glibc/sysdeps/x86/Makefile

249 lines
8.5 KiB
Makefile
Raw Normal View History

Add _dl_x86_cpu_features to rtld_global This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so and initializes it early before __libc_start_main is called so that cpu_features is always available when it is used and we can avoid calling __init_cpu_features in IFUNC selectors. * sysdeps/i386/dl-machine.h: Include <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New. * sysdeps/i386/i686/cacheinfo.c (DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed. * sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch. * sysdeps/i386/i686/multiarch/Versions: Removed. * sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/i386/ldsodefs.h: Include <cpu-features.h>. * sysdeps/unix/sysv/linux/x86/Makefile (libpthread-sysdep_routines): Remove init-arch. * sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include <sysdeps/x86_64/dl-procinfo.c> instead of sysdeps/generic/dl-procinfo.c>. * sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers): Add cpu-features-offsets.sym and rtld-global-offsets.sym. [$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features. [$(subdir) == elf] (tests): Add tst-get-cpu-features. [$(subdir) == elf] (tests-static): Add tst-get-cpu-features-static. * sysdeps/x86/Versions: New file. * sysdeps/x86/cpu-features-offsets.sym: Likewise. * sysdeps/x86/cpu-features.c: Likewise. * sysdeps/x86/cpu-features.h: Likewise. * sysdeps/x86/dl-get-cpu-features.c: Likewise. * sysdeps/x86/libc-start.c: Likewise. * sysdeps/x86/rtld-global-offsets.sym: Likewise. * sysdeps/x86/tst-get-cpu-features-static.c: Likewise. * sysdeps/x86/tst-get-cpu-features.c: Likewise. * sysdeps/x86_64/dl-procinfo.c: Likewise. * sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed. Assume USE_MULTIARCH is defined and don't check it. (is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features). (is_amd): Likewise. (max_cpuid): Likewise. (intel_check_word): Likewise. (__cache_sysconf): Don't call __init_cpu_features. (__x86_preferred_memory_instruction): Removed. (init_cacheinfo): Don't call __init_cpu_features. Replace __cpu_features with GLRO(dl_x86_cpu_features). * sysdeps/x86_64/dl-machine.h: <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>. * sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch. * sysdeps/x86_64/multiarch/Versions: Removed. * sysdeps/x86_64/multiarch/cacheinfo.c: Likewise. * sysdeps/x86_64/multiarch/init-arch.c: Likewise. * sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 10:37:47 +00:00
ifeq ($(subdir),csu)
gen-as-const-headers += cpu-features-offsets.sym
Add _dl_x86_cpu_features to rtld_global This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so and initializes it early before __libc_start_main is called so that cpu_features is always available when it is used and we can avoid calling __init_cpu_features in IFUNC selectors. * sysdeps/i386/dl-machine.h: Include <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New. * sysdeps/i386/i686/cacheinfo.c (DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed. * sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch. * sysdeps/i386/i686/multiarch/Versions: Removed. * sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/i386/ldsodefs.h: Include <cpu-features.h>. * sysdeps/unix/sysv/linux/x86/Makefile (libpthread-sysdep_routines): Remove init-arch. * sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include <sysdeps/x86_64/dl-procinfo.c> instead of sysdeps/generic/dl-procinfo.c>. * sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers): Add cpu-features-offsets.sym and rtld-global-offsets.sym. [$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features. [$(subdir) == elf] (tests): Add tst-get-cpu-features. [$(subdir) == elf] (tests-static): Add tst-get-cpu-features-static. * sysdeps/x86/Versions: New file. * sysdeps/x86/cpu-features-offsets.sym: Likewise. * sysdeps/x86/cpu-features.c: Likewise. * sysdeps/x86/cpu-features.h: Likewise. * sysdeps/x86/dl-get-cpu-features.c: Likewise. * sysdeps/x86/libc-start.c: Likewise. * sysdeps/x86/rtld-global-offsets.sym: Likewise. * sysdeps/x86/tst-get-cpu-features-static.c: Likewise. * sysdeps/x86/tst-get-cpu-features.c: Likewise. * sysdeps/x86_64/dl-procinfo.c: Likewise. * sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed. Assume USE_MULTIARCH is defined and don't check it. (is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features). (is_amd): Likewise. (max_cpuid): Likewise. (intel_check_word): Likewise. (__cache_sysconf): Don't call __init_cpu_features. (__x86_preferred_memory_instruction): Removed. (init_cacheinfo): Don't call __init_cpu_features. Replace __cpu_features with GLRO(dl_x86_cpu_features). * sysdeps/x86_64/dl-machine.h: <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>. * sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch. * sysdeps/x86_64/multiarch/Versions: Removed. * sysdeps/x86_64/multiarch/cacheinfo.c: Likewise. * sysdeps/x86_64/multiarch/init-arch.c: Likewise. * sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 10:37:47 +00:00
endif
ifeq ($(subdir),elf)
<sys/platform/x86.h>: Remove the C preprocessor magic In <sys/platform/x86.h>, define CPU features as enum instead of using the C preprocessor magic to make it easier to wrap this functionality in other languages. Move the C preprocessor magic to internal header for better GCC codegen when more than one features are checked in a single expression as in x86-64 dl-hwcaps-subdirs.c. 1. Rename COMMON_CPUID_INDEX_XXX to CPUID_INDEX_XXX. 2. Move CPUID_INDEX_MAX to sysdeps/x86/include/cpu-features.h. 3. Remove struct cpu_features and __x86_get_cpu_features from <sys/platform/x86.h>. 4. Add __x86_get_cpuid_feature_leaf to <sys/platform/x86.h> and put it in libc. 5. Make __get_cpu_features() private to glibc. 6. Replace __x86_get_cpu_features(N) with __get_cpu_features(). 7. Add _dl_x86_get_cpu_features to GLIBC_PRIVATE. 8. Use a single enum index for each CPU feature detection. 9. Pass the CPUID feature leaf to __x86_get_cpuid_feature_leaf. 10. Return zero struct cpuid_feature for the older glibc binary with a smaller CPUID_INDEX_MAX [BZ #27104]. 11. Inside glibc, use the C preprocessor magic so that cpu_features data can be loaded just once leading to more compact code for glibc. 256 bits are used for each CPUID leaf. Some leaves only contain a few features. We can add exceptions to such leaves. But it will increase code sizes and it is harder to provide backward/forward compatibilities when new features are added to such leaves in the future. When new leaves are added, _rtld_global_ro offsets will change which leads to race condition during in-place updates. We may avoid in-place updates by 1. Rename the old glibc. 2. Install the new glibc. 3. Remove the old glibc. NB: A function, __x86_get_cpuid_feature_leaf , is used to avoid the copy relocation issue with IFUNC resolver as shown in IFUNC resolver tests.
