CFI improvements to the AArch64 fiber implementation

Now the fiber implementation on AArch64 authenticates function
return addresses and includes the relevant BTI instructions.

Copyright (c) 2022, Arm Limited.

crates/fiber/src/arch/aarch64.S

@@ -16,6 +16,11 @@ GLOBL(wasmtime_fiber_switch)
 .p2align 2
 TYPE(wasmtime_fiber_switch)
 FUNCTION(wasmtime_fiber_switch):
+#if CFG_TARGET_OS_macos
+    hint #27 // pacibsp
+#else
+    hint #25 // paciasp
+#endif
     // Save all callee-saved registers on the stack since we're assuming
     // they're clobbered as a result of the stack switch.
     stp lr, fp, [sp, -16]!
@@ -48,6 +53,11 @@ FUNCTION(wasmtime_fiber_switch):
     ldp x22, x21, [sp], 16
     ldp x20, x19, [sp], 16
     ldp lr, fp, [sp], 16
+#if CFG_TARGET_OS_macos
+    hint #31 // autibsp
+#else
+    hint #29 // autiasp
+#endif
     ret
 SIZE(wasmtime_fiber_switch)
 
@@ -61,8 +71,17 @@ GLOBL(wasmtime_fiber_init)
 .p2align 2
 TYPE(wasmtime_fiber_init)
 FUNCTION(wasmtime_fiber_init):
-    adr x8, FUNCTION(wasmtime_fiber_start)
-    stp x0, x8, [x0, -0x28] // x0 => x19, x8 => lr
+    hint #34 // bti c
+    sub x16, x0, #16
+    // TODO: Use the PACGA instruction to authenticate the saved register state,
+    // which avoids creating signed pointers to wasmtime_fiber_start().
+    adr x17, FUNCTION(wasmtime_fiber_start)
+#if CFG_TARGET_OS_macos
+    hint #10 // pacib1716
+#else
+    hint #8 // pacia1716
+#endif
+    stp x0, x17, [x16, -0x18] // x0 => x19, x17 => lr
     stp x2, x1, [x0, -0x38] // x1 => x20, x2 => x21
 
     // `wasmtime_fiber_switch` has an 0xa0 byte stack, and we add 0x10 more for
@@ -87,6 +106,9 @@ FUNCTION(wasmtime_fiber_start):
         0x23, 0xa0, 0x1  /* DW_OP_plus_uconst 0xa0 */
 
     .cfi_rel_offset x29, -0x08
+#ifndef CFG_TARGET_OS_macos
+    .cfi_window_save
+#endif
     .cfi_rel_offset lr, -0x10
     .cfi_rel_offset x19, -0x18
     .cfi_rel_offset x20, -0x20