Add endbr64/bti instruction at the start of the gadget, otherwise we'll

get a SIGILL when the gadget gets call.  Fix the instruction that sets
the syscall number on arm64.

ok anton@, deraadt@

diff --git a/regress/usr.bin/lastcomm/gadget.S b/regress/usr.bin/lastcomm/gadget.S
index dc0ca6c..8c91db6 100644 (file)
--- a/regress/usr.bin/lastcomm/gadget.S
+++ b/regress/usr.bin/lastcomm/gadget.S
@@ -1,4 +1,4 @@
-/*     $OpenBSD: gadget.S,v 1.1 2023/01/09 11:50:01 anton Exp $        */
+/*     $OpenBSD: gadget.S,v 1.2 2024/03/13 11:18:42 kettenis Exp $     */
 
 #include <sys/syscall.h>
 #include <machine/asm.h>
@@ -12,11 +12,13 @@
         .type  gadget_getpid,_ASM_TYPE_FUNCTION
 gadget_getpid:
 #if defined(__amd64__)
+       endbr64
        mov     $SYS_getpid, %eax
        syscall
        ret
 #elif defined(__aarch64__)
-       ldr     x8, #SYS_getpid
+       bti     c
+       mov     x8, #SYS_getpid
        svc     0
        dsb     nsh
        isb