2020-12-25 15:30:46 +00:00
sysdep_routines += get-cpuid-feature-leaf
Add _dl_x86_cpu_features to rtld_global This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so and initializes it early before __libc_start_main is called so that cpu_features is always available when it is used and we can avoid calling __init_cpu_features in IFUNC selectors. * sysdeps/i386/dl-machine.h: Include <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New. * sysdeps/i386/i686/cacheinfo.c (DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed. * sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch. * sysdeps/i386/i686/multiarch/Versions: Removed. * sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/i386/ldsodefs.h: Include <cpu-features.h>. * sysdeps/unix/sysv/linux/x86/Makefile (libpthread-sysdep_routines): Remove init-arch. * sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include <sysdeps/x86_64/dl-procinfo.c> instead of sysdeps/generic/dl-procinfo.c>. * sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers): Add cpu-features-offsets.sym and rtld-global-offsets.sym. [$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features. [$(subdir) == elf] (tests): Add tst-get-cpu-features. [$(subdir) == elf] (tests-static): Add tst-get-cpu-features-static. * sysdeps/x86/Versions: New file. * sysdeps/x86/cpu-features-offsets.sym: Likewise. * sysdeps/x86/cpu-features.c: Likewise. * sysdeps/x86/cpu-features.h: Likewise. * sysdeps/x86/dl-get-cpu-features.c: Likewise. * sysdeps/x86/libc-start.c: Likewise. * sysdeps/x86/rtld-global-offsets.sym: Likewise. * sysdeps/x86/tst-get-cpu-features-static.c: Likewise. * sysdeps/x86/tst-get-cpu-features.c: Likewise. * sysdeps/x86_64/dl-procinfo.c: Likewise. * sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed. Assume USE_MULTIARCH is defined and don't check it. (is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features). (is_amd): Likewise. (max_cpuid): Likewise. (intel_check_word): Likewise. (__cache_sysconf): Don't call __init_cpu_features. (__x86_preferred_memory_instruction): Removed. (init_cacheinfo): Don't call __init_cpu_features. Replace __cpu_features with GLRO(dl_x86_cpu_features). * sysdeps/x86_64/dl-machine.h: <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>. * sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch. * sysdeps/x86_64/multiarch/Versions: Removed. * sysdeps/x86_64/multiarch/cacheinfo.c: Likewise. * sysdeps/x86_64/multiarch/init-arch.c: Likewise. * sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 10:37:47 +00:00
sysdep-dl-routines += dl-get-cpu-features
x86: Install <sys/platform/x86.h> [BZ #26124] Install <sys/platform/x86.h> so that programmers can do #if __has_include(<sys/platform/x86.h>) #include <sys/platform/x86.h> #endif ... if (CPU_FEATURE_USABLE (SSE2)) ... if (CPU_FEATURE_USABLE (AVX2)) ... <sys/platform/x86.h> exports only: enum { COMMON_CPUID_INDEX_1 = 0, COMMON_CPUID_INDEX_7, COMMON_CPUID_INDEX_80000001, COMMON_CPUID_INDEX_D_ECX_1, COMMON_CPUID_INDEX_80000007, COMMON_CPUID_INDEX_80000008, COMMON_CPUID_INDEX_7_ECX_1, /* Keep the following line at the end. */ COMMON_CPUID_INDEX_MAX }; struct cpuid_features { struct cpuid_registers cpuid; struct cpuid_registers usable; }; struct cpu_features { struct cpu_features_basic basic; struct cpuid_features features[COMMON_CPUID_INDEX_MAX]; }; /* Get a pointer to the CPU features structure. */ extern const struct cpu_features *__x86_get_cpu_features (unsigned int max) __attribute__ ((const)); Since all feature checks are done through macros, programs compiled with a newer <sys/platform/x86.h> are compatible with the older glibc binaries as long as the layout of struct cpu_features is identical. The features array can be expanded with backward binary compatibility for both .o and .so files. When COMMON_CPUID_INDEX_MAX is increased to support new processor features, __x86_get_cpu_features in the older glibc binaries returns NULL and HAS_CPU_FEATURE/CPU_FEATURE_USABLE return false on the new processor feature. No new symbol version is neeeded. Both CPU_FEATURE_USABLE and HAS_CPU_FEATURE are provided. HAS_CPU_FEATURE can be used to identify processor features. Note: Although GCC has __builtin_cpu_supports, it only supports a subset of <sys/platform/x86.h> and it is equivalent to CPU_FEATURE_USABLE. It doesn't support HAS_CPU_FEATURE.
2020-06-30 01:30:54 +00:00
sysdep_headers += sys/platform/x86.h
Add _dl_x86_cpu_features to rtld_global This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so and initializes it early before __libc_start_main is called so that cpu_features is always available when it is used and we can avoid calling __init_cpu_features in IFUNC selectors. * sysdeps/i386/dl-machine.h: Include <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New. * sysdeps/i386/i686/cacheinfo.c (DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed. * sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch. * sysdeps/i386/i686/multiarch/Versions: Removed. * sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/i386/ldsodefs.h: Include <cpu-features.h>. * sysdeps/unix/sysv/linux/x86/Makefile (libpthread-sysdep_routines): Remove init-arch. * sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include <sysdeps/x86_64/dl-procinfo.c> instead of sysdeps/generic/dl-procinfo.c>. * sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers): Add cpu-features-offsets.sym and rtld-global-offsets.sym. [$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features. [$(subdir) == elf] (tests): Add tst-get-cpu-features. [$(subdir) == elf] (tests-static): Add tst-get-cpu-features-static. * sysdeps/x86/Versions: New file. * sysdeps/x86/cpu-features-offsets.sym: Likewise. * sysdeps/x86/cpu-features.c: Likewise. * sysdeps/x86/cpu-features.h: Likewise. * sysdeps/x86/dl-get-cpu-features.c: Likewise. * sysdeps/x86/libc-start.c: Likewise. * sysdeps/x86/rtld-global-offsets.sym: Likewise. * sysdeps/x86/tst-get-cpu-features-static.c: Likewise. * sysdeps/x86/tst-get-cpu-features.c: Likewise. * sysdeps/x86_64/dl-procinfo.c: Likewise. * sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed. Assume USE_MULTIARCH is defined and don't check it. (is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features). (is_amd): Likewise. (max_cpuid): Likewise. (intel_check_word): Likewise. (__cache_sysconf): Don't call __init_cpu_features. (__x86_preferred_memory_instruction): Removed. (init_cacheinfo): Don't call __init_cpu_features. Replace __cpu_features with GLRO(dl_x86_cpu_features). * sysdeps/x86_64/dl-machine.h: <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>. * sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch. * sysdeps/x86_64/multiarch/Versions: Removed. * sysdeps/x86_64/multiarch/cacheinfo.c: Likewise. * sysdeps/x86_64/multiarch/init-arch.c: Likewise. * sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 10:37:47 +00:00
CFLAGS-get-cpuid-feature-leaf.o += $(no-stack-protector)
x86: Install <sys/platform/x86.h> [BZ #26124] Install <sys/platform/x86.h> so that programmers can do #if __has_include(<sys/platform/x86.h>) #include <sys/platform/x86.h> #endif ... if (CPU_FEATURE_USABLE (SSE2)) ... if (CPU_FEATURE_USABLE (AVX2)) ... <sys/platform/x86.h> exports only: enum { COMMON_CPUID_INDEX_1 = 0, COMMON_CPUID_INDEX_7, COMMON_CPUID_INDEX_80000001, COMMON_CPUID_INDEX_D_ECX_1, COMMON_CPUID_INDEX_80000007, COMMON_CPUID_INDEX_80000008, COMMON_CPUID_INDEX_7_ECX_1, /* Keep the following line at the end. */ COMMON_CPUID_INDEX_MAX }; struct cpuid_features { struct cpuid_registers cpuid; struct cpuid_registers usable; }; struct cpu_features { struct cpu_features_basic basic; struct cpuid_features features[COMMON_CPUID_INDEX_MAX]; }; /* Get a pointer to the CPU features structure. */ extern const struct cpu_features *__x86_get_cpu_features (unsigned int max) __attribute__ ((const)); Since all feature checks are done through macros, programs compiled with a newer <sys/platform/x86.h> are compatible with the older glibc binaries as long as the layout of struct cpu_features is identical. The features array can be expanded with backward binary compatibility for both .o and .so files. When COMMON_CPUID_INDEX_MAX is increased to support new processor features, __x86_get_cpu_features in the older glibc binaries returns NULL and HAS_CPU_FEATURE/CPU_FEATURE_USABLE return false on the new processor feature. No new symbol version is neeeded. Both CPU_FEATURE_USABLE and HAS_CPU_FEATURE are provided. HAS_CPU_FEATURE can be used to identify processor features. Note: Although GCC has __builtin_cpu_supports, it only supports a subset of <sys/platform/x86.h> and it is equivalent to CPU_FEATURE_USABLE. It doesn't support HAS_CPU_FEATURE.
