Commit Graph

14 Commits

Author SHA1 Message Date
H.J. Lu
9e38f455a6 x86: Add --enable-cet=permissive
When CET is enabled, it is an error to dlopen a non CET enabled shared
library in CET enabled application.  It may be desirable to make CET
permissive, that is disable CET when dlopening a non CET enabled shared
library.  With the new --enable-cet=permissive configure option, CET is
disabled when dlopening a non CET enabled shared library.

Add DEFAULT_DL_X86_CET_CONTROL to config.h.in:

 /* The default value of x86 CET control.  */
 #define DEFAULT_DL_X86_CET_CONTROL cet_elf_property

which enables CET features based on ELF property note.

--enable-cet=permissive it to

 /* The default value of x86 CET control.  */
 #define DEFAULT_DL_X86_CET_CONTROL cet_permissive

which enables CET features permissively.

Update tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and
tst-cet-legacy-6b to check --enable-cet and --enable-cet=permissive.
2020-05-18 08:38:53 -07:00
Adhemerval Zanella
1bdda52fe9 elf: Move vDSO setup to rtld (BZ#24967)
This patch moves the vDSO setup from libc to loader code, just after
the vDSO link_map setup.  For static case the initialization
is moved to _dl_non_dynamic_init instead.

Instead of using the mangled pointer, the vDSO data is set as
attribute_relro (on _rtld_global_ro for shared or _dl_vdso_* for
static).  It is read-only even with partial relro.

It fixes BZ#24967 now that the vDSO pointer is setup earlier than
malloc interposition is called.

Also, vDSO calls should not be a problem for static dlopen as
indicated by BZ#20802.  The vDSO pointer would be zero-initialized
and the syscall will be issued instead.

Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, powerpc64le-linux-gnu, powerpc64-linux-gnu,
powerpc-linux-gnu, s390x-linux-gnu, sparc64-linux-gnu, and
sparcv9-linux-gnu.  I also run some tests on mips.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-03 11:22:07 -03:00
H.J. Lu
a1ccc0654b x86: Use RTM intrinsics in pthread mutex lock elision
Since RTM intrinsics are supported in GCC 4.9, we can use them in
pthread mutex lock elision.

	* sysdeps/unix/sysv/linux/x86/Makefile (CFLAGS-elision-lock.c):
	Add -mrtm.
	(CFLAGS-elision-unlock.c): Likewise.
	(CFLAGS-elision-timed.c): Likewise.
	(CFLAGS-elision-trylock.c): Likewise.
	* sysdeps/unix/sysv/linux/x86/hle.h: Rewritten.
2018-10-02 07:51:57 -07:00
H.J. Lu
98864ed0e0 x86/CET: Fix property note parser [BZ #23467]
GNU_PROPERTY_X86_FEATURE_1_AND may not be the first property item.  We
need to check each property item until we reach the end of the property
or find GNU_PROPERTY_X86_FEATURE_1_AND.

This patch adds 2 tests.  The first test checks if IBT is enabled and
the second test reads the output from the first test to check if IBT
is is enabled.  The second second test fails if IBT isn't enabled
properly.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

	[BZ #23467]
	* sysdeps/unix/sysv/linux/x86/Makefile (tests): Add
	tst-cet-property-1 and tst-cet-property-2 if CET is enabled.
	(CFLAGS-tst-cet-property-1.o): New.
	(ASFLAGS-tst-cet-property-dep-2.o): Likewise.
	($(objpfx)tst-cet-property-2): Likewise.
	($(objpfx)tst-cet-property-2.out): Likewise.
	* sysdeps/unix/sysv/linux/x86/tst-cet-property-1.c: New file.
	* sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c: Likewise.
	* sysdeps/unix/sysv/linux/x86/tst-cet-property-dep-2.S: Likewise.
	* sysdeps/x86/dl-prop.h (_dl_process_cet_property_note): Parse
	each property item until GNU_PROPERTY_X86_FEATURE_1_AND is found.
2018-07-30 16:15:38 -07:00
H.J. Lu
08ac6bed14 x86/CET: Add a setcontext test for CET
Verify that setcontext works with gaps above and below the newly
allocated shadow stack.

