mirror of
https://sourceware.org/git/glibc.git
synced 2024-12-26 12:41:05 +00:00
fddcd00377
Check binary compatibility of CET-enabled executables: 1. When CET-enabled executable is used with legacy non-CET shared object at run-time, ld.so should disable SHSTK and put legacy non-CET shared objects in legacy bitmap. 2. When IBT-enabled executable dlopens legacy non-CET shared object, ld.so should put legacy shared object in legacy bitmap. 3. Use GLIBC_TUNABLES=glibc.tune.x86_shstk=[on|off|permissive] to control how SHSTK is enabled. * sysdeps/x86/Makefile (tests): Add tst-cet-legacy-1, tst-cet-legacy-2, tst-cet-legacy-2a, tst-cet-legacy-3, tst-cet-legacy-4, tst-cet-legacy-4a, tst-cet-legacy-4b and tst-cet-legacy-4c. (modules-names): Add tst-cet-legacy-mod-1, tst-cet-legacy-mod-2 and tst-cet-legacy-mod-4. (CFLAGS-tst-cet-legacy-2.c): New. (CFLAGS-tst-cet-legacy-mod-1.c): Likewise. (CFLAGS-tst-cet-legacy-mod-2.c): Likewise. (CFLAGS-tst-cet-legacy-3.c): Likewise. (CFLAGS-tst-cet-legacy-4.c): Likewise. (CFLAGS-tst-cet-legacy-mod-4.c): Likewise. ($(objpfx)tst-cet-legacy-1): Likewise. ($(objpfx)tst-cet-legacy-2): Likewise. ($(objpfx)tst-cet-legacy-2.out): Likewise. ($(objpfx)tst-cet-legacy-2a): Likewise. ($(objpfx)tst-cet-legacy-2a.out): Likewise. ($(objpfx)tst-cet-legacy-4): Likewise. ($(objpfx)tst-cet-legacy-4.out): Likewise. ($(objpfx)tst-cet-legacy-4a): Likewise. ($(objpfx)tst-cet-legacy-4a.out): Likewise. (tst-cet-legacy-4a-ENV): Likewise. ($(objpfx)tst-cet-legacy-4b): Likewise. ($(objpfx)tst-cet-legacy-4b.out): Likewise. (tst-cet-legacy-4b-ENV): Likewise. ($(objpfx)tst-cet-legacy-4c): Likewise. ($(objpfx)tst-cet-legacy-4c.out): Likewise. (tst-cet-legacy-4c-ENV): Likewise. * sysdeps/x86/tst-cet-legacy-1.c: New file. * sysdeps/x86/tst-cet-legacy-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-2a.c: Likewise. * sysdeps/x86/tst-cet-legacy-3.c: Likewise. * sysdeps/x86/tst-cet-legacy-4.c: Likewise. * sysdeps/x86/tst-cet-legacy-4a.c: Likewise. * sysdeps/x86/tst-cet-legacy-4b.c: Likewise. * sysdeps/x86/tst-cet-legacy-4c.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-1.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-2.c: Likewise. * sysdeps/x86/tst-cet-legacy-mod-4.c: Likewise.
96 lines
3.2 KiB
Makefile
96 lines
3.2 KiB
Makefile
ifeq ($(subdir),csu)
|
|
gen-as-const-headers += cpu-features-offsets.sym
|
|
endif
|
|
|
|
ifeq ($(subdir),elf)
|
|
sysdep-dl-routines += dl-get-cpu-features
|
|
|
|
tests += tst-get-cpu-features
|
|
tests-static += tst-get-cpu-features-static
|
|
endif
|
|
|
|
ifeq ($(subdir),setjmp)
|
|
gen-as-const-headers += jmp_buf-ssp.sym
|
|
sysdep_routines += __longjmp_cancel
|
|
endif
|
|
|
|
ifeq ($(enable-cet),yes)
|
|
ifeq ($(subdir),elf)
|
|
sysdep-dl-routines += dl-cet
|
|
|
|
tests += tst-cet-legacy-1 tst-cet-legacy-2 tst-cet-legacy-2a \
|
|
tst-cet-legacy-3 tst-cet-legacy-4
|
|
ifneq (no,$(have-tunables))
|
|