2020-06-30 01:30:54 +00:00
tests += tst-get-cpu-features tst-get-cpu-features-static \
tst-cpu-features-cpuinfo tst-cpu-features-cpuinfo-static \
tst-cpu-features-supports tst-cpu-features-supports-static
tests-static += tst-get-cpu-features-static \
tst-cpu-features-cpuinfo-static \
tst-cpu-features-supports-static
ifeq (yes,$(have-ifunc))
ifeq (yes,$(have-gcc-ifunc))
tests += \
tst-ifunc-isa-1 \
tst-ifunc-isa-1-static \
tst-ifunc-isa-2 \
tst-ifunc-isa-2-static
tests-static += \
tst-ifunc-isa-1-static \
tst-ifunc-isa-2-static
endif
endif
x86: Support GNU_PROPERTY_X86_ISA_1_V[234] marker [BZ #26717] GCC 11 supports -march=x86-64-v[234] to enable x86 micro-architecture ISA levels: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97250 and -mneeded to emit GNU_PROPERTY_X86_ISA_1_NEEDED property with GNU_PROPERTY_X86_ISA_1_V[234] marker: https://gitlab.com/x86-psABIs/x86-64-ABI/-/merge_requests/13 Binutils support for GNU_PROPERTY_X86_ISA_1_V[234] marker were added by commit b0ab06937385e0ae25cebf1991787d64f439bf12 Author: H.J. Lu <hjl.tools@gmail.com> Date: Fri Oct 30 06:49:57 2020 -0700 x86: Support GNU_PROPERTY_X86_ISA_1_BASELINE marker and commit 32930e4edbc06bc6f10c435dbcc63131715df678 Author: H.J. Lu <hjl.tools@gmail.com> Date: Fri Oct 9 05:05:57 2020 -0700 x86: Support GNU_PROPERTY_X86_ISA_1_V[234] marker GNU_PROPERTY_X86_ISA_1_NEEDED property in x86 ELF binaries indicate the micro-architecture ISA level required to execute the binary. The marker must be added by programmers explicitly in one of 3 ways: 1. Pass -mneeded to GCC. 2. Add the marker in the linker inputs as this patch does. 3. Pass -z x86-64-v[234] to the linker. Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234] marker support to ld.so if binutils 2.32 or newer is used to build glibc: 1. Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234] markers to elf.h. 2. Add GNU_PROPERTY_X86_ISA_1_BASELINE and GNU_PROPERTY_X86_ISA_1_V[234] marker to abi-note.o based on the ISA level used to compile abi-note.o, assuming that the same ISA level is used to compile the whole glibc. 3. Add isa_1 to cpu_features to record the supported x86 ISA level. 4. Rename _dl_process_cet_property_note to _dl_process_property_note and add GNU_PROPERTY_X86_ISA_1_V[234] marker detection. 5. Update _rtld_main_check and _dl_open_check to check loaded objects with the incompatible ISA level. 6. Add a testcase to verify that dlopen an x86-64-v4 shared object fails on lesser platforms. 7. Use <get-isa-level.h> in dl-hwcaps-subdirs.c and tst-glibc-hwcaps.c. Tested under i686, x32 and x86-64 modes on x86-64-v2, x86-64-v3 and x86-64-v4 machines. Marked elf/tst-isa-level-1 with x86-64-v4, ran it on x86-64-v3 machine and got: [hjl@gnu-cfl-2 build-x86_64-linux]$ ./elf/tst-isa-level-1 ./elf/tst-isa-level-1: CPU ISA level is lower than required [hjl@gnu-cfl-2 build-x86_64-linux]$
2020-10-09 13:06:56 +00:00
ifeq (yes,$(enable-x86-isa-level))
tests += tst-isa-level-1
modules-names += tst-isa-level-mod-1-baseline \
tst-isa-level-mod-1-v2 \
tst-isa-level-mod-1-v3 \
tst-isa-level-mod-1-v4 \
# X86 ISA level baseline
CFLAGS-tst-isa-level-mod-1-baseline.c += -DINCLUDE_X86_ISA_LEVEL \
-DISA_LEVEL=0x1 \
-march=x86-64
# X86 ISA level v2
CFLAGS-tst-isa-level-mod-1-v2.c += -DINCLUDE_X86_ISA_LEVEL \
-DISA_LEVEL=0x3 \
-march=x86-64
# X86 ISA level v3
CFLAGS-tst-isa-level-mod-1-v3.c += -DINCLUDE_X86_ISA_LEVEL \
-DISA_LEVEL=0x7 \
-march=x86-64
# X86 ISA level v4
CFLAGS-tst-isa-level-mod-1-v4.c += -DINCLUDE_X86_ISA_LEVEL \
-DISA_LEVEL=0xf \
-march=x86-64
$(objpfx)tst-isa-level-1: $(libdl)
$(objpfx)tst-isa-level-1.out: $(objpfx)tst-isa-level-mod-1-baseline.so \
$(objpfx)tst-isa-level-mod-1-v2.so \
$(objpfx)tst-isa-level-mod-1-v3.so \
$(objpfx)tst-isa-level-mod-1-v4.so
endif
ifneq ($(have-tunables),no)
tst-ifunc-isa-2-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-SSE4_2,-AVX,-AVX2,-AVX512F
tst-ifunc-isa-2-static-ENV = $(tst-ifunc-isa-2-ENV)
endif
Add _dl_x86_cpu_features to rtld_global This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so and initializes it early before __libc_start_main is called so that cpu_features is always available when it is used and we can avoid calling __init_cpu_features in IFUNC selectors. * sysdeps/i386/dl-machine.h: Include <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New. * sysdeps/i386/i686/cacheinfo.c (DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed. * sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch. * sysdeps/i386/i686/multiarch/Versions: Removed. * sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/i386/ldsodefs.h: Include <cpu-features.h>. * sysdeps/unix/sysv/linux/x86/Makefile (libpthread-sysdep_routines): Remove init-arch. * sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include <sysdeps/x86_64/dl-procinfo.c> instead of sysdeps/generic/dl-procinfo.c>. * sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers): Add cpu-features-offsets.sym and rtld-global-offsets.sym. [$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features. [$(subdir) == elf] (tests): Add tst-get-cpu-features. [$(subdir) == elf] (tests-static): Add tst-get-cpu-features-static. * sysdeps/x86/Versions: New file. * sysdeps/x86/cpu-features-offsets.sym: Likewise. * sysdeps/x86/cpu-features.c: Likewise. * sysdeps/x86/cpu-features.h: Likewise. * sysdeps/x86/dl-get-cpu-features.c: Likewise. * sysdeps/x86/libc-start.c: Likewise. * sysdeps/x86/rtld-global-offsets.sym: Likewise. * sysdeps/x86/tst-get-cpu-features-static.c: Likewise. * sysdeps/x86/tst-get-cpu-features.c: Likewise. * sysdeps/x86_64/dl-procinfo.c: Likewise. * sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed. Assume USE_MULTIARCH is defined and don't check it. (is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features). (is_amd): Likewise. (max_cpuid): Likewise. (intel_check_word): Likewise. (__cache_sysconf): Don't call __init_cpu_features. (__x86_preferred_memory_instruction): Removed. (init_cacheinfo): Don't call __init_cpu_features. Replace __cpu_features with GLRO(dl_x86_cpu_features). * sysdeps/x86_64/dl-machine.h: <cpu-features.c>. (dl_platform_init): Call init_cpu_features. * sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>. * sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch. * sysdeps/x86_64/multiarch/Versions: Removed. * sysdeps/x86_64/multiarch/cacheinfo.c: Likewise. * sysdeps/x86_64/multiarch/init-arch.c: Likewise. * sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET): Removed. * sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 10:37:47 +00:00
endif
x86: Use pad in pthread_unwind_buf to preserve shadow stack register The pad array in struct pthread_unwind_buf is used by setjmp to save shadow stack register. We assert that size of struct pthread_unwind_buf is no less than offset of shadow stack pointer + shadow stack pointer size. Since functions, like LIBC_START_MAIN, START_THREAD_DEFN as well as these with thread cancellation, call setjmp, but never return after __libc_unwind_longjmp, __libc_unwind_longjmp, which is defined as __libc_longjmp on x86, doesn't need to restore shadow stack register. __libc_longjmp, which is a private interface for thread cancellation implementation in libpthread, is changed to call __longjmp_cancel, instead of __longjmp. __longjmp_cancel is a new internal function in libc, which is similar to __longjmp, but doesn't restore shadow stack register. The compatibility longjmp and siglongjmp in libpthread.so are changed to call __libc_siglongjmp, instead of __libc_longjmp, so that they will restore shadow stack register. Tested with build-many-glibcs.py. Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com> * nptl/pthread_create.c (START_THREAD_DEFN): Clear previous handlers after setjmp. * setjmp/longjmp.c (__libc_longjmp): Don't define alias if defined. * sysdeps/unix/sysv/linux/x86/setjmpP.h: Include <libc-pointer-arith.h>. (_JUMP_BUF_SIGSET_BITS_PER_WORD): New. (_JUMP_BUF_SIGSET_NSIG): Changed to 96. (_JUMP_BUF_SIGSET_NWORDS): Changed to use ALIGN_UP and _JUMP_BUF_SIGSET_BITS_PER_WORD. * sysdeps/x86/Makefile (sysdep_routines): Add __longjmp_cancel. * sysdeps/x86/__longjmp_cancel.S: New file. * sysdeps/x86/longjmp.c: Likewise. * sysdeps/x86/nptl/pt-longjmp.c: Likewise.
