[PAuthABIELF64] Rewrite the section on ELF marking

Extract the common parts of all of the ELF marking schemes
into "Core Information". The ELF marking schemes now describe
how they encode the "Core Information". The compatibility model
is now written in terms of the "Core Information".

pauthabielf64/pauthabielf64.rst

@@ -847,20 +847,51 @@ language to signing schema is expected to evolve over time. Even if
 the low-level ELF extensions remain constant, a change to the
 high-level language mapping may result in incompatible ELF files.
 
-This document defines a default ELF marking schema and a base
-compatibility model. Platforms may define their own ELF marking and
-compatibility model that replace or extend the default ones.
+This document defines the core information that any ELF marking
+scheme must contain and the base compatibility model that uses that
+information.
+
+The default ELF marking scheme uses the Program Property note format
+defined in (`LINUX_ABI`_). An alternative encoding that uses a Arm
+defined Note section called ``.note.AARCH64-PAUTH-ABI-tag`` is defined
+for platforms that do not support Program Properties, or have legacy
+binaries from earlier versions of this specification. This is described
+in `Appendix Alternative ELF Marking Using SHT_NOTE section`_.
+
+Core information
+----------------
+
+The core information used by the base compatibility model is made up
+of two values, both of which must be present.
+
+* ``platform identifier`` is a 64-bit value that specifies the platform vendor. The
+  values of the ``platform identifier`` in the table below are reserved:
+
+.. table:: Reserved id
+
+    +-----------+-----------+
+    | Platform  | Hex value |
+    +===========+===========+
+    | Invalid   | 0x0       |
+    +-----------+-----------+
+    | Baremetal | 0x1       |
+    +-----------+-----------+
+
+* ``version number`` is a 64-bit value that identifies the signing
+  schema used by the ELF file. The meaning of the value is determined
+  by the platform vendor identified by the ``platform identifier``
+  above.
 
-`Appendix Alternative ELF Marking Using SHT_NOTE section`_ defines an
-alternative marking schema that uses a generic SHT_NOTE for platforms
-that do not support the ``.note.gnu.property`` section.
+The tuple of (``platform identifier``, ``version number``) equal to
+(0,0) is reserved to mean an ELF file incompatible with the PAuth ABI
+Extension to ELF for the Arm® 64-bit Architecture (AArch64).
 
 Default Marking Schema
 ----------------------
 
 The default ELF marking scheme for executables and shared-libraries
 uses the ``.note.gnu.property`` section. The format of this section is
-defined in (LINUX_ABI_).
+defined in (`LINUX_ABI`_).
 
 The following processor-specific program property types are defined:
 
@@ -873,74 +904,69 @@ The following processor-specific program property types are defined:
 Other processor-specific program property types defined by the 64-bit
 ABI for the Arm Architecture are defined in (SYSVABI64_).
 
-The format of the data in ``pr_data`` is two 64-bit words. With
-the first 64-bit word being a platform identifier, and the second
-64-bit word being a version number for the ABI for the platform
-identified for the first word.
+The format of the data in ``pr_data`` is two 64-bit words. With the
+first 64-bit word being the ``platform identifier``, and the second
+64-bit word being the ``version number``. Both of these form the
+information required in `Core Information`_ above.
 
-The following values of the platform identifier are reserved:
-
-    +-----------+-----------+
-    | Platform  | Hex value |
-    +===========+===========+
-    | Invalid   | 0x0       |
-    +-----------+-----------+
-    | Baremetal | 0x1       |
-    +-----------+-----------+
-
-The version number for the platform identifier is controlled by the
-object-producer based on the signing schema that has been used for
-pointers.
-
-This ABI reserves the combination of (platform identifier, version
-number) equal to (0,0) to represent an ELF file incompatible with this
-ABI.
-
-.note.gnu.properties are defined for relocatable objects. Arm intends
-to use build-attributes for relocatable-object ELF marking. This will
-be defined so that there is a 1:1 mapping between the program
-property and the build-attributes for PAuthABI.
+``.note.gnu.property`` sections can be used as ELF marking for
+relocatable objects as well as executables and shared libraries. Arm
+intends to use standardize build attributes for all relocatable-object
+ELF marking. When this change occurs the default ELF marking for
+relocatable objects will be updated to use build attributes.
 
 Base Compatibility Model
 ------------------------
 
 A per-ELF file marking scheme permits a coarse way of reasoning about
 compatibility.
 
-* The absence of a ``.note.AARCH64-PAUTH-ABI-tag`` section means no
-  information on how pointers are signed is available for this ELF
-  file.
+* All reasoning about compatibility is done using the `Core Information`_.
+  This permits an ELF file using the ``.note.gnu.property`` ELF marking to
+  be compared to an ELF file using the ``.note.AARCH64-PAUTH-ABI-tag`` ELF
+  marking.
+
+* If an ELF file contains multiple ELF markings of the `Core
+  Information`_, for example it contains both a ``.note.gnu.property``
+  section and a ``.note.AARCH64-PAUTH-ABI-tag`` section, then all
+  must encode the same `Core Information`_.
 
