aarch64: Add GCS support for makecontext

Changed the makecontext logic: previously the first setcontext jumped
straight to the user callback function and the return address is set
to __startcontext. This does not work when GCS is enabled as the
integrity of the return address is protected, so instead the context
is setup such that setcontext jumps to __startcontext which calls the
user callback (passed in x20).

The map_shadow_stack syscall is used to allocate a suitably sized GCS
(which includes some reserved area to account for altstack signal
handlers and otherwise supports maximum number of 16 byte aligned
stack frames on the given stack) however the GCS is never freed as
the lifetime of ucontext and related stack is user managed.

1 files changed, 4 insertions, 0 deletions

diff --git a/sysdeps/unix/sysv/linux/aarch64/setcontext.S b/sysdeps/unix/sysv/linux/aarch64/setcontext.S
index c08e83ee60..6aa7236693 100644
--- a/sysdeps/unix/sysv/linux/aarch64/setcontext.S
+++ b/sysdeps/unix/sysv/linux/aarch64/setcontext.S
@@ -181,7 +181,11 @@ L(gcs_done):
 PSEUDO_END (__setcontext)
 weak_alias (__setcontext, setcontext)
 
+/* makecontext start function: receives uc_link in x19 and func in x20.
+   Arguments of func, x29, x30 and sp are set up by the caller.  */
 ENTRY (__startcontext)
+	cfi_undefined (x30)
+	blr	x20
 	mov	x0, x19
 	cbnz	x0, __setcontext
 1:	b       HIDDEN_JUMPTARGET (exit)