[v2,2/3] i386: Remove CET support
Checks
Context |
Check |
Description |
redhat-pt-bot/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64 |
success
|
Testing passed
|
linaro-tcwg-bot/tcwg_glibc_check--master-aarch64 |
success
|
Testing passed
|
linaro-tcwg-bot/tcwg_glibc_build--master-arm |
success
|
Testing passed
|
linaro-tcwg-bot/tcwg_glibc_check--master-arm |
success
|
Testing passed
|
Commit Message
CET is only support for x86_64, this patch reverts:
- faaee1f07ed (x86: Support shadow stack pointer in setjmp/longjmp).
- be9ccd27c09 (i386: Add _CET_ENDBR to indirect jump targets in)
add_n.S/sub_n.S).
- faaee1f07ed (x86: Support shadow stack pointer in setjmp/longjmp).
- c02695d7764 (x86/CET: Update vfork to prevent child return).
- c02695d7764 (x86: Update vfork to pop shadow stack).
- 5d844e1b725 (i386: Enable CET support in ucontext functions).
Checked on i686-linux-gnu.
---
sysdeps/i386/__longjmp.S | 73 ---------
sysdeps/i386/add_n.S | 25 ----
sysdeps/i386/bsd-_setjmp.S | 21 ---
sysdeps/i386/bsd-setjmp.S | 21 ---
sysdeps/i386/i686/add_n.S | 25 ----
sysdeps/i386/setjmp.S | 21 ---
sysdeps/i386/sub_n.S | 24 ---
.../unix/sysv/linux/i386/____longjmp_chk.S | 37 -----
sysdeps/unix/sysv/linux/i386/getcontext.S | 56 -------
sysdeps/unix/sysv/linux/i386/makecontext.S | 123 ----------------
sysdeps/unix/sysv/linux/i386/setcontext.S | 101 +------------
sysdeps/unix/sysv/linux/i386/swapcontext.S | 139 ------------------
sysdeps/unix/sysv/linux/i386/sysdep.h | 5 -
sysdeps/unix/sysv/linux/i386/ucontext_i.sym | 4 -
sysdeps/unix/sysv/linux/i386/vfork.S | 29 ----
sysdeps/x86/sysdep.h | 2 -
16 files changed, 3 insertions(+), 703 deletions(-)
Comments
On Fri, Jan 5, 2024 at 8:36 AM Adhemerval Zanella
<adhemerval.zanella@linaro.org> wrote:
>
> CET is only support for x86_64, this patch reverts:
>
> - faaee1f07ed (x86: Support shadow stack pointer in setjmp/longjmp).
> - be9ccd27c09 (i386: Add _CET_ENDBR to indirect jump targets in)
> add_n.S/sub_