From 4bccc875d2ba5cf8f8484ae2aa83d0f1b7115f74 Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Sun, 29 Nov 2020 11:36:13 -0800
Subject: [PATCH] gold: Add endbr64 to IBT TLSDESC PLT entry

Gold generates:

 c10:   ff 35 da 23 00 00       push   0x23da(%rip)        # 2ff0 <_GLOBAL_OFFSET_TABLE_+0x8>
 c16:   f2 ff 25 c3 23 00 00    bnd jmp *0x23c3(%rip)        # 2fe0 <_DYNAMIC+0x260>
 c1d:   0f 1f 00                nopl   (%rax)

for IBT TLSDESC PLT entry which misses endbr64.  Add endbr64 to generate:

 c10:   f3 0f 1e fa             endbr64
 c14:   ff 35 d6 23 00 00       push   0x23d6(%rip)        # 2ff0 <_GLOBAL_OFFSET_TABLE_+0x8>
 c1a:   ff 25 c0 23 00 00       jmp    *0x23c0(%rip)        # 2fe0 <_DYNAMIC+0x260>

	PR ld/26972
	* x86_64.cc (Output_data_plt_x86_64_ibt::tlsdesc_plt_entry): Add
	endbr64.
	(Output_data_plt_x86_64_ibt::do_fill_tlsdesc_entry): Adjusted.
---
 gold/ChangeLog |  7 +++++++
 gold/x86_64.cc | 12 ++++++------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/gold/ChangeLog b/gold/ChangeLog
index 53bb030821c..a03163ebb8a 100644
--- a/gold/ChangeLog
+++ b/gold/ChangeLog
@@ -1,3 +1,10 @@
+2020-11-29  H.J. Lu  <hongjiu.lu@intel.com>
+
+	PR ld/26972
+	* x86_64.cc (Output_data_plt_x86_64_ibt::tlsdesc_plt_entry): Add
+	endbr64.
+	(Output_data_plt_x86_64_ibt::do_fill_tlsdesc_entry): Adjusted.
+
 2020-11-29  H.J. Lu  <hongjiu.lu@intel.com>
 
 	PR gold/26939
diff --git a/gold/x86_64.cc b/gold/x86_64.cc
index ddf4722160b..b570d6f439b 100644
--- a/gold/x86_64.cc
+++ b/gold/x86_64.cc
@@ -2480,11 +2480,11 @@ Output_data_plt_x86_64_ibt<size>::tlsdesc_plt_entry[plt_entry_size] =
 {
   // From Alexandre Oliva, "Thread-Local Storage Descriptors for IA32
   // and AMD64/EM64T", Version 0.9.4 (2005-10-10).
+  0xf3, 0x0f, 0x1e, 0xfa, // endbr64
   0xff, 0x35,		// pushq x(%rip)
   0, 0, 0, 0,		// replaced with address of linkmap GOT entry (at PLTGOT + 8)
-  0xf2, 0xff, 0x25,	// jmpq *y(%rip)
+  0xff, 0x25,		// jmpq *y(%rip)
   0, 0, 0, 0,		// replaced with offset of reserved TLSDESC_GOT entry
-  0x0f,	0x1f, 0		// nop
 };
 
 template<int size>
@@ -2498,15 +2498,15 @@ Output_data_plt_x86_64_ibt<size>::do_fill_tlsdesc_entry(
     unsigned int plt_offset)
 {
   memcpy(pov, tlsdesc_plt_entry, plt_entry_size);
-  elfcpp::Swap_unaligned<32, false>::writeval(pov + 2,
+  elfcpp::Swap_unaligned<32, false>::writeval(pov + 6,
 					      (got_address + 8
 					       - (plt_address + plt_offset
-						  + 6)));
-  elfcpp::Swap_unaligned<32, false>::writeval(pov + 9,
+						  + 10)));
+  elfcpp::Swap_unaligned<32, false>::writeval(pov + 12,
 					      (got_base
 					       + tlsdesc_got_offset
 					       - (plt_address + plt_offset
-						  + 13)));
+						  + 16)));
 }
 
 // The .eh_frame unwind information for the PLT.
-- 
2.30.2