2018-05-02 13:17:20 +00:00
ifeq ($(subdir),math)
tests += tst-ldbl-nonnormal-printf
endif # $(subdir) == math
x86: Use pad in pthread_unwind_buf to preserve shadow stack register The pad array in struct pthread_unwind_buf is used by setjmp to save shadow stack register. We assert that size of struct pthread_unwind_buf is no less than offset of shadow stack pointer + shadow stack pointer size. Since functions, like LIBC_START_MAIN, START_THREAD_DEFN as well as these with thread cancellation, call setjmp, but never return after __libc_unwind_longjmp, __libc_unwind_longjmp, which is defined as __libc_longjmp on x86, doesn't need to restore shadow stack register. __libc_longjmp, which is a private interface for thread cancellation implementation in libpthread, is changed to call __longjmp_cancel, instead of __longjmp. __longjmp_cancel is a new internal function in libc, which is similar to __longjmp, but doesn't restore shadow stack register. The compatibility longjmp and siglongjmp in libpthread.so are changed to call __libc_siglongjmp, instead of __libc_longjmp, so that they will restore shadow stack register. Tested with build-many-glibcs.py. Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com> * nptl/pthread_create.c (START_THREAD_DEFN): Clear previous handlers after setjmp. * setjmp/longjmp.c (__libc_longjmp): Don't define alias if defined. * sysdeps/unix/sysv/linux/x86/setjmpP.h: Include <libc-pointer-arith.h>. (_JUMP_BUF_SIGSET_BITS_PER_WORD): New. (_JUMP_BUF_SIGSET_NSIG): Changed to 96. (_JUMP_BUF_SIGSET_NWORDS): Changed to use ALIGN_UP and _JUMP_BUF_SIGSET_BITS_PER_WORD. * sysdeps/x86/Makefile (sysdep_routines): Add __longjmp_cancel. * sysdeps/x86/__longjmp_cancel.S: New file. * sysdeps/x86/longjmp.c: Likewise. * sysdeps/x86/nptl/pt-longjmp.c: Likewise.
2018-05-02 13:17:20 +00:00
ifeq ($(subdir),setjmp)
x86: Support shadow stack pointer in setjmp/longjmp Save and restore shadow stack pointer in setjmp and longjmp to support shadow stack in Intel CET. Use feature_1 in tcbhead_t to check if shadow stack is enabled before saving and restoring shadow stack pointer. Reviewed-by: Carlos O'Donell <carlos@redhat.com> * sysdeps/i386/__longjmp.S: Include <jmp_buf-ssp.h>. (__longjmp): Restore shadow stack pointer if shadow stack is enabled, SHADOW_STACK_POINTER_OFFSET is defined and __longjmp isn't defined for __longjmp_cancel. * sysdeps/i386/bsd-_setjmp.S: Include <jmp_buf-ssp.h>. (_setjmp): Save shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined. * sysdeps/i386/bsd-setjmp.S: Include <jmp_buf-ssp.h>. (setjmp): Save shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined. * sysdeps/i386/setjmp.S: Include <jmp_buf-ssp.h>. (__sigsetjmp): Save shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined. * sysdeps/unix/sysv/linux/i386/____longjmp_chk.S: Include <jmp_buf-ssp.h>. (____longjmp_chk): Restore shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined. * sysdeps/unix/sysv/linux/x86/Makefile (gen-as-const-headers): Remove jmp_buf-ssp.sym. * sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S: Include <jmp_buf-ssp.h>. (____longjmp_chk): Restore shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined. * sysdeps/x86/Makefile (gen-as-const-headers): Add jmp_buf-ssp.sym. * sysdeps/x86/jmp_buf-ssp.sym: New dummy file. * sysdeps/x86_64/__longjmp.S: Include <jmp_buf-ssp.h>. (__longjmp): Restore shadow stack pointer if shadow stack is enabled, SHADOW_STACK_POINTER_OFFSET is defined and __longjmp isn't defined for __longjmp_cancel. * sysdeps/x86_64/setjmp.S: Include <jmp_buf-ssp.h>. (__sigsetjmp): Save shadow stack pointer if shadow stack is enabled and SHADOW_STACK_POINTER_OFFSET is defined.
2018-07-14 12:59:29 +00:00
gen-as-const-headers += jmp_buf-ssp.sym
x86: Use pad in pthread_unwind_buf to preserve shadow stack register The pad array in struct pthread_unwind_buf is used by setjmp to save shadow stack register. We assert that size of struct pthread_unwind_buf is no less than offset of shadow stack pointer + shadow stack pointer size. Since functions, like LIBC_START_MAIN, START_THREAD_DEFN as well as these with thread cancellation, call setjmp, but never return after __libc_unwind_longjmp, __libc_unwind_longjmp, which is defined as __libc_longjmp on x86, doesn't need to restore shadow stack register. __libc_longjmp, which is a private interface for thread cancellation implementation in libpthread, is changed to call __longjmp_cancel, instead of __longjmp. __longjmp_cancel is a new internal function in libc, which is similar to __longjmp, but doesn't restore shadow stack register. The compatibility longjmp and siglongjmp in libpthread.so are changed to call __libc_siglongjmp, instead of __libc_longjmp, so that they will restore shadow stack register. Tested with build-many-glibcs.py. Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com> * nptl/pthread_create.c (START_THREAD_DEFN): Clear previous handlers after setjmp. * setjmp/longjmp.c (__libc_longjmp): Don't define alias if defined. * sysdeps/unix/sysv/linux/x86/setjmpP.h: Include <libc-pointer-arith.h>. (_JUMP_BUF_SIGSET_BITS_PER_WORD): New. (_JUMP_BUF_SIGSET_NSIG): Changed to 96. (_JUMP_BUF_SIGSET_NWORDS): Changed to use ALIGN_UP and _JUMP_BUF_SIGSET_BITS_PER_WORD. * sysdeps/x86/Makefile (sysdep_routines): Add __longjmp_cancel. * sysdeps/x86/__longjmp_cancel.S: New file. * sysdeps/x86/longjmp.c: Likewise. * sysdeps/x86/nptl/pt-longjmp.c: Likewise.
