mirror of
https://sourceware.org/git/glibc.git
synced 2024-12-31 23:11:09 +00:00
5d844e1b72
1. getcontext and swapcontext are updated to save the caller's shadow stack pointer and return address. 2. setcontext and swapcontext are updated to restore shadow stack and jump to new context directly. 3. makecontext is updated to allocate a new shadow stack and set the caller's return address to the helper code, L(exitcode). 4. Since we no longer save and restore EAX, ECX and EDX in getcontext, setcontext and swapcontext, we can use them as scratch register slots to enable CET in ucontext functions. Since makecontext allocates a new shadow stack when making a new context and kernel allocates a new shadow stack for clone/fork/vfork syscalls, we track the current shadow stack base. In setcontext and swapcontext, if the target shadow stack base is the same as the current shadow stack base, we unwind the shadow stack. Otherwise it is a stack switch and we look for a restore token. We enable shadow stack at run-time only if program and all used shared objects, including dlopened ones, are shadow stack enabled, which means that they must be compiled with GCC 8 or above and glibc 2.28 or above. We need to save and restore shadow stack only if shadow stack is enabled. When caller of getcontext, setcontext, swapcontext and makecontext is compiled with smaller ucontext_t, shadow stack won't be enabled at run-time. We check if shadow stack is enabled before accessing the extended field in ucontext_t. Tested on i386 CET/non-CET machines. Reviewed-by: Carlos O'Donell <carlos@redhat.com> |
||
|---|---|---|
| .. | ||
| aarch64 | ||
| alpha | ||
| arm | ||
| csky | ||
| generic | ||
| gnu | ||
| hppa | ||
| htl | ||
| hurd | ||
| i386 | ||
| ia64 | ||
| ieee754 | ||
| init_array | ||
| m68k | ||
| mach | ||
| microblaze | ||
| mips | ||
| nios2 | ||
| nptl | ||
| posix | ||
| powerpc | ||
| pthread | ||
| riscv | ||
| s390 | ||
| sh | ||
| sparc | ||
| unix | ||
| wordsize-32 | ||
| wordsize-64 | ||
| x86 | ||
| x86_64 | ||