	* sysdeps/unix/sysv/linux/x86/Makefile (tests): Add
	tst-cet-setcontext-1 if CET is enabled.
	(CFLAGS-tst-cet-setcontext-1.c): Add -mshstk.
	* sysdeps/unix/sysv/linux/x86/tst-cet-setcontext-1.c: New file.
2018-07-25 08:40:50 -07:00
H.J. Lu
faaee1f07e x86: Support shadow stack pointer in setjmp/longjmp
Save and restore shadow stack pointer in setjmp and longjmp to support
shadow stack in Intel CET.  Use feature_1 in tcbhead_t to check if
shadow stack is enabled before saving and restoring shadow stack pointer.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

	* sysdeps/i386/__longjmp.S: Include <jmp_buf-ssp.h>.
	(__longjmp): Restore shadow stack pointer if shadow stack is
	enabled, SHADOW_STACK_POINTER_OFFSET is defined and __longjmp
	isn't defined for __longjmp_cancel.
	* sysdeps/i386/bsd-_setjmp.S: Include <jmp_buf-ssp.h>.
	(_setjmp): Save shadow stack pointer if shadow stack is enabled
	and SHADOW_STACK_POINTER_OFFSET is defined.
	* sysdeps/i386/bsd-setjmp.S: Include <jmp_buf-ssp.h>.
	(setjmp): Save shadow stack pointer if shadow stack is enabled
	and SHADOW_STACK_POINTER_OFFSET is defined.
	* sysdeps/i386/setjmp.S: Include <jmp_buf-ssp.h>.
	(__sigsetjmp): Save shadow stack pointer if shadow stack is
	enabled and SHADOW_STACK_POINTER_OFFSET is defined.
	* sysdeps/unix/sysv/linux/i386/____longjmp_chk.S: Include
	<jmp_buf-ssp.h>.
	(____longjmp_chk): Restore shadow stack pointer if shadow stack
	is enabled and SHADOW_STACK_POINTER_OFFSET is defined.
	* sysdeps/unix/sysv/linux/x86/Makefile (gen-as-const-headers):
	Remove jmp_buf-ssp.sym.
	* sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S: Include
	<jmp_buf-ssp.h>.
	(____longjmp_chk): Restore shadow stack pointer if shadow stack
	is enabled and SHADOW_STACK_POINTER_OFFSET is defined.
	* sysdeps/x86/Makefile (gen-as-const-headers): Add
	jmp_buf-ssp.sym.
	* sysdeps/x86/jmp_buf-ssp.sym: New dummy file.
	* sysdeps/x86_64/__longjmp.S: Include <jmp_buf-ssp.h>.
	(__longjmp): Restore shadow stack pointer if shadow stack is
	enabled, SHADOW_STACK_POINTER_OFFSET is defined and __longjmp
	isn't defined for __longjmp_cancel.
	* sysdeps/x86_64/setjmp.S: Include <jmp_buf-ssp.h>.
	(__sigsetjmp): Save shadow stack pointer if shadow stack is
	enabled and SHADOW_STACK_POINTER_OFFSET is defined.
2018-07-14 05:59:53 -07:00
H.J. Lu
f33632ccd1 x86: Make a space in jmpbuf for shadow stack pointer
To support Shadow Stack (SHSTK) in Intel Control-flow Enforcement
Technology (CET) in setjmp/longjmp, we need to save shadow stack
pointer in jmp_buf.  The __saved_mask field in jmp_buf has type
of __sigset_t.  On Linux, __sigset_t is defined as

 #define _SIGSET_NWORDS (1024 / (8 * sizeof (unsigned long int)))
typedef struct
{
  unsigned long int __val[_SIGSET_NWORDS];
} __sigset_t;

which is much bigger than expected by the __sigprocmask system call,
which has

typedef struct {
        unsigned long sig[_NSIG_WORDS];
} sigset_t;

For Linux/x86, we can shrink __sigset_t used by __saved_mask in jmp_buf
to add paddings for shadow stack pointer.  As long as the new __sigset_t
is not smaller than sigset_t expected by the __sigprocmask system call,
it should work correctly.