2018-05-02 13:17:20 +00:00
sysdep_routines += __longjmp_cancel
ifneq ($(enable-cet),no)
ifneq ($(have-tunables),no)
tests += tst-setjmp-cet
tst-setjmp-cet-ENV = GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on
endif
endif
x86: Use pad in pthread_unwind_buf to preserve shadow stack register The pad array in struct pthread_unwind_buf is used by setjmp to save shadow stack register. We assert that size of struct pthread_unwind_buf is no less than offset of shadow stack pointer + shadow stack pointer size. Since functions, like LIBC_START_MAIN, START_THREAD_DEFN as well as these with thread cancellation, call setjmp, but never return after __libc_unwind_longjmp, __libc_unwind_longjmp, which is defined as __libc_longjmp on x86, doesn't need to restore shadow stack register. __libc_longjmp, which is a private interface for thread cancellation implementation in libpthread, is changed to call __longjmp_cancel, instead of __longjmp. __longjmp_cancel is a new internal function in libc, which is similar to __longjmp, but doesn't restore shadow stack register. The compatibility longjmp and siglongjmp in libpthread.so are changed to call __libc_siglongjmp, instead of __libc_longjmp, so that they will restore shadow stack register. Tested with build-many-glibcs.py. Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Carlos O'Donell <carlos@redhat.com> * nptl/pthread_create.c (START_THREAD_DEFN): Clear previous handlers after setjmp. * setjmp/longjmp.c (__libc_longjmp): Don't define alias if defined. * sysdeps/unix/sysv/linux/x86/setjmpP.h: Include <libc-pointer-arith.h>. (_JUMP_BUF_SIGSET_BITS_PER_WORD): New. (_JUMP_BUF_SIGSET_NSIG): Changed to 96. (_JUMP_BUF_SIGSET_NWORDS): Changed to use ALIGN_UP and _JUMP_BUF_SIGSET_BITS_PER_WORD. * sysdeps/x86/Makefile (sysdep_routines): Add __longjmp_cancel. * sysdeps/x86/__longjmp_cancel.S: New file. * sysdeps/x86/longjmp.c: Likewise. * sysdeps/x86/nptl/pt-longjmp.c: Likewise.
2018-05-02 13:17:20 +00:00
endif
x86: Support IBT and SHSTK in Intel CET [BZ #21598] Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en forcement-technology-preview.pdf includes Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK). GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on output only if it is set on all relocatable inputs. On an IBT capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable IBT and lock IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the executable. 2. When loading an executable with an interpreter, enable IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_IBT isn't set on the executable, disable IBT. b. Lock IBT. 3. If IBT is enabled, when loading a shared object without GNU_PROPERTY_X86_FEATURE_1_IBT: a. If legacy interwork is allowed, then mark all pages in executable PT_LOAD segments in legacy code page bitmap. Failure of legacy code page bitmap allocation causes an error. b. If legacy interwork isn't allowed, it causes an error. GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to indicate that all executable sections are compatible with SHSTK where return address popped from shadow stack always matches return address popped from normal stack. Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK on output only if it is set on all relocatable inputs. On a SHSTK capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on the executable. 2. When loading an executable with an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_SHSTK isn't set on the executable or any shared objects loaded via the DT_NEEDED tag, disable SHSTK. b. Otherwise lock SHSTK. 3. After SHSTK is enabled, it is an error to load a shared object without GNU_PROPERTY_X86_FEATURE_1_SHSTK. To enable CET support in glibc, --enable-cet is required to configure glibc. When CET is enabled, both compiler and assembler must support CET. Otherwise, it is a configure-time error. To support CET run-time control, 1. _dl_x86_feature_1 is added to the writable ld.so namespace to indicate if IBT or SHSTK are enabled at run-time. It should be initialized by init_cpu_features. 2. For dynamic executables: a. A l_cet field is added to struct link_map to indicate if IBT or SHSTK is enabled in an ELF module. _dl_process_pt_note or _rtld_process_pt_note is called to process PT_NOTE segment for GNU program property and set l_cet. b. _dl_open_check is added to check IBT and SHSTK compatibilty when dlopening a shared object. 3. Replace i386 _dl_runtime_resolve and _dl_runtime_profile with _dl_runtime_resolve_shstk and _dl_runtime_profile_shstk, respectively if SHSTK is enabled. CET run-time control can be changed via GLIBC_TUNABLES with $ export GLIBC_TUNABLES=glibc.tune.x86_shstk=[permissive|on|off] $ export GLIBC_TUNABLES=glibc.tune.x86_ibt=[permissive|on|off] 1. permissive: SHSTK is disabled when dlopening a legacy ELF module. 2. on: IBT or SHSTK are always enabled, regardless if there are IBT or SHSTK bits in GNU program property. 3. off: IBT or SHSTK are always disabled, regardless if there are IBT or SHSTK bits in GNU program property. <cet.h> from CET-enabled GCC is automatically included by assembly codes to add GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK to GNU program property. _CET_ENDBR is added at the entrance of all assembly functions whose address may be taken. _CET_NOTRACK is used to insert NOTRACK prefix with indirect jump table to support IBT. It is defined as notrack when _CET_NOTRACK is defined in <cet.h>. [BZ #21598] * configure.ac: Add --enable-cet. * configure: Regenerated. * elf/Makefille (all-built-dso): Add a comment. * elf/dl-load.c (filebuf): Moved before "dynamic-link.h". Include <dl-prop.h>. (_dl_map_object_from_fd): Call _dl_process_pt_note on PT_NOTE segment. * elf/dl-open.c: Include <dl-prop.h>. (dl_open_worker): Call _dl_open_check. * elf/rtld.c: Include <dl-prop.h>. (dl_main): Call _rtld_process_pt_note on PT_NOTE segment. Call _rtld_main_check. * sysdeps/generic/dl-prop.h: New file. * sysdeps/i386/dl-cet.c: Likewise. * sysdeps/unix/sysv/linux/x86/cpu-features.c: Likewise. * sysdeps/unix/sysv/linux/x86/dl-cet.h: Likewise. * sysdeps/x86/cet-tunables.h: Likewise. * sysdeps/x86/check-cet.awk: Likewise. * sysdeps/x86/configure: Likewise. * sysdeps/x86/configure.ac: Likewise. * sysdeps/x86/dl-cet.c: Likewise. * sysdeps/x86/dl-procruntime.c: Likewise. * sysdeps/x86/dl-prop.h: Likewise. * sysdeps/x86/libc-start.h: Likewise. * sysdeps/x86/link_map.h: Likewise. * sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise. (_dl_runtime_resolve_shstk): New. (_dl_runtime_profile_shstk): Likewise. * sysdeps/linux/x86/Makefile (sysdep-dl-routines): Add dl-cet if CET is enabled. (CFLAGS-.o): Add -fcf-protection if CET is enabled. (CFLAGS-.os): Likewise. (CFLAGS-.op): Likewise. (CFLAGS-.oS): Likewise. (asm-CPPFLAGS): Add -fcf-protection -include cet.h if CET is enabled. (tests-special): Add $(objpfx)check-cet.out. (cet-built-dso): New. (+$(cet-built-dso:=.note)): Likewise. (common-generated): Add $(cet-built-dso:$(common-objpfx)%=%.note). ($(objpfx)check-cet.out): New. (generated): Add check-cet.out. * sysdeps/x86/cpu-features.c: Include <dl-cet.h> and <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New prototype. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. (init_cpu_features): Call get_cet_status to check CET status and update dl_x86_feature_1 with CET status. Call TUNABLE_CALLBACK (set_x86_ibt) and TUNABLE_CALLBACK (set_x86_shstk). Disable and lock CET in libc.a. * sysdeps/x86/cpu-tunables.c: Include <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New function. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. * sysdeps/x86/sysdep.h (_CET_NOTRACK): New. (_CET_ENDBR): Define if not defined. (ENTRY): Add _CET_ENDBR. * sysdeps/x86/dl-tunables.list (glibc.tune): Add x86_ibt and x86_shstk. * sysdeps/x86_64/dl-trampoline.h (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise.
