20 files changed, 92 insertions, 1 deletions

diff --git a/libc/arch-arm64/bionic/__bionic_clone.S b/libc/arch-arm64/bionic/__bionic_clone.S
index c3ff0e50c..e9932adaf 100644
--- a/libc/arch-arm64/bionic/__bionic_clone.S
+++ b/libc/arch-arm64/bionic/__bionic_clone.S
@@ -57,3 +57,5 @@ ENTRY_PRIVATE(__bionic_clone)
     ldp     x0, x1, [sp], #16
     b       __start_thread
 END(__bionic_clone)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/bionic/_exit_with_stack_teardown.S b/libc/arch-arm64/bionic/_exit_with_stack_teardown.S
index 6a7b1e561..c53a1f412 100644
--- a/libc/arch-arm64/bionic/_exit_with_stack_teardown.S
+++ b/libc/arch-arm64/bionic/_exit_with_stack_teardown.S
@@ -39,3 +39,5 @@ ENTRY_PRIVATE(_exit_with_stack_teardown)
   svc #0
   // The exit syscall does not return.
 END(_exit_with_stack_teardown)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/bionic/setjmp.S b/libc/arch-arm64/bionic/setjmp.S
index a2b23702a..07270c9da 100644
--- a/libc/arch-arm64/bionic/setjmp.S
+++ b/libc/arch-arm64/bionic/setjmp.S
@@ -118,6 +118,8 @@ END(_setjmp)
 // int sigsetjmp(sigjmp_buf env, int save_signal_mask);
 ENTRY(sigsetjmp)
 __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(sigsetjmp)
+  hint #25 // paciasp
+  .cfi_negate_ra_state
   stp x0, x30, [sp, #-16]!
   .cfi_def_cfa_offset 16
   .cfi_rel_offset x0, 0
@@ -184,6 +186,8 @@ __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(sigsetjmp)
 #endif
 
   mov w0, #0
+  hint #29 // autiasp
+  .cfi_negate_ra_state
   ret
 END(sigsetjmp)
 
@@ -250,7 +254,9 @@ __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(siglongjmp)
 1:
   // Restore core registers.
   bic x2, x2, #1
+  // x30 was saved with PAC to jmp_buf in sigsetjmp().
   ldp x30, x10, [x0, #(_JB_X30_SP  * 8)]
+  .cfi_negate_ra_state
   ldp x28, x29, [x0, #(_JB_X28_X29 * 8)]
   ldp x26, x27, [x0, #(_JB_X26_X27 * 8)]
   ldp x24, x25, [x0, #(_JB_X24_X25 * 8)]
@@ -290,6 +296,8 @@ __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(siglongjmp)
   // Set return value.
   cmp w1, wzr
   csinc w0, w1, wzr, ne
+  hint #29 // autiasp
+  .cfi_negate_ra_state
   ret
 END(siglongjmp)
 
@@ -297,3 +305,5 @@ ALIAS_SYMBOL(longjmp, siglongjmp)
 __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(longjmp)
 ALIAS_SYMBOL(_longjmp, siglongjmp)
 __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(_longjmp)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/bionic/syscall.S b/libc/arch-arm64/bionic/syscall.S
index 8389f9830..9e6f68ac4 100644
--- a/libc/arch-arm64/bionic/syscall.S
+++ b/libc/arch-arm64/bionic/syscall.S
@@ -47,3 +47,5 @@ ENTRY(syscall)
 
     ret
 END(syscall)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/bionic/vfork.S b/libc/arch-arm64/bionic/vfork.S
index 5cfb8b0cc..81b84a3ea 100644
--- a/libc/arch-arm64/bionic/vfork.S
+++ b/libc/arch-arm64/bionic/vfork.S
@@ -67,6 +67,8 @@ __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(vfork)
 
     // Clean up stack shadow in the parent process.
     // https://github.com/google/sanitizers/issues/925
+    hint #25 // paciasp
+    .cfi_negate_ra_state
     stp x0, x30, [sp, #-16]!
     .cfi_adjust_cfa_offset 16
     .cfi_rel_offset x0, 0
@@ -79,9 +81,13 @@ __BIONIC_WEAK_ASM_FOR_NATIVE_BRIDGE(vfork)
     .cfi_adjust_cfa_offset -16
     .cfi_restore x0
     .cfi_restore x30
+    hint #29 // autiasp
+    .cfi_negate_ra_state
 