This patch adds an internal header file, <setjmpP.h>, to define
__jmp_buf_sigset_t for __saved_mask in jmp_buf for Linux/x86 with a
space to store shadow stack pointer.  It verifies __jmp_buf_sigset_t has
the suitable size for the __sigprocmask system call.   A run-time test,
tst-saved_mask-1.c, is added to verify that size of __jmp_buf_sigset_t
is sufficient.  If its size is too small, the test fails with

rt_sigprocmask(SIG_SETMASK, strace: umoven: short read (4 < 8) @0x7fa8aa28effc
0x7fa8aa28effc, NULL, 8) = -1 EFAULT (Bad address)
rt_sigprocmask(SIG_SETMASK, strace: umoven: short read (4 < 8) @0x7fa8aa28effc
0x7fa8aa28effc, NULL, 8) = -1 EFAULT (Bad address)
rt_sigprocmask(SIG_SETMASK, NULL, 0x7fa8aa28effc, 8) = -1 EFAULT (Bad address)
exit_group(1)                           = ?

Tested with build-many-glibcs.py.

	* debug/longjmp_chk.c: Include <setjmpP.h> instead of
	<setjmp.h>.
	* setjmp/longjmp.c: Include <setjmpP.h> instead of <setjmp.h>.
	(__libc_siglongjmp): Cast &env[0].__saved_mask to "sigset_t *".
	* setjmp/sigjmp.c: Include <setjmpP.h> instead of <setjmp.h>.
	(__sigjmp_save): Cast &env[0].__saved_mask to "sigset_t *".
	* sysdeps/generic/setjmpP.h: New file.
	* sysdeps/unix/sysv/linux/x86/jmp_buf-ssp.sym: Likewise.
	* sysdeps/unix/sysv/linux/x86/setjmpP.h: Likewise.
	* sysdeps/unix/sysv/linux/x86/tst-saved_mask-1.c: Likewise.
	* sysdeps/unix/sysv/linux/x86/Makefile (gen-as-const-headers):
	Add jmp_buf-ssp.sym.
	(tests): Add tst-saved_mask-1.
2017-11-30 04:58:01 -08:00
Florian Weimer
ee17d4e99a Remove abi-*-options compiler flags
These options are no longer needed since commit
2dba5ce7b8 (<bits/syscall.h>: Use an
arch-independent system call list on Linux).
2017-08-28 17:16:53 +02:00
H.J. Lu
e2e4f56056 Add _dl_x86_cpu_features to rtld_global
This patch adds _dl_x86_cpu_features to rtld_global in x86 ld.so
and initializes it early before __libc_start_main is called so that
cpu_features is always available when it is used and we can avoid
calling __init_cpu_features in IFUNC selectors.