2018-07-16 21:08:15 +00:00
ifeq ($(subdir),string)
sysdep_routines += cacheinfo
tests += \
tst-memchr-rtm \
tst-memcmp-rtm \
tst-memmove-rtm \
tst-memrchr-rtm \
tst-memset-rtm \
tst-strchr-rtm \
tst-strcpy-rtm \
tst-strlen-rtm \
tst-strncmp-rtm \
tst-strrchr-rtm
CFLAGS-tst-memchr-rtm.c += -mrtm
CFLAGS-tst-memcmp-rtm.c += -mrtm
CFLAGS-tst-memmove-rtm.c += -mrtm
CFLAGS-tst-memrchr-rtm.c += -mrtm
CFLAGS-tst-memset-rtm.c += -mrtm
CFLAGS-tst-strchr-rtm.c += -mrtm
CFLAGS-tst-strcpy-rtm.c += -mrtm
CFLAGS-tst-strlen-rtm.c += -mrtm
CFLAGS-tst-strncmp-rtm.c += -mrtm
CFLAGS-tst-strrchr-rtm.c += -mrtm
endif
ifneq ($(enable-cet),no)
x86: Support IBT and SHSTK in Intel CET [BZ #21598] Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en forcement-technology-preview.pdf includes Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK). GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on output only if it is set on all relocatable inputs. On an IBT capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable IBT and lock IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the executable. 2. When loading an executable with an interpreter, enable IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_IBT isn't set on the executable, disable IBT. b. Lock IBT. 3. If IBT is enabled, when loading a shared object without GNU_PROPERTY_X86_FEATURE_1_IBT: a. If legacy interwork is allowed, then mark all pages in executable PT_LOAD segments in legacy code page bitmap. Failure of legacy code page bitmap allocation causes an error. b. If legacy interwork isn't allowed, it causes an error. GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to indicate that all executable sections are compatible with SHSTK where return address popped from shadow stack always matches return address popped from normal stack. Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK on output only if it is set on all relocatable inputs. On a SHSTK capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on the executable. 2. When loading an executable with an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_SHSTK isn't set on the executable or any shared objects loaded via the DT_NEEDED tag, disable SHSTK. b. Otherwise lock SHSTK. 3. After SHSTK is enabled, it is an error to load a shared object without GNU_PROPERTY_X86_FEATURE_1_SHSTK. To enable CET support in glibc, --enable-cet is required to configure glibc. When CET is enabled, both compiler and assembler must support CET. Otherwise, it is a configure-time error. To support CET run-time control, 1. _dl_x86_feature_1 is added to the writable ld.so namespace to indicate if IBT or SHSTK are enabled at run-time. It should be initialized by init_cpu_features. 2. For dynamic executables: a. A l_cet field is added to struct link_map to indicate if IBT or SHSTK is enabled in an ELF module. _dl_process_pt_note or _rtld_process_pt_note is called to process PT_NOTE segment for GNU program property and set l_cet. b. _dl_open_check is added to check IBT and SHSTK compatibilty when dlopening a shared object. 3. Replace i386 _dl_runtime_resolve and _dl_runtime_profile with _dl_runtime_resolve_shstk and _dl_runtime_profile_shstk, respectively if SHSTK is enabled. CET run-time control can be changed via GLIBC_TUNABLES with $ export GLIBC_TUNABLES=glibc.tune.x86_shstk=[permissive|on|off] $ export GLIBC_TUNABLES=glibc.tune.x86_ibt=[permissive|on|off] 1. permissive: SHSTK is disabled when dlopening a legacy ELF module. 2. on: IBT or SHSTK are always enabled, regardless if there are IBT or SHSTK bits in GNU program property. 3. off: IBT or SHSTK are always disabled, regardless if there are IBT or SHSTK bits in GNU program property. <cet.h> from CET-enabled GCC is automatically included by assembly codes to add GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK to GNU program property. _CET_ENDBR is added at the entrance of all assembly functions whose address may be taken. _CET_NOTRACK is used to insert NOTRACK prefix with indirect jump table to support IBT. It is defined as notrack when _CET_NOTRACK is defined in <cet.h>. [BZ #21598] * configure.ac: Add --enable-cet. * configure: Regenerated. * elf/Makefille (all-built-dso): Add a comment. * elf/dl-load.c (filebuf): Moved before "dynamic-link.h". Include <dl-prop.h>. (_dl_map_object_from_fd): Call _dl_process_pt_note on PT_NOTE segment. * elf/dl-open.c: Include <dl-prop.h>. (dl_open_worker): Call _dl_open_check. * elf/rtld.c: Include <dl-prop.h>. (dl_main): Call _rtld_process_pt_note on PT_NOTE segment. Call _rtld_main_check. * sysdeps/generic/dl-prop.h: New file. * sysdeps/i386/dl-cet.c: Likewise. * sysdeps/unix/sysv/linux/x86/cpu-features.c: Likewise. * sysdeps/unix/sysv/linux/x86/dl-cet.h: Likewise. * sysdeps/x86/cet-tunables.h: Likewise. * sysdeps/x86/check-cet.awk: Likewise. * sysdeps/x86/configure: Likewise. * sysdeps/x86/configure.ac: Likewise. * sysdeps/x86/dl-cet.c: Likewise. * sysdeps/x86/dl-procruntime.c: Likewise. * sysdeps/x86/dl-prop.h: Likewise. * sysdeps/x86/libc-start.h: Likewise. * sysdeps/x86/link_map.h: Likewise. * sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise. (_dl_runtime_resolve_shstk): New. (_dl_runtime_profile_shstk): Likewise. * sysdeps/linux/x86/Makefile (sysdep-dl-routines): Add dl-cet if CET is enabled. (CFLAGS-.o): Add -fcf-protection if CET is enabled. (CFLAGS-.os): Likewise. (CFLAGS-.op): Likewise. (CFLAGS-.oS): Likewise. (asm-CPPFLAGS): Add -fcf-protection -include cet.h if CET is enabled. (tests-special): Add $(objpfx)check-cet.out. (cet-built-dso): New. (+$(cet-built-dso:=.note)): Likewise. (common-generated): Add $(cet-built-dso:$(common-objpfx)%=%.note). ($(objpfx)check-cet.out): New. (generated): Add check-cet.out. * sysdeps/x86/cpu-features.c: Include <dl-cet.h> and <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New prototype. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. (init_cpu_features): Call get_cet_status to check CET status and update dl_x86_feature_1 with CET status. Call TUNABLE_CALLBACK (set_x86_ibt) and TUNABLE_CALLBACK (set_x86_shstk). Disable and lock CET in libc.a. * sysdeps/x86/cpu-tunables.c: Include <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New function. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. * sysdeps/x86/sysdep.h (_CET_NOTRACK): New. (_CET_ENDBR): Define if not defined. (ENTRY): Add _CET_ENDBR. * sysdeps/x86/dl-tunables.list (glibc.tune): Add x86_ibt and x86_shstk. * sysdeps/x86_64/dl-trampoline.h (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise.
2018-07-16 21:08:15 +00:00
ifeq ($(subdir),elf)
sysdep-dl-routines += dl-cet
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
tests += tst-cet-legacy-1 tst-cet-legacy-1a tst-cet-legacy-2 \
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
tst-cet-legacy-2a tst-cet-legacy-3 tst-cet-legacy-4 \
tst-cet-legacy-5a tst-cet-legacy-6a tst-cet-legacy-7 \
tst-cet-legacy-8 tst-cet-legacy-9 tst-cet-legacy-9-static \
tst-cet-legacy-10 tst-cet-legacy-10-static
tests-static += tst-cet-legacy-9-static tst-cet-legacy-10-static
tst-cet-legacy-1a-ARGS = -- $(host-test-program-cmd)
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
ifneq (no,$(have-tunables))
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
tests += tst-cet-legacy-4a tst-cet-legacy-4b tst-cet-legacy-4c \
tst-cet-legacy-5b tst-cet-legacy-6b
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
endif
modules-names += tst-cet-legacy-mod-1 tst-cet-legacy-mod-2 \
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
tst-cet-legacy-mod-4 tst-cet-legacy-mod-5a \
tst-cet-legacy-mod-5b tst-cet-legacy-mod-5c \
tst-cet-legacy-mod-6a tst-cet-legacy-mod-6b \
tst-cet-legacy-mod-6c
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
CFLAGS-tst-cet-legacy-2.c += -fcf-protection=branch
CFLAGS-tst-cet-legacy-2a.c += -fcf-protection
CFLAGS-tst-cet-legacy-mod-1.c += -fcf-protection=none
CFLAGS-tst-cet-legacy-mod-2.c += -fcf-protection=none
CFLAGS-tst-cet-legacy-3.c += -fcf-protection=none
CFLAGS-tst-cet-legacy-4.c += -fcf-protection=branch
CFLAGS-tst-cet-legacy-4a.c += -fcf-protection
CFLAGS-tst-cet-legacy-4b.c += -fcf-protection
CFLAGS-tst-cet-legacy-mod-4.c += -fcf-protection=none
CFLAGS-tst-cet-legacy-5a.c += -fcf-protection -mshstk
ifeq ($(enable-cet),permissive)
CPPFLAGS-tst-cet-legacy-5a.c += -DCET_IS_PERMISSIVE=1
endif
CFLAGS-tst-cet-legacy-5b.c += -fcf-protection -mshstk
CPPFLAGS-tst-cet-legacy-5b.c += -DCET_DISABLED_BY_ENV=1
CFLAGS-tst-cet-legacy-mod-5a.c += -fcf-protection=branch
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
CFLAGS-tst-cet-legacy-mod-5b.c += -fcf-protection
CFLAGS-tst-cet-legacy-mod-5c.c += -fcf-protection
CFLAGS-tst-cet-legacy-6a.c += -fcf-protection -mshstk
ifeq ($(enable-cet),permissive)
CPPFLAGS-tst-cet-legacy-6a.c += -DCET_IS_PERMISSIVE=1
endif
CFLAGS-tst-cet-legacy-6b.c += -fcf-protection -mshstk
CPPFLAGS-tst-cet-legacy-6b.c += -DCET_DISABLED_BY_ENV=1
CFLAGS-tst-cet-legacy-mod-6a.c += -fcf-protection=branch
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
CFLAGS-tst-cet-legacy-mod-6b.c += -fcf-protection
CFLAGS-tst-cet-legacy-mod-6c.c += -fcf-protection
CFLAGS-tst-cet-legacy-7.c += -fcf-protection=none
CFLAGS-tst-cet-legacy-8.c += -mshstk
CFLAGS-tst-cet-legacy-10.c += -mshstk
CFLAGS-tst-cet-legacy-10-static.c += -mshstk
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
$(objpfx)tst-cet-legacy-1: $(objpfx)tst-cet-legacy-mod-1.so \
$(objpfx)tst-cet-legacy-mod-2.so
$(objpfx)tst-cet-legacy-1a: $(objpfx)tst-cet-legacy-mod-1.so \
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
$(objpfx)tst-cet-legacy-mod-2.so
$(objpfx)tst-cet-legacy-2: $(objpfx)tst-cet-legacy-mod-2.so $(libdl)
$(objpfx)tst-cet-legacy-2.out: $(objpfx)tst-cet-legacy-mod-1.so
$(objpfx)tst-cet-legacy-2a: $(objpfx)tst-cet-legacy-mod-2.so $(libdl)
$(objpfx)tst-cet-legacy-2a.out: $(objpfx)tst-cet-legacy-mod-1.so
$(objpfx)tst-cet-legacy-4: $(libdl)
$(objpfx)tst-cet-legacy-4.out: $(objpfx)tst-cet-legacy-mod-4.so
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
$(objpfx)tst-cet-legacy-5a: $(libdl)
$(objpfx)tst-cet-legacy-5a.out: $(objpfx)tst-cet-legacy-mod-5a.so \
$(objpfx)tst-cet-legacy-mod-5b.so
$(objpfx)tst-cet-legacy-mod-5a.so: $(objpfx)tst-cet-legacy-mod-5c.so
$(objpfx)tst-cet-legacy-mod-5b.so: $(objpfx)tst-cet-legacy-mod-5c.so
$(objpfx)tst-cet-legacy-6a: $(libdl)
$(objpfx)tst-cet-legacy-6a.out: $(objpfx)tst-cet-legacy-mod-6a.so \
$(objpfx)tst-cet-legacy-mod-6b.so
$(objpfx)tst-cet-legacy-mod-6a.so: $(objpfx)tst-cet-legacy-mod-6c.so
$(objpfx)tst-cet-legacy-mod-6b.so: $(objpfx)tst-cet-legacy-mod-6c.so
LDFLAGS-tst-cet-legacy-mod-6c.so = -Wl,--enable-new-dtags,-z,nodelete
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
ifneq (no,$(have-tunables))
$(objpfx)tst-cet-legacy-4a: $(libdl)
$(objpfx)tst-cet-legacy-4a.out: $(objpfx)tst-cet-legacy-mod-4.so
tst-cet-legacy-4a-ENV = GLIBC_TUNABLES=glibc.cpu.x86_shstk=permissive
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
$(objpfx)tst-cet-legacy-4b: $(libdl)
$(objpfx)tst-cet-legacy-4b.out: $(objpfx)tst-cet-legacy-mod-4.so
tst-cet-legacy-4b-ENV = GLIBC_TUNABLES=glibc.cpu.x86_shstk=on
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
$(objpfx)tst-cet-legacy-4c: $(libdl)
$(objpfx)tst-cet-legacy-4c.out: $(objpfx)tst-cet-legacy-mod-4.so
tst-cet-legacy-4c-ENV = GLIBC_TUNABLES=glibc.cpu.x86_shstk=off
Call _dl_open_check after relocation [BZ #24259] This is a workaround for [BZ #20839] which doesn't remove the NODELETE object when _dl_open_check throws an exception. Move it after relocation in dl_open_worker to avoid leaving the NODELETE object mapped without relocation. [BZ #24259] * elf/dl-open.c (dl_open_worker): Call _dl_open_check after relocation. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and tst-cet-legacy-6b. (modules-names): Add tst-cet-legacy-mod-5a, tst-cet-legacy-mod-5b, tst-cet-legacy-mod-5c, tst-cet-legacy-mod-6a, tst-cet-legacy-mod-6b and tst-cet-legacy-mod-6c. (CFLAGS-tst-cet-legacy-5a.c): New. (CFLAGS-tst-cet-legacy-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-5c.c): Likewise. (CFLAGS-tst-cet-legacy-6a.c): Likewise. (CFLAGS-tst-cet-legacy-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6a.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6b.c): Likewise. (CFLAGS-tst-cet-legacy-mod-6c.c): Likewise. ($(objpfx)tst-cet-legacy-5a): Likewise. ($(objpfx)tst-cet-legacy-5a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-5a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-5b.so): Likewise. ($(objpfx)tst-cet-legacy-5b): Likewise. ($(objpfx)tst-cet-legacy-5b.out): Likewise. (tst-cet-legacy-5b-ENV): Likewise. ($(objpfx)tst-cet-legacy-6a): Likewise. ($(objpfx)tst-cet-legacy-6a.out): Likewise. ($(objpfx)tst-cet-legacy-mod-6a.so): Likewise. ($(objpfx)tst-cet-legacy-mod-6b.so): Likewise. ($(objpfx)tst-cet-legacy-6b): Likewise. ($(objpfx)tst-cet-legacy-6b.out): Likewise. (tst-cet-legacy-6b-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-5.c: New file. * sysdeps/x86/tst-cet-legacy-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-5c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6a.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6b.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-6c.c: Likewise.