 #endif
 
 .L_exit:
     ret
 END(vfork)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/generic/bionic/__memcpy_chk.S b/libc/arch-arm64/generic/bionic/__memcpy_chk.S
index a6eeca477..a8e9e83d0 100644
--- a/libc/arch-arm64/generic/bionic/__memcpy_chk.S
+++ b/libc/arch-arm64/generic/bionic/__memcpy_chk.S
@@ -43,3 +43,5 @@ ENTRY(__memcpy_chk)
 
   bl __memcpy_chk_fail
 END(__memcpy_chk)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/generic/bionic/memcpy.S b/libc/arch-arm64/generic/bionic/memcpy.S
index baadb9204..bc1945c39 100644
--- a/libc/arch-arm64/generic/bionic/memcpy.S
+++ b/libc/arch-arm64/generic/bionic/memcpy.S
@@ -33,3 +33,5 @@
 ENTRY(__memcpy)
   #include "memcpy_base.S"
 END(__memcpy)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/generic/bionic/memmove.S b/libc/arch-arm64/generic/bionic/memmove.S
index 335b7d6ce..0f752ea4a 100644
--- a/libc/arch-arm64/generic/bionic/memmove.S
+++ b/libc/arch-arm64/generic/bionic/memmove.S
@@ -153,3 +153,5 @@ END(memmove)
 
 ALIAS_SYMBOL(memcpy, memmove)
 #endif
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/generic/bionic/memset.S b/libc/arch-arm64/generic/bionic/memset.S
index 12fc09db8..19d351098 100644
--- a/libc/arch-arm64/generic/bionic/memset.S
+++ b/libc/arch-arm64/generic/bionic/memset.S
@@ -249,3 +249,5 @@ L(zva_other):
 	b	L(tail64)
 
 END(memset)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/generic/bionic/wmemmove.S b/libc/arch-arm64/generic/bionic/wmemmove.S
index e4f67f759..b1305300a 100644
--- a/libc/arch-arm64/generic/bionic/wmemmove.S
+++ b/libc/arch-arm64/generic/bionic/wmemmove.S
@@ -28,3 +28,5 @@
 #define WMEMMOVE
 #include "memmove.S"
 #undef WMEMMOVE
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-arm64/static_function_dispatch.S b/libc/arch-arm64/static_function_dispatch.S
index 65a149202..161ece8ea 100644
--- a/libc/arch-arm64/static_function_dispatch.S
+++ b/libc/arch-arm64/static_function_dispatch.S
@@ -42,3 +42,5 @@ FUNCTION_DELEGATE(strcpy, __strcpy_aarch64_mte)
 FUNCTION_DELEGATE(strlen, __strlen_aarch64_mte)
 FUNCTION_DELEGATE(strrchr, __strrchr_aarch64_mte)
 FUNCTION_DELEGATE(strncmp, __strncmp_aarch64_mte)
+
+NOTE_GNU_PROPERTY()
diff --git a/libc/arch-common/bionic/crtbegin.c b/libc/arch-common/bionic/crtbegin.c
index b7043dcae..1f8dfd2c6 100644
--- a/libc/arch-common/bionic/crtbegin.c
+++ b/libc/arch-common/bionic/crtbegin.c
@@ -49,7 +49,7 @@ __used static void _start_main(void* raw_args) {
 #define POST "; .size _start, .-_start"
 
 #if defined(__aarch64__)
-__asm__(PRE "mov x0,sp; b _start_main" POST);
+__asm__(PRE "/* BTI J */ hint #36; mov x0,sp; b _start_main" POST);
 #elif defined(__arm__)
 __asm__(PRE "mov r0,sp; b _start_main" POST);
 #elif defined(__i386__)
diff --git a/libc/arch-common/bionic/crtbrand.S b/libc/arch-common/bionic/crtbrand.S
index 34d648062..3d80d7353 100644
--- a/libc/arch-common/bionic/crtbrand.S
+++ b/libc/arch-common/bionic/crtbrand.S
@@ -26,6 +26,12 @@
  * SUCH DAMAGE.
  */
 
+#if defined(__aarch64__)
+#include <private/bionic_asm_arm64.h>
+
+__bionic_asm_custom_note_gnu_section()
+#endif
+
   .section .note.android.ident,"a",%note
   .balign 4
   .type abitag, %object
diff --git a/libc/arch-common/bionic/crtend.S b/libc/arch-common/bionic/crtend.S
index 87d1120ab..0166428bc 100644
--- a/libc/arch-common/bionic/crtend.S
+++ b/libc/arch-common/bionic/crtend.S
@@ -28,6 +28,12 @@
 
 #include "asm_multiarch.h"
 
