diff mbox series

[v3,7/9] x86/cet: Don't disable CET if not single threaded

Message ID	20231219160740.3079330-8-hjl.tools@gmail.com
State	Superseded
Headers	DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 94EA43860750 From: "H.J. Lu" <hjl.tools@gmail.com> To: libc-alpha@sourceware.org Cc: goldstein.w.n@gmail.com, rick.p.edgecombe@intel.com Subject: [PATCH v3 7/9] x86/cet: Don't disable CET if not single threaded Date: Tue, 19 Dec 2023 08:07:38 -0800 Message-ID: <20231219160740.3079330-8-hjl.tools@gmail.com> In-Reply-To: <20231219160740.3079330-1-hjl.tools@gmail.com> References: <20231219160740.3079330-1-hjl.tools@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
Series	x86/cet: Update CET kernel interface \| [v3,0/9] x86/cet: Update CET kernel interface [v3,1/9] x86/cet: Update tst-cet-vfork-1 [v3,2/9] x86: Modularize sysdeps/x86/dl-cet.c [v3,3/9] x86/cet: Sync with Linux kernel 6.6 shadow stack interface [v3,4/9] elf: Always provide _dl_get_dl_main_map in libc.a [v3,5/9] x86/cet: Enable shadow stack during startup [v3,6/9] x86/cet: Check feature_1 in TCB for active IBT and SHSTK [v3,7/9] x86/cet: Don't disable CET if not single threaded [v3,8/9] x86/cet: Don't set CET active by default [v3,9/9] x86/cet: Run some CET tests with shadow stack

Checks

Context	Check	Description
redhat-pt-bot/TryBot-apply_patch	success	Patch applied to master at the time it was sent
linaro-tcwg-bot/tcwg_glibc_build--master-arm	fail	Patch failed to apply
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64	fail	Patch failed to apply

Commit Message

H.J. Lu Dec. 19, 2023, 4:07 p.m. UTC

  In permissive mode, don't disable IBT nor SHSTK when dlopening a legacy
shared library if not single threaded since IBT and SHSTK may be still
enabled in other threads.  Other threads with IBT or SHSTK enabled will
crash when calling functions in the legacy shared library.  Instead, an
error will be issued.
---
 sysdeps/x86/dl-cet.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

Comments

H.J. Lu Dec. 19, 2023, 4:16 p.m. UTC | #1

On Tue, Dec 19, 2023 at 8:08 AM H.J. Lu <hjl.tools@gmail.com> wrote:
>
> In permissive mode, don't disable IBT nor SHSTK when dlopening a legacy
> shared library if not single threaded since IBT and SHSTK may be still
> enabled in other threads.  Other threads with IBT or SHSTK enabled will
> crash when calling functions in the legacy shared library.  Instead, an
> error will be issued.
> ---
>  sysdeps/x86/dl-cet.c | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/sysdeps/x86/dl-cet.c b/sysdeps/x86/dl-cet.c
> index f40f8e17b0..25add215f2 100644
> --- a/sysdeps/x86/dl-cet.c
> +++ b/sysdeps/x86/dl-cet.c
> @@ -20,6 +20,7 @@
>  #include <libintl.h>
>  #include <ldsodefs.h>
>  #include <dl-cet.h>
> +#include <sys/single_threaded.h>
>
>  /* GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
>     are defined in <elf.h>, which are only available for C sources.
> @@ -204,7 +205,10 @@ dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
>        && (info->feature_1_legacy
>           & GNU_PROPERTY_X86_FEATURE_1_IBT) != 0)
>      {
> -      if (info->enable_ibt_type != cet_permissive)
> +      /* Don't disable IBT if not single threaded since IBT may be still
> +        enabled in other threads.  */
> +      if (info->enable_ibt_type != cet_permissive
> +         || !SINGLE_THREAD_P)
>         {
>           legacy_obj = info->feature_1_legacy_ibt;
>           msg = N_("rebuild shared object with IBT support enabled");
> @@ -220,7 +224,10 @@ dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
>        && (info->feature_1_legacy
>           & GNU_PROPERTY_X86_FEATURE_1_SHSTK) != 0)
>      {
> -      if (info->enable_shstk_type != cet_permissive)
> +      /* Don't disable SHSTK if not single threaded since SHSTK may be
> +         still enabled in other threads.  */
> +      if (info->enable_shstk_type != cet_permissive
> +         || !SINGLE_THREAD_P)
>         {
>           legacy_obj = info->feature_1_legacy_shstk;
>           msg = N_("rebuild shared object with SHSTK support enabled");
> --
> 2.43.0
>

I will check it in tomorrow if there is no objection.

diff mbox series

Patch

diff --git a/sysdeps/x86/dl-cet.c b/sysdeps/x86/dl-cet.c
index f40f8e17b0..25add215f2 100644
--- a/sysdeps/x86/dl-cet.c
+++ b/sysdeps/x86/dl-cet.c
@@ -20,6 +20,7 @@ 
 #include <libintl.h>
 #include <ldsodefs.h>
 #include <dl-cet.h>
+#include <sys/single_threaded.h>
 
 /* GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
    are defined in <elf.h>, which are only available for C sources.
@@ -204,7 +205,10 @@  dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
       && (info->feature_1_legacy
 	  & GNU_PROPERTY_X86_FEATURE_1_IBT) != 0)
     {
-      if (info->enable_ibt_type != cet_permissive)
+      /* Don't disable IBT if not single threaded since IBT may be still
+	 enabled in other threads.  */
+      if (info->enable_ibt_type != cet_permissive
+	  || !SINGLE_THREAD_P)
 	{
 	  legacy_obj = info->feature_1_legacy_ibt;
 	  msg = N_("rebuild shared object with IBT support enabled");
@@ -220,7 +224,10 @@  dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
       && (info->feature_1_legacy
 	  & GNU_PROPERTY_X86_FEATURE_1_SHSTK) != 0)
     {
-      if (info->enable_shstk_type != cet_permissive)
+      /* Don't disable SHSTK if not single threaded since SHSTK may be
+         still enabled in other threads.  */
+      if (info->enable_shstk_type != cet_permissive
+	  || !SINGLE_THREAD_P)
 	{
 	  legacy_obj = info->feature_1_legacy_shstk;
 	  msg = N_("rebuild shared object with SHSTK support enabled");