	* sysdeps/i386/dl-machine.h: Include <cpu-features.c>.
	(dl_platform_init): Call init_cpu_features.
	* sysdeps/i386/dl-procinfo.c (_dl_x86_cpu_features): New.
	* sysdeps/i386/i686/cacheinfo.c
	(DISABLE_PREFERRED_MEMORY_INSTRUCTION): Removed.
	* sysdeps/i386/i686/multiarch/Makefile (aux): Remove init-arch.
	* sysdeps/i386/i686/multiarch/Versions: Removed.
	* sysdeps/i386/i686/multiarch/ifunc-defines.sym (KIND_OFFSET):
	Removed.
	* sysdeps/i386/ldsodefs.h: Include <cpu-features.h>.
	* sysdeps/unix/sysv/linux/x86/Makefile
	(libpthread-sysdep_routines): Remove init-arch.
	* sysdeps/unix/sysv/linux/x86_64/dl-procinfo.c: Include
	<sysdeps/x86_64/dl-procinfo.c> instead of
	sysdeps/generic/dl-procinfo.c>.
	* sysdeps/x86/Makefile [$(subdir) == csu] (gen-as-const-headers):
	Add cpu-features-offsets.sym and rtld-global-offsets.sym.
	[$(subdir) == elf] (sysdep-dl-routines): Add dl-get-cpu-features.
	[$(subdir) == elf] (tests): Add tst-get-cpu-features.
	[$(subdir) == elf] (tests-static): Add
	tst-get-cpu-features-static.
	* sysdeps/x86/Versions: New file.
	* sysdeps/x86/cpu-features-offsets.sym: Likewise.
	* sysdeps/x86/cpu-features.c: Likewise.
	* sysdeps/x86/cpu-features.h: Likewise.
	* sysdeps/x86/dl-get-cpu-features.c: Likewise.
	* sysdeps/x86/libc-start.c: Likewise.
	* sysdeps/x86/rtld-global-offsets.sym: Likewise.
	* sysdeps/x86/tst-get-cpu-features-static.c: Likewise.
	* sysdeps/x86/tst-get-cpu-features.c: Likewise.
	* sysdeps/x86_64/dl-procinfo.c: Likewise.
	* sysdeps/x86_64/cacheinfo.c (__cpuid_count): Removed.
	Assume USE_MULTIARCH is defined and don't check it.
	(is_intel): Replace __cpu_features with GLRO(dl_x86_cpu_features).
	(is_amd): Likewise.
	(max_cpuid): Likewise.
	(intel_check_word): Likewise.
	(__cache_sysconf): Don't call __init_cpu_features.
	(__x86_preferred_memory_instruction): Removed.
	(init_cacheinfo): Don't call __init_cpu_features. Replace
	__cpu_features with GLRO(dl_x86_cpu_features).
	* sysdeps/x86_64/dl-machine.h: <cpu-features.c>.
	(dl_platform_init): Call init_cpu_features.
	* sysdeps/x86_64/ldsodefs.h: Include <cpu-features.h>.
	* sysdeps/x86_64/multiarch/Makefile (aux): Remove init-arch.
	* sysdeps/x86_64/multiarch/Versions: Removed.
	* sysdeps/x86_64/multiarch/cacheinfo.c: Likewise.
	* sysdeps/x86_64/multiarch/init-arch.c: Likewise.
	* sysdeps/x86_64/multiarch/ifunc-defines.sym (KIND_OFFSET):
	Removed.
	* sysdeps/x86_64/multiarch/init-arch.h: Rewrite.
2015-08-13 03:41:22 -07:00
Adhemerval Zanella
ca677d3c3c Add x86 32 bit vDSO time function support
Linux 3.15 adds support for clock_gettime, gettimeofday, and time vDSO
(commit id 37c975545ec63320789962bf307f000f08fabd48).  This patch adds
GLIBC supports to use such symbol when they are avaiable.

Along with x86 vDSO support, this patch cleanup x86_64 code by moving
all common code to x86 common folder.  Only init-first.c is different
between implementations.
2015-01-12 16:03:58 -02:00
Joseph Myers
93ae1ebaa6 Clean up gnu/lib-names.h generation (bug 14171).
This patch eliminates the mixture of SONAME information in
shlib-versions files and SONAME information used to generate
gnu/lib-names.h in makefiles, with the information in the makefiles
being removed so all this information comes from the shlib-versions
files.

So that gnu/lib-names.h supports multiple ABIs, it is changed to be
generated on the same basis as gnu/stubs.h: when there are multiple
ABIs, gnu/lib-names.h is a wrapper header (the same header installed
whatever ABI is being built) and separate headers such as
gnu/lib-names-64.h contain the substantive contents (only one such
header being installed by any glibc build).

The rules for building gnu/lib-names.h were moved from Makeconfig to
Makerules because they need to come after sysdeps makefiles are
included (now that "ifndef abi-variants" is a toplevel conditional on
the rules rather than $(abi-variants) being evaluated later inside the
commands for a rule).

Tested for x86_64 and x86 that the installed shared libraries are
unchanged by this patch, and examined the installed gnu/lib-names*.h
headers by hand.  Also tested the case of a single ABI (where there is
just a single header installed, again like stubs.h) by hacking
abi-variants to empty for x86_64.

