From patchwork Wed Jul 25 12:22:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 28605 Received: (qmail 32903 invoked by alias); 25 Jul 2018 12:23:01 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 32878 invoked by uid 89); 25 Jul 2018 12:23:00 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.8 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.2 spammy=HX-Received:sk:d128-v6, HX-Received:3686 X-HELO: mail-pg1-f169.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:mime-version:content-disposition :user-agent; bh=N48PCi22/oOVnvfNAH6mpbfC7xHbOXNajCWaBfEUPgU=; b=WCkyQymTpHplewcddHjAck69sa/Rtg6WI9vHd2zatnMHMHqupGHWCQfSBqOSk1b2/7 1rKgwKNSAg4F/8eQhFz/zyHfc5ft/tHyQ8jfVP8JFkWMMmqRURQ0hwVQ75fchCB0o4Fe ucdydenz8xWwMmMWv8jYIPZTUcfAh5wjaDQeSZ8MrIQSSycamJaEYRL2Ihp1PlmvPszp jr0L+FCjYvK1OaU0Y0uIGdQTu0qs1nVczLdzwW41Ry/U1immxGZp8QDuhppKhqUgBzpv sSt89/4qqIWfdc3ucDabCWWNaO9TEoPuwcF1cqyrCgRhH437b7/NFSVrbMhpHyog1644 E+sg== Return-Path: Date: Wed, 25 Jul 2018 05:22:55 -0700 From: "H.J. Lu" To: Carlos O'Donell Cc: libc-alpha@sourceware.org Subject: [PATCH] x86/CET: Add a setcontext test for CET Message-ID: <20180725122255.GD13278@gmail.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.10.0 (2018-05-17) Verify that setcontext works with gaps above and below the newly allocated shadow stack. OK for master? H.J. Reviewed-by: Carlos O'Donell --- * sysdeps/x86/Makefile (tests): Add tst-cet-setcontext-1 if CET is enabled. (CFLAGS-tst-cet-setcontext-1.c): Add -mshstk. * sysdeps/x86/tst-cet-setcontext-1.c: New file. --- sysdeps/x86/Makefile | 5 ++ sysdeps/x86/tst-cet-setcontext-1.c | 119 +++++++++++++++++++++++++++++ 2 files changed, 124 insertions(+) create mode 100644 sysdeps/x86/tst-cet-setcontext-1.c diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile index 672bb19489..761d396108 100644 --- a/sysdeps/x86/Makefile +++ b/sysdeps/x86/Makefile @@ -92,4 +92,9 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \ $(evaluate-test) generated += check-cet.out endif + +ifeq ($(subdir),stdlib) +tests += tst-cet-setcontext-1 +CFLAGS-tst-cet-setcontext-1.c += -mshstk +endif endif diff --git a/sysdeps/x86/tst-cet-setcontext-1.c b/sysdeps/x86/tst-cet-setcontext-1.c new file mode 100644 index 0000000000..08b7f6378e --- /dev/null +++ b/sysdeps/x86/tst-cet-setcontext-1.c @@ -0,0 +1,119 @@ +/* Check getcontext and setcontext on the context from makecontext + with shadow stack. + Copyright (C) 2018 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include +#include +#include + +static ucontext_t ctx[5]; +static atomic_int done; + +static void +__attribute__((noinline, noclone)) +f2 (void) +{ + printf ("start f2\n"); + done++; + if (setcontext (&ctx[2]) != 0) + { + printf ("%s: setcontext: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } +} + +static void +f1 (void) +{ + printf ("start f1\n"); + if (getcontext (&ctx[2]) != 0) + { + printf ("%s: getcontext: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + if (done) + exit (EXIT_SUCCESS); + f2 (); +} + +static int +do_test (void) +{ + char st1[32768]; + puts ("making contexts"); + if (getcontext (&ctx[0]) != 0) + { + printf ("%s: getcontext: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + if (getcontext (&ctx[1]) != 0) + { + printf ("%s: getcontext: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + + ctx[3].uc_stack.ss_sp = st1; + ctx[3].uc_stack.ss_size = sizeof st1; + ctx[3].uc_link = &ctx[0]; + makecontext (&ctx[3], (void (*) (void)) f1, 0); + + ctx[1].uc_stack.ss_sp = st1; + ctx[1].uc_stack.ss_size = sizeof st1; + ctx[1].uc_link = &ctx[0]; + makecontext (&ctx[1], (void (*) (void)) f1, 0); + + ctx[4].uc_stack.ss_sp = st1; + ctx[4].uc_stack.ss_size = sizeof st1; + ctx[4].uc_link = &ctx[0]; + makecontext (&ctx[4], (void (*) (void)) f1, 0); + + /* Free the unused shadow stacks to create gaps above and below the + shadow stack of CTX1. */ + if (_get_ssp () != 0) + { + if (ctx[3].__ssp[1] != 0 + && munmap ((void *) (uintptr_t) ctx[3].__ssp[1], + (size_t) ctx[3].__ssp[2]) != 0) + { + printf ("%s: munmap: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + + if (ctx[4].__ssp[1] != 0 + && munmap ((void *) (uintptr_t) ctx[4].__ssp[1], + (size_t) ctx[4].__ssp[2]) != 0) + { + printf ("%s: munmap: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + } + + if (setcontext (&ctx[1]) != 0) + { + printf ("%s: setcontext: %m\n", __FUNCTION__); + exit (EXIT_FAILURE); + } + exit (EXIT_FAILURE); +} + +#include