2019-07-01 19:23:10 +00:00
$(objpfx)tst-cet-legacy-5b: $(libdl)
$(objpfx)tst-cet-legacy-5b.out: $(objpfx)tst-cet-legacy-mod-5a.so \
$(objpfx)tst-cet-legacy-mod-5b.so
tst-cet-legacy-5b-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
$(objpfx)tst-cet-legacy-6b: $(libdl)
$(objpfx)tst-cet-legacy-6b.out: $(objpfx)tst-cet-legacy-mod-6a.so \
$(objpfx)tst-cet-legacy-mod-6b.so
tst-cet-legacy-6b-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
tst-cet-legacy-9-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
tst-cet-legacy-9-static-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
x86/CET: Add tests with legacy non-CET shared objects Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
2018-07-25 11:46:53 +00:00
endif
x86: Support IBT and SHSTK in Intel CET [BZ #21598] Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en forcement-technology-preview.pdf includes Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK). GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on output only if it is set on all relocatable inputs. On an IBT capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable IBT and lock IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the executable. 2. When loading an executable with an interpreter, enable IBT if GNU_PROPERTY_X86_FEATURE_1_IBT is set on the interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_IBT isn't set on the executable, disable IBT. b. Lock IBT. 3. If IBT is enabled, when loading a shared object without GNU_PROPERTY_X86_FEATURE_1_IBT: a. If legacy interwork is allowed, then mark all pages in executable PT_LOAD segments in legacy code page bitmap. Failure of legacy code page bitmap allocation causes an error. b. If legacy interwork isn't allowed, it causes an error. GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to indicate that all executable sections are compatible with SHSTK where return address popped from shadow stack always matches return address popped from normal stack. Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK on output only if it is set on all relocatable inputs. On a SHSTK capable processor, the following steps should be taken: 1. When loading an executable without an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on the executable. 2. When loading an executable with an interpreter, enable SHSTK if GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on interpreter. a. If GNU_PROPERTY_X86_FEATURE_1_SHSTK isn't set on the executable or any shared objects loaded via the DT_NEEDED tag, disable SHSTK. b. Otherwise lock SHSTK. 3. After SHSTK is enabled, it is an error to load a shared object without GNU_PROPERTY_X86_FEATURE_1_SHSTK. To enable CET support in glibc, --enable-cet is required to configure glibc. When CET is enabled, both compiler and assembler must support CET. Otherwise, it is a configure-time error. To support CET run-time control, 1. _dl_x86_feature_1 is added to the writable ld.so namespace to indicate if IBT or SHSTK are enabled at run-time. It should be initialized by init_cpu_features. 2. For dynamic executables: a. A l_cet field is added to struct link_map to indicate if IBT or SHSTK is enabled in an ELF module. _dl_process_pt_note or _rtld_process_pt_note is called to process PT_NOTE segment for GNU program property and set l_cet. b. _dl_open_check is added to check IBT and SHSTK compatibilty when dlopening a shared object. 3. Replace i386 _dl_runtime_resolve and _dl_runtime_profile with _dl_runtime_resolve_shstk and _dl_runtime_profile_shstk, respectively if SHSTK is enabled. CET run-time control can be changed via GLIBC_TUNABLES with $ export GLIBC_TUNABLES=glibc.tune.x86_shstk=[permissive|on|off] $ export GLIBC_TUNABLES=glibc.tune.x86_ibt=[permissive|on|off] 1. permissive: SHSTK is disabled when dlopening a legacy ELF module. 2. on: IBT or SHSTK are always enabled, regardless if there are IBT or SHSTK bits in GNU program property. 3. off: IBT or SHSTK are always disabled, regardless if there are IBT or SHSTK bits in GNU program property. <cet.h> from CET-enabled GCC is automatically included by assembly codes to add GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK to GNU program property. _CET_ENDBR is added at the entrance of all assembly functions whose address may be taken. _CET_NOTRACK is used to insert NOTRACK prefix with indirect jump table to support IBT. It is defined as notrack when _CET_NOTRACK is defined in <cet.h>. [BZ #21598] * configure.ac: Add --enable-cet. * configure: Regenerated. * elf/Makefille (all-built-dso): Add a comment. * elf/dl-load.c (filebuf): Moved before "dynamic-link.h". Include <dl-prop.h>. (_dl_map_object_from_fd): Call _dl_process_pt_note on PT_NOTE segment. * elf/dl-open.c: Include <dl-prop.h>. (dl_open_worker): Call _dl_open_check. * elf/rtld.c: Include <dl-prop.h>. (dl_main): Call _rtld_process_pt_note on PT_NOTE segment. Call _rtld_main_check. * sysdeps/generic/dl-prop.h: New file. * sysdeps/i386/dl-cet.c: Likewise. * sysdeps/unix/sysv/linux/x86/cpu-features.c: Likewise. * sysdeps/unix/sysv/linux/x86/dl-cet.h: Likewise. * sysdeps/x86/cet-tunables.h: Likewise. * sysdeps/x86/check-cet.awk: Likewise. * sysdeps/x86/configure: Likewise. * sysdeps/x86/configure.ac: Likewise. * sysdeps/x86/dl-cet.c: Likewise. * sysdeps/x86/dl-procruntime.c: Likewise. * sysdeps/x86/dl-prop.h: Likewise. * sysdeps/x86/libc-start.h: Likewise. * sysdeps/x86/link_map.h: Likewise. * sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise. (_dl_runtime_resolve_shstk): New. (_dl_runtime_profile_shstk): Likewise. * sysdeps/linux/x86/Makefile (sysdep-dl-routines): Add dl-cet if CET is enabled. (CFLAGS-.o): Add -fcf-protection if CET is enabled. (CFLAGS-.os): Likewise. (CFLAGS-.op): Likewise. (CFLAGS-.oS): Likewise. (asm-CPPFLAGS): Add -fcf-protection -include cet.h if CET is enabled. (tests-special): Add $(objpfx)check-cet.out. (cet-built-dso): New. (+$(cet-built-dso:=.note)): Likewise. (common-generated): Add $(cet-built-dso:$(common-objpfx)%=%.note). ($(objpfx)check-cet.out): New. (generated): Add check-cet.out. * sysdeps/x86/cpu-features.c: Include <dl-cet.h> and <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New prototype. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. (init_cpu_features): Call get_cet_status to check CET status and update dl_x86_feature_1 with CET status. Call TUNABLE_CALLBACK (set_x86_ibt) and TUNABLE_CALLBACK (set_x86_shstk). Disable and lock CET in libc.a. * sysdeps/x86/cpu-tunables.c: Include <cet-tunables.h>. (TUNABLE_CALLBACK (set_x86_ibt)): New function. (TUNABLE_CALLBACK (set_x86_shstk)): Likewise. * sysdeps/x86/sysdep.h (_CET_NOTRACK): New. (_CET_ENDBR): Define if not defined. (ENTRY): Add _CET_ENDBR. * sysdeps/x86/dl-tunables.list (glibc.tune): Add x86_ibt and x86_shstk. * sysdeps/x86_64/dl-trampoline.h (_dl_runtime_resolve): Add _CET_ENDBR. (_dl_runtime_profile): Likewise.
2018-07-16 21:08:15 +00:00
endif
# Add -fcf-protection to CFLAGS when CET is enabled.
CFLAGS-.o += -fcf-protection
CFLAGS-.os += -fcf-protection
CFLAGS-.op += -fcf-protection
CFLAGS-.oS += -fcf-protection
# Compile assembly codes with <cet.h> when CET is enabled.
asm-CPPFLAGS += -fcf-protection -include cet.h
ifeq ($(subdir),elf)
ifeq (yes,$(build-shared))
tests-special += $(objpfx)check-cet.out
endif
# FIXME: Can't use all-built-dso in elf/Makefile since this file is
# processed before elf/Makefile. Duplicate it here.
cet-built-dso := $(common-objpfx)elf/ld.so $(common-objpfx)libc.so \
$(filter-out $(common-objpfx)linkobj/libc.so, \
$(sort $(wildcard $(addprefix $(common-objpfx), \
*/lib*.so \
iconvdata/*.so))))
$(cet-built-dso:=.note): %.note: %
@rm -f $@T
LC_ALL=C $(READELF) -n $< > $@T
test -s $@T
mv -f $@T $@
common-generated += $(cet-built-dso:$(common-objpfx)%=%.note)
$(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
$(cet-built-dso:=.note)
LC_ALL=C $(AWK) -f $^ > $@; \
$(evaluate-test)
generated += check-cet.out
endif
endif
ifeq ($(subdir),posix)
tests += \
tst-sysconf-cache-linesize \
tst-sysconf-cache-linesize-static
tests-static += \
tst-sysconf-cache-linesize-static
endif