Call entry point of the executable through register x17. This allows it

to be a normal C function that starts with "bti c" when BTI contro flow
integretry enforcement is in place.  Add "bti c" to _dl_bind_start().

Remove unused _rtld_tlsdesc() function to avoid having to add "bti c" to it.

ok deraadt@

diff --git a/libexec/ld.so/aarch64/ldasm.S b/libexec/ld.so/aarch64/ldasm.S
index 9da1c9f..e148a37 100644 (file)
--- a/libexec/ld.so/aarch64/ldasm.S
+++ b/libexec/ld.so/aarch64/ldasm.S
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ldasm.S,v 1.8 2019/05/10 13:29:21 guenther Exp $ */
+/*     $OpenBSD: ldasm.S,v 1.9 2023/03/31 18:45:05 kettenis Exp $ */
 
 /*
  * Copyright (c) 2016 Dale Rahn
@@ -57,6 +57,7 @@ _dl_start:
        ldr     x2, [x20, #7*8]                 // loff from dl_data
        mov     x3, x20                         // dl_data
        bl      _dl_boot
+       mov     x17, x0
 
        mov     sp, x29                         // move stack back
        mov     x29, xzr                        // clear frame back pointer
@@ -65,7 +66,7 @@ _dl_start:
        adrp    x8, :got:_dl_dtors
        ldr     x2, [x8, :got_lo12:_dl_dtors]
 
-       br      x0
+       br      x17
 END(_dl_start)
 
 ENTRY(_dl_bind_start)
@@ -75,7 +76,8 @@ ENTRY(_dl_bind_start)
         * return address and pointer to pltgot entry for this
         * relocation are on the stack
         */
-       mov x17, sp
+       bti     c
+       mov     x17, sp
 
        // save parameter/result registers
        stp     x0, x1, [sp, #-16]!
@@ -109,10 +111,3 @@ ENTRY(_dl_bind_start)
        ldp     xzr, x30, [sp], #16
        br      x17
 END(_dl_bind_start)
-
-ENTRY(_rtld_tlsdesc)
-       RETGUARD_SETUP(_rtld_tlsdesc, x15)
-       ldr     x0, [x0, #8]
-       RETGUARD_CHECK(_rtld_tlsdesc, x15)
-       ret
-END(_rtld_tlsdesc)