mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-21 12:30:06 +00:00
f4d00dd60d
This patch adds support for memory protection keys on AArch64 systems with
enabled Stage 1 permission overlays feature introduced in Armv8.9 / 9.4
(FEAT_S1POE) [1].
1. Internal functions "pkey_read" and "pkey_write" to access data
associated with memory protection keys.
2. Implementation of API functions "pkey_get" and "pkey_set" for
the AArch64 target.
3. AArch64-specific PKEY flags for READ and EXECUTE (see below).
4. New target-specific test that checks behaviour of pkeys on
AArch64 targets.
5. This patch also extends existing generic test for pkeys.
6. HWCAP constant for Permission Overlay Extension feature.
To support more accurate mapping of underlying permissions to the
PKEY flags, we introduce additional AArch64-specific flags. The full
list of flags is:
- PKEY_UNRESTRICTED: 0x0 (for completeness)
- PKEY_DISABLE_ACCESS: 0x1 (existing flag)
- PKEY_DISABLE_WRITE: 0x2 (existing flag)
- PKEY_DISABLE_EXECUTE: 0x4 (new flag, AArch64 specific)
- PKEY_DISABLE_READ: 0x8 (new flag, AArch64 specific)
The problem here is that PKEY_DISABLE_ACCESS has unusual semantics as
it overlaps with existing PKEY_DISABLE_WRITE and new PKEY_DISABLE_READ.
For this reason mapping between permission bits RWX and "restrictions"
bits awxr (a for disable access, etc) becomes complicated:
- PKEY_DISABLE_ACCESS disables both R and W
- PKEY_DISABLE_{WRITE,READ} disables W and R respectively
- PKEY_DISABLE_EXECUTE disables X
Combinations like the one below are accepted although they are redundant:
- PKEY_DISABLE_ACCESS | PKEY_DISABLE_READ | PKEY_DISABLE_WRITE
Reverse mapping tries to retain backward compatibility and ORs
PKEY_DISABLE_ACCESS whenever both flags PKEY_DISABLE_READ and
PKEY_DISABLE_WRITE would be present.
This will break code that compares pkey_get output with == instead
of using bitwise operations. The latter is more correct since PKEY_*
constants are essentially bit flags.
It should be noted that PKEY_DISABLE_ACCESS does not prevent execution.
[1] https://developer.arm.com/documentation/ddi0487/ka/ section D8.4.1.4
Co-authored-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
||
|---|---|---|
| advisories | ||
| argp | ||
| assert | ||
| benchtests | ||
| bits | ||
| catgets | ||
| ChangeLog.old | ||
| conform | ||
| csu | ||
| ctype | ||
| debug | ||
| dirent | ||
| dlfcn | ||
| elf | ||
| gmon | ||
| gnulib | ||
| hesiod | ||
| htl | ||
| hurd | ||
| iconv | ||
| iconvdata | ||
| include | ||
| inet | ||
| intl | ||
| io | ||
| libio | ||
| locale | ||
| localedata | ||
| login | ||
| mach | ||
| malloc | ||
| manual | ||
| math | ||
| mathvec | ||
| misc | ||
| nis | ||
| nptl | ||
| nptl_db | ||
| nscd | ||
| nss | ||
| po | ||
| posix | ||
| resolv | ||
| resource | ||
| rt | ||
| scripts | ||
| setjmp | ||
| signal | ||
| socket | ||
| soft-fp | ||
| stdio-common | ||
| stdlib | ||
| string | ||
| sunrpc | ||
| support | ||
| sysdeps | ||
| sysvipc | ||
| termios | ||
| time | ||
| timezone | ||
| wcsmbs | ||
| wctype | ||
| .b4-config | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| abi-tags | ||
| aclocal.m4 | ||
| config.h.in | ||
| config.make.in | ||
| configure | ||
| configure.ac | ||
| CONTRIBUTED-BY | ||
| COPYING | ||
| COPYING.LIB | ||
| extra-lib.mk | ||
| gen-locales.mk | ||
| INSTALL | ||
| libc-abis | ||
| libof-iterator.mk | ||
| LICENSES | ||
| MAINTAINERS | ||
| Makeconfig | ||
| Makefile | ||
| Makefile.help | ||
| Makefile.in | ||
| Makerules | ||
| NEWS | ||
| o-iterator.mk | ||
| README | ||
| Rules | ||
| SECURITY.md | ||
| SHARED-FILES | ||
| shlib-versions | ||
| test-skeleton.c | ||
| version.h | ||
This directory contains the sources of the GNU C Library. See the file "version.h" for what release version you have. The GNU C Library is the standard system C library for all GNU systems, and is an important part of what makes up a GNU system. It provides the system API for all programs written in C and C-compatible languages such as C++ and Objective C; the runtime facilities of other programming languages use the C library to access the underlying operating system. In GNU/Linux systems, the C library works with the Linux kernel to implement the operating system behavior seen by user applications. In GNU/Hurd systems, it works with a microkernel and Hurd servers. The GNU C Library implements much of the POSIX.1 functionality in the GNU/Hurd system, using configurations i[4567]86-*-gnu and x86_64-gnu. When working with Linux kernels, this version of the GNU C Library requires Linux kernel version 3.2 or later. Also note that the shared version of the libgcc_s library must be installed for the pthread library to work correctly. The GNU C Library supports these configurations for using Linux kernels: aarch64*-*-linux-gnu alpha*-*-linux-gnu arc*-*-linux-gnu arm-*-linux-gnueabi csky-*-linux-gnuabiv2 hppa-*-linux-gnu i[4567]86-*-linux-gnu x86_64-*-linux-gnu Can build either x86_64 or x32 loongarch64-*-linux-gnu Hardware floating point, LE only. m68k-*-linux-gnu microblaze*-*-linux-gnu mips-*-linux-gnu mips64-*-linux-gnu or1k-*-linux-gnu powerpc-*-linux-gnu Hardware or software floating point, BE only. powerpc64*-*-linux-gnu Big-endian and little-endian. s390-*-linux-gnu s390x-*-linux-gnu riscv32-*-linux-gnu riscv64-*-linux-gnu sh[34]-*-linux-gnu sparc*-*-linux-gnu sparc64*-*-linux-gnu If you are interested in doing a port, please contact the glibc maintainers; see https://www.gnu.org/software/libc/ for more information. See the file INSTALL to find out how to configure, build, and install the GNU C Library. You might also consider reading the WWW pages for the C library at https://www.gnu.org/software/libc/. The GNU C Library is (almost) completely documented by the Texinfo manual found in the `manual/' subdirectory. The manual is still being updated and contains some known errors and omissions; we regret that we do not have the resources to work on the manual as much as we would like. For corrections to the manual, please file a bug in the `manual' component, following the bug-reporting instructions below. Please be sure to check the manual in the current development sources to see if your problem has already been corrected. Please see https://www.gnu.org/software/libc/bugs.html for bug reporting information. We are now using the Bugzilla system to track all bug reports. This web page gives detailed information on how to report bugs properly. The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually.