glibc/sysdeps/x86/tst-cet-legacy-6.c
H.J. Lu 04dff6fc0d x86: Properly set usable CET feature bits [BZ #26625]
commit 94cd37ebb2
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Wed Sep 16 05:27:32 2020 -0700

    x86: Use HAS_CPU_FEATURE with IBT and SHSTK [BZ #26625]

broke

GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK

since it can no longer disable IBT nor SHSTK.  Handle IBT and SHSTK with:

1. Revert commit 94cd37ebb2.
2. Clears the usable CET feature bits if kernel doesn't support CET.
3. Add GLIBC_TUNABLES tests without dlopen.
4. Add tests to verify that CPU_FEATURE_USABLE on IBT and SHSTK matches
_get_ssp.
5. Update GLIBC_TUNABLES tests with dlopen to verify that CET is disabled
with GLIBC_TUNABLES.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2021-01-29 03:58:11 -08:00

90 lines
2.2 KiB
C

/* Check compatibility of CET-enabled executable with dlopened legacy
shared object.
Copyright (C) 2019-2021 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <dlfcn.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include <x86intrin.h>
#include <support/check.h>
#if defined CET_IS_PERMISSIVE || defined CET_DISABLED_BY_ENV
# define CET_MAYBE_DISABLED 1
#else
# define CET_MAYBE_DISABLED 0
#endif
static void
do_test_1 (const char *modname, bool fail)
{
int (*fp) (void);
void *h;
/* NB: dlopen should never fail on non-CET platforms. If SHSTK is
disabled, assuming IBT is also disabled. */
bool cet_enabled = _get_ssp () != 0 && !CET_MAYBE_DISABLED;
if (!cet_enabled)
fail = false;
h = dlopen (modname, RTLD_LAZY);
if (h == NULL)
{
const char *err = dlerror ();
if (fail)
{
if (strstr (err, "rebuild shared object with SHSTK support enabled")
== NULL)
FAIL_EXIT1 ("incorrect dlopen '%s' error: %s\n", modname, err);
return;
}
FAIL_EXIT1 ("cannot open '%s': %s\n", modname, err);
}
if (fail)
FAIL_EXIT1 ("dlopen should have failed\n");
fp = dlsym (h, "test");
if (fp == NULL)
{
printf ("cannot get symbol 'test': %s\n", dlerror ());
exit (1);
}
if (fp () != 0)
{
puts ("test () != 0");
exit (1);
}
dlclose (h);
}
static int
do_test (void)
{
do_test_1 ("tst-cet-legacy-mod-6a.so", true);
do_test_1 ("tst-cet-legacy-mod-6b.so", false);
return 0;
}
#include <support/test-driver.c>