tests += tst-cet-legacy-4a tst-cet-legacy-4b tst-cet-legacy-4c
|
|
endif
|
|
modules-names += tst-cet-legacy-mod-1 tst-cet-legacy-mod-2 \
|
|
tst-cet-legacy-mod-4
|
|
|
|
CFLAGS-tst-cet-legacy-2.c += -fcf-protection=branch
|
|
CFLAGS-tst-cet-legacy-2a.c += -fcf-protection
|
|
CFLAGS-tst-cet-legacy-mod-1.c += -fcf-protection=none
|
|
CFLAGS-tst-cet-legacy-mod-2.c += -fcf-protection=none
|
|
CFLAGS-tst-cet-legacy-3.c += -fcf-protection=none
|
|
CFLAGS-tst-cet-legacy-4.c += -fcf-protection=branch
|
|
CFLAGS-tst-cet-legacy-4a.c += -fcf-protection
|
|
CFLAGS-tst-cet-legacy-4b.c += -fcf-protection
|
|
CFLAGS-tst-cet-legacy-mod-4.c += -fcf-protection=none
|
|
|
|
$(objpfx)tst-cet-legacy-1: $(objpfx)tst-cet-legacy-mod-1.so \
|
|
$(objpfx)tst-cet-legacy-mod-2.so
|
|
$(objpfx)tst-cet-legacy-2: $(objpfx)tst-cet-legacy-mod-2.so $(libdl)
|
|
$(objpfx)tst-cet-legacy-2.out: $(objpfx)tst-cet-legacy-mod-1.so
|
|
$(objpfx)tst-cet-legacy-2a: $(objpfx)tst-cet-legacy-mod-2.so $(libdl)
|
|
$(objpfx)tst-cet-legacy-2a.out: $(objpfx)tst-cet-legacy-mod-1.so
|
|
$(objpfx)tst-cet-legacy-4: $(libdl)
|
|
$(objpfx)tst-cet-legacy-4.out: $(objpfx)tst-cet-legacy-mod-4.so
|
|
ifneq (no,$(have-tunables))
|
|
$(objpfx)tst-cet-legacy-4a: $(libdl)
|
|
$(objpfx)tst-cet-legacy-4a.out: $(objpfx)tst-cet-legacy-mod-4.so
|
|
tst-cet-legacy-4a-ENV = GLIBC_TUNABLES=glibc.tune.x86_shstk=permissive
|
|
$(objpfx)tst-cet-legacy-4b: $(libdl)
|
|
$(objpfx)tst-cet-legacy-4b.out: $(objpfx)tst-cet-legacy-mod-4.so
|
|
tst-cet-legacy-4b-ENV = GLIBC_TUNABLES=glibc.tune.x86_shstk=on
|
|
$(objpfx)tst-cet-legacy-4c: $(libdl)
|
|
$(objpfx)tst-cet-legacy-4c.out: $(objpfx)tst-cet-legacy-mod-4.so
|
|
tst-cet-legacy-4c-ENV = GLIBC_TUNABLES=glibc.tune.x86_shstk=off
|
|
endif
|
|
endif
|
|
|
|
# Add -fcf-protection to CFLAGS when CET is enabled.
|
|
CFLAGS-.o += -fcf-protection
|
|
CFLAGS-.os += -fcf-protection
|
|
CFLAGS-.op += -fcf-protection
|
|
CFLAGS-.oS += -fcf-protection
|
|
|
|
# Compile assembly codes with <cet.h> when CET is enabled.
|
|
asm-CPPFLAGS += -fcf-protection -include cet.h
|
|
|
|
ifeq ($(subdir),elf)
|
|
ifeq (yes,$(build-shared))
|
|
tests-special += $(objpfx)check-cet.out
|
|
endif
|
|
|
|
# FIXME: Can't use all-built-dso in elf/Makefile since this file is
|
|
# processed before elf/Makefile. Duplicate it here.
|
|
cet-built-dso := $(common-objpfx)elf/ld.so $(common-objpfx)libc.so \
|
|
$(filter-out $(common-objpfx)linkobj/libc.so, \
|
|
$(sort $(wildcard $(addprefix $(common-objpfx), \
|
|
*/lib*.so \
|
|
iconvdata/*.so))))
|
|
|
|
$(cet-built-dso:=.note): %.note: %
|
|
@rm -f $@T
|
|
LC_ALL=C $(READELF) -n $< > $@T
|
|
test -s $@T
|
|
mv -f $@T $@
|
|
common-generated += $(cet-built-dso:$(common-objpfx)%=%.note)
|
|
|
|
$(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \
|
|
$(cet-built-dso:=.note)
|
|
LC_ALL=C $(AWK) -f $^ > $@; \
|
|
$(evaluate-test)
|
|
generated += check-cet.out
|
|
endif
|
|
endif
|