmail.com>
85 lines
3.4 KiB
Diff
85 lines
3.4 KiB
Diff
From 34081079ea4de0c98331843f574b5f6f94d7b234 Mon Sep 17 00:00:00 2001
|
|
From: Richard Sandiford <richard.sandiford@arm.com>
|
|
Date: Tue, 12 Sep 2023 16:08:50 +0100
|
|
Subject: [PATCH 14/28] aarch64: Add bytes_below_hard_fp to frame info
|
|
|
|
Following on from the previous bytes_below_saved_regs patch, this one
|
|
records the number of bytes that are below the hard frame pointer.
|
|
This eventually replaces below_hard_fp_saved_regs_size.
|
|
|
|
If a frame pointer is not needed, the epilogue adds final_adjust
|
|
to the stack pointer before restoring registers:
|
|
|
|
aarch64_add_sp (tmp1_rtx, tmp0_rtx, final_adjust, true);
|
|
|
|
Therefore, if the epilogue needs to restore the stack pointer from
|
|
the hard frame pointer, the directly corresponding offset is:
|
|
|
|
-bytes_below_hard_fp + final_adjust
|
|
|
|
i.e. go from the hard frame pointer to the bottom of the frame,
|
|
then add the same amount as if we were using the stack pointer
|
|
from the outset.
|
|
|
|
gcc/
|
|
* config/aarch64/aarch64.h (aarch64_frame::bytes_below_hard_fp): New
|
|
field.
|
|
* config/aarch64/aarch64.cc (aarch64_layout_frame): Initialize it.
|
|
(aarch64_expand_epilogue): Use it instead of
|
|
below_hard_fp_saved_regs_size.
|
|
---
|
|
gcc/config/aarch64/aarch64.cc | 6 +++---
|
|
gcc/config/aarch64/aarch64.h | 5 +++++
|
|
2 files changed, 8 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc
|
|
index 94e1b6865849..c7d84245fbfc 100644
|
|
--- a/gcc/config/aarch64/aarch64.cc
|
|
+++ b/gcc/config/aarch64/aarch64.cc
|
|
@@ -8269,6 +8269,7 @@ aarch64_layout_frame (void)
|
|
of the callee save area. */
|
|
bool saves_below_hard_fp_p = maybe_ne (offset, 0);
|
|
frame.below_hard_fp_saved_regs_size = offset;
|
|
+ frame.bytes_below_hard_fp = offset + frame.bytes_below_saved_regs;
|
|
if (frame.emit_frame_chain)
|
|
{
|
|
/* FP and LR are placed in the linkage record. */
|
|
@@ -9856,8 +9857,7 @@ aarch64_expand_epilogue (bool for_sibcall)
|
|
poly_int64 final_adjust = frame.final_adjust;
|
|
poly_int64 callee_offset = frame.callee_offset;
|
|
poly_int64 sve_callee_adjust = frame.sve_callee_adjust;
|
|
- poly_int64 below_hard_fp_saved_regs_size
|
|
- = frame.below_hard_fp_saved_regs_size;
|
|
+ poly_int64 bytes_below_hard_fp = frame.bytes_below_hard_fp;
|
|
unsigned reg1 = frame.wb_pop_candidate1;
|
|
unsigned reg2 = frame.wb_pop_candidate2;
|
|
unsigned int last_gpr = (frame.is_scs_enabled
|
|
@@ -9915,7 +9915,7 @@ aarch64_expand_epilogue (bool for_sibcall)
|
|
is restored on the instruction doing the writeback. */
|
|
aarch64_add_offset (Pmode, stack_pointer_rtx,
|
|
hard_frame_pointer_rtx,
|
|
- -callee_offset - below_hard_fp_saved_regs_size,
|
|
+ -bytes_below_hard_fp + final_adjust,
|
|
tmp1_rtx, tmp0_rtx, callee_adjust == 0);
|
|
else
|
|
/* The case where we need to re-use the register here is very rare, so
|
|
diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h
|
|
index 1e105e12db8d..de68ff7202fc 100644
|
|
--- a/gcc/config/aarch64/aarch64.h
|
|
+++ b/gcc/config/aarch64/aarch64.h
|
|
@@ -880,6 +880,11 @@ struct GTY (()) aarch64_frame
|
|
are saved below the hard frame pointer. */
|
|
poly_int64 below_hard_fp_saved_regs_size;
|
|
|
|
+ /* The number of bytes between the bottom of the static frame (the bottom
|
|
+ of the outgoing arguments) and the hard frame pointer. This value is
|
|
+ always a multiple of STACK_BOUNDARY. */
|
|
+ poly_int64 bytes_below_hard_fp;
|
|
+
|
|
/* Offset from the base of the frame (incomming SP) to the
|
|
top of the locals area. This value is always a multiple of
|
|
STACK_BOUNDARY. */
|
|
--
|
|
2.42.0
|
|
|