Skip to content

Commit 37dc063

Browse files
kettenismordak
kettenis
authored and
mordak
committed
Add IBT support to the retpoline PLTs. Since we use retpoline PLTs by default on OpenBSD this will give us IBT support by default. Fixes indirect function calls for functions in shared libraries.
This doesn't fix retpoline+znow PLTs yet; a fix for that will follow. ok miod@, guenther@
1 parent 2aa0310 commit 37dc063

File tree

1 file changed

+13
-12
lines changed

1 file changed

+13
-12
lines changed

lld/ELF/Arch/X86_64.cpp

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1094,7 +1094,7 @@ Retpoline::Retpoline() {
10941094
}
10951095

10961096
void Retpoline::writeGotPlt(uint8_t *buf, const Symbol &s) const {
1097-
write64le(buf, s.getPltVA() + 17);
1097+
write64le(buf, s.getPltVA() + 21);
10981098
}
10991099

11001100
void Retpoline::writePltHeader(uint8_t *buf) const {
@@ -1122,22 +1122,23 @@ void Retpoline::writePltHeader(uint8_t *buf) const {
11221122
void Retpoline::writePlt(uint8_t *buf, const Symbol &sym,
11231123
uint64_t pltEntryAddr) const {
11241124
const uint8_t insn[] = {
1125-
0x4c, 0x8b, 0x1d, 0, 0, 0, 0, // 0: mov foo@GOTPLT(%rip), %r11
1126-
0xe8, 0, 0, 0, 0, // 7: callq plt+0x20
1127-
0xe9, 0, 0, 0, 0, // c: jmp plt+0x12
1128-
0x68, 0, 0, 0, 0, // 11: pushq <relocation index>
1129-
0xe9, 0, 0, 0, 0, // 16: jmp plt+0
1130-
0xcc, 0xcc, 0xcc, 0xcc, 0xcc, // 1b: int3; padding
1125+
0xf3, 0x0f, 0x1e, 0xfa, // 0: endbr64
1126+
0x4c, 0x8b, 0x1d, 0, 0, 0, 0, // 4: mov foo@GOTPLT(%rip), %r11
1127+
0xe8, 0, 0, 0, 0, // b: callq plt+0x20
1128+
0xe9, 0, 0, 0, 0, // 10: jmp plt+0x12
1129+
0x68, 0, 0, 0, 0, // 15: pushq <relocation index>
1130+
0xe9, 0, 0, 0, 0, // 1a: jmp plt+0
1131+
0xcc, // 1f: int3; padding
11311132
};
11321133
memcpy(buf, insn, sizeof(insn));
11331134

11341135
uint64_t off = pltEntryAddr - in.plt->getVA();
11351136

1136-
write32le(buf + 3, sym.getGotPltVA() - pltEntryAddr - 7);
1137-
write32le(buf + 8, -off - 12 + 32);
1138-
write32le(buf + 13, -off - 17 + 18);
1139-
write32le(buf + 18, sym.getPltIdx());
1140-
write32le(buf + 23, -off - 27);
1137+
write32le(buf + 7, sym.getGotPltVA() - pltEntryAddr - 11);
1138+
write32le(buf + 12, -off - 16 + 32);
1139+
write32le(buf + 17, -off - 21 + 18);
1140+
write32le(buf + 22, sym.getPltIdx());
1141+
write32le(buf + 27, -off - 31);
11411142
}
11421143

11431144
RetpolineZNow::RetpolineZNow() {

0 commit comments

Comments
 (0)