+#if defined(__aarch64__)
+#include <private/bionic_asm_arm64.h>
+
+__bionic_asm_custom_note_gnu_section()
+#endif
+
 	.section .preinit_array, "aw"
 	ASM_ALIGN_TO_PTR_SIZE
 	ASM_PTR_SIZE(0)
diff --git a/libc/arch-common/bionic/crtend_so.S b/libc/arch-common/bionic/crtend_so.S
index e7b8cac3e..426d098d8 100644
--- a/libc/arch-common/bionic/crtend_so.S
+++ b/libc/arch-common/bionic/crtend_so.S
@@ -26,6 +26,12 @@
  * SUCH DAMAGE.
  */
 
+#if defined(__aarch64__)
+#include <private/bionic_asm_arm64.h>
+
+__bionic_asm_custom_note_gnu_section()
+#endif
+
 #if defined(__linux__) && defined(__ELF__)
 	.section .note.GNU-stack,"",%progbits
 #endif
diff --git a/libc/private/bionic_asm.h b/libc/private/bionic_asm.h
index 6409563f2..6d4f7d52c 100644
--- a/libc/private/bionic_asm.h
+++ b/libc/private/bionic_asm.h
@@ -35,6 +35,7 @@
 #define __bionic_asm_custom_entry(f)
 #define __bionic_asm_custom_end(f)
 #define __bionic_asm_function_type @function
+#define __bionic_asm_custom_note_gnu_section()
 
 #if defined(__aarch64__)
 #include <private/bionic_asm_arm64.h>
@@ -83,4 +84,7 @@
     .globl alias; \
     .equ alias, original
 
+#define NOTE_GNU_PROPERTY() \
+    __bionic_asm_custom_note_gnu_section()
+
 #endif
diff --git a/libc/private/bionic_asm_arm64.h b/libc/private/bionic_asm_arm64.h
index 463ca312a..c11732ae8 100644
--- a/libc/private/bionic_asm_arm64.h
+++ b/libc/private/bionic_asm_arm64.h
@@ -41,3 +41,32 @@
 
 #undef __bionic_asm_function_type
 #define __bionic_asm_function_type %function
+
+#if defined(__ARM_FEATURE_BTI_DEFAULT)
+#define __bionic_asm_aarch64_feature_bti    (1 << 0)
+#undef __bionic_asm_custom_entry
+#define __bionic_asm_custom_entry(f)        hint #34  // BTI C
+#else
+#define __bionic_asm_aarch64_feature_bti    0
+#endif
+
+#if defined(__ARM_FEATURE_PAC_DEFAULT)
+#define __bionic_asm_aarch64_feature_pac    (1 << 1)
+#else
+#define __bionic_asm_aarch64_feature_pac    0
+#endif
+
+#undef __bionic_asm_custom_note_gnu_section
+#define __bionic_asm_custom_note_gnu_section() \
+    .pushsection .note.gnu.property, "a"; \
+    .balign 8; \
+    .long 4; \
+    .long 0x10; \
+    .long 0x5; /* NT_GNU_PROPERTY_TYPE_0 */ \
+    .asciz "GNU"; \
+    .long 0xc0000000; /* GNU_PROPERTY_AARCH64_FEATURE_1_AND */ \
+    .long 4; \
+    .long (__bionic_asm_aarch64_feature_pac | \
+           __bionic_asm_aarch64_feature_bti); \
+    .long 0; \
+    .popsection; \
diff --git a/libc/tools/gensyscalls.py b/libc/tools/gensyscalls.py
index 0271a04c5..0e0e25f62 100755
--- a/libc/tools/gensyscalls.py
+++ b/libc/tools/gensyscalls.py
@@ -459,6 +459,8 @@ def main(arch, syscall_file):
         if syscall.has_key("asm-%s" % arch):
             print(syscall["asm-%s" % arch])
 
+    if arch == 'arm64':
+        print('\nNOTE_GNU_PROPERTY()\n')
 
 if __name__ == "__main__":
     if len(sys.argv) < 2:
diff --git a/libm/arm64/lrint.S b/libm/arm64/lrint.S
index 5f95ae817..e835d0835 100644
--- a/libm/arm64/lrint.S
+++ b/libm/arm64/lrint.S
@@ -32,3 +32,5 @@ END(lrintf)
 ALIAS_SYMBOL(llrint, lrint);
 
 ALIAS_SYMBOL(llrintf, lrintf);
+
+NOTE_GNU_PROPERTY()
diff --git a/libm/arm64/sqrt.S b/libm/arm64/sqrt.S
index 3a58ef364..0659b13a8 100644
--- a/libm/arm64/sqrt.S
+++ b/libm/arm64/sqrt.S
@@ -25,3 +25,5 @@ ENTRY(sqrtf)
   fsqrt s0, s0
   ret
 END(sqrtf)
+
+NOTE_GNU_PROPERTY()