	[BZ #14171]
	* Makeconfig [$(build-shared) = yes]
	($(common-objpfx)soversions.mk): Don't handle SONAMEs specified in
	makefiles.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	($(common-objpfx)gnu/lib-names.h): Remove rule.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	($(common-objpfx)gnu/lib-names.stmp): Likewise.  Split and moved
	to Makerules.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	(before-compile): Don't append $(common-objpfx)gnu/lib-names.h
	here.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	(common-generated): Don't append gnu/lib-names.h and
	gnu/lib-names.stmp here.
	* Makerules [$(build-shared) = yes && $(soversions.mk-done) = t]
	(lib-names-h-abi): New variable.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	(lib-names-stmp-abi): Likewise.
	[$(build-shared) = yes && $(soversions.mk-done) = t &&
	abi-variants] (before-compile): Append
	$(common-objpfx)$(lib-names-h-abi).
	[$(build-shared) = yes && $(soversions.mk-done) = t &&
	abi-variants] (common-generated): Append gnu/lib-names.h.
	[$(build-shared) = yes && $(soversions.mk-done) = t &&
	abi-variants] (install-others-nosubdir): Depend on
	$(inst_includedir)/$(lib-names-h-abi).
	[$(build-shared) = yes && $(soversions.mk-done) = t &&
	abi-variants] ($(common-objpfx)gnu/lib-names.h): New rule.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	($(common-objpfx)$(lib-names-h-abi)): New rule.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	($(common-objpfx)$(lib-names-stmp-abi)): Likewise.
	[$(build-shared) = yes && $(soversions.mk-done) = t]
	(common-generated): Append $(lib-names-h-abi) and
	$(lib-names-stmp-abi).
	* scripts/lib-names.awk: Do not handle multi being set.
	* sysdeps/unix/sysv/linux/aarch64/Makefile (abi-lp64-ld-soname):
	Remove variable.
	(abi-lp64_be-ld-soname): Likewise.
	* sysdeps/unix/sysv/linux/arm/Makefile (abi-soft-ld-soname):
	Likewise.
	(abi-hard-ld-soname): Likewise.
	* sysdeps/unix/sysv/linux/i386/shlib-versions: New file.
	* sysdeps/unix/sysv/linux/mips/Makefile (abi-o32_soft-ld-soname):
	Remove variable.
	(abi-o32_hard-ld-soname): Likewise.
	(abi-o32_soft_2008-ld-soname): Likewise.
	(abi-o32_hard_2008-ld-soname): Likewise.
	(abi-n32_soft-ld-soname): Likewise.
	(abi-n32_hard-ld-soname): Likewise.
	(abi-n32_soft_2008-ld-soname): Likewise.
	(abi-n32_hard_2008-ld-soname): Likewise.
	(abi-n64_soft-ld-soname): Likewise.
	(abi-n64_hard-ld-soname): Likewise.
	(abi-n64_soft_2008-ld-soname): Likewise.
	(abi-n64_hard_2008-ld-soname): Likewise.
	* sysdeps/unix/sysv/linux/powerpc/Makefile (abi-64-v1-ld-soname):
	Likewise.
	(abi-64-v2-ld-soname): Likewise.
	* sysdeps/unix/sysv/linux/powerpc/powerpc64/shlib-versions: Add
	ld.so entries.
	* sysdeps/unix/sysv/linux/s390/Makefile (abi-64-ld-soname): Remove
	variable.
	* sysdeps/unix/sysv/linux/s390/s390-64/shlib-versions: Add ld.so
	entry.
	* sysdeps/unix/sysv/linux/x86/Makefile (abi-32-ld-soname): Remove
	variable.
	(abi-64-ld-soname): Likewise.
	(abi-x32-ld-soname): Likewise.
	* sysdeps/unix/sysv/linux/x86_64/64/shlib-versions: Add ld.so
	entry.
	* sysdeps/unix/sysv/linux/x86_64/x32/shlib-versions: Likewise.
2014-09-26 17:33:04 +00:00
Roland McGrath
039890a678 Move remaining files out of nptl/sysdeps/unix/sysv/linux/x86/. 2014-05-14 15:32:18 -07:00
H.J. Lu
3bd872c4c4 Use i386 sys/elf.h and sys/vm86.h for i386 and x86-64 2012-06-01 13:22:46 -07:00
H.J. Lu
0ab0291b84 Convert WORDSIZE[32|64]/ld entries to abi-variants 2012-05-30 08:33:26 -07:00