-* The presence of a ``.note.AARCH64-PAUTH-ABI-tag`` means that, if the
-  file contains pointers, they were signed in a compatible way with
-  the default signing rules for tuple (platform id, version number).
+* The absence of any ELF marking means no information on how pointers
+  are signed is available for this ELF file. When used in combination
+  with ELF files that contain ELF marking, then the file is assigned
+  the (``platform identifer``, ``version number``) of (0,0).
 
-* The result of a successful combination of
-  ``.note.AArch64-PAUTH-ABI-tag`` sections is a single
-  ``.note.AArch64-PAUTH-ABI-tag`` section containing the (platform id,
-  version number) tuple. The result of an unsuccesful combination must
-  be either a single ``.note.AArch64-PAUTH-ABI-tag`` section containing
-  a platform id with value Invalid, or no ``.note.AArch64-PAUTH-ABI-tag``
-  section written to the output file.
+* The presence of ELF marking means that, if the file contains
+  pointers, they were signed in a compatible way with the schema
+  identified in the (platform identifier, version number). `Core
+  Information`_.
 
-* The static linker may fault the combination of relocatable
-  objects that contain ``.note.AARCH64-PAUTH-ABI-tag`` sections with
-  incompatible (platform id, version number) tuples.
+* A combination of `Core Information`_ from two ELF files is
+  successful if the ``platform identifier`` values match and the
+  ``version numbers`` values match. All other combinations are
+  unsuccessful.
+
+* The result of a successful combination of `Core Information`_ is a
+  single ELF Marking containing the `Core Information`_. The result of
+  an unsuccesful combination must be either a single ELF marking with
+  (``platform identifer``, ``version number``) of (0,0), or no ELF
+  marking is written to the output file.
+
+* The static linker may choose to fault the unsuccessful combination
+  of `Core Information`_.
 
 * A dynamic loader may disable pointer authentication, or fault the
   program with an error message, in case it encounters an incompatible
-  ELF file. A file is incompatible with the loader in any of the
-  following cases:
-
-  * If section ``.note.AARCH64-PAUTH-ABI-tag`` is missing.
+  ELF file. A dynamic loader may consider the ELF file to be
+  incompatible with the PAuthABI in any of the following cases:
 
-  * If the (platform id, version number) tuple is not recognized.
+  * If no ELF marking is present.
 
-  * If the platform id is Invalid.
+  * If the (platform identifier, version number) from the `Core
+    Information`_ is not recognized by the loader.
 
-The combination of relocatable objects with
-``.note.AARCH64-PAUTH-ABI-tag`` and relocatable objects without a
-``.note.AARCH64-PAUTH-ABI-tag`` is not defined by this ABI.
+  * If the platform identifier from the `Core Information`_ is the
+    reservd Invalid value 0.
 
 Platforms may replace the base compatibility model with a
 platform-specific model.
@@ -1262,36 +1288,14 @@ be set.
 
 The ``namesz`` field shall be 4
 
-The ``descsz`` field must be at least 16. See ``desc`` below.
+The ``descsz`` field shall be 16. See ``desc`` below.
 
 The type field shall be ``NT_ARM_TYPE_PAUTH_ABI_TAG``, defined to the
 value 1.
 
 The ``name`` field shall be the null-terminated string ``ARM``.
 
-The first 16 bytes of the ``desc`` contain 2 64-bit words, with
-the first 64-bit word being a platform identifier, and the second
-64-bit word being a version number for the ABI for the platform
-identified for the first word. When ``descsz`` is larger than 16 the
-remainder of the contents of desc are defined by the (platform id,
-version number).
-
-The following values of the platform id are reserved:
-
-    +-----------+-----------+
-    | Platform  | Hex value |
-    +===========+===========+
-    | Invalid   | 0x0       |
-    +-----------+-----------+
-    | Baremetal | 0x1       |
-    +-----------+-----------+
-
-The version number in ``.note.AARCH64-PAUTH-ABI-tag`` is not directly
-related to the version number of this document. It is controlled by
-the object-producer based on the signing schema that has been used for
-pointers.
-
-If a file contains a section named ``.note.AARCH64-PAUTH-ABI-tag``,
-it must observe the entirety of the rules in this default marking
-schema. Generating such section with a platform-specific schema is
-forbidden.
+The ``desc`` contain 2 64-bit words. With the first 64-bit word being
+the ``platform identifier``, and the second 64-bit word being the
+``version number``. Both of these form the information required in
+`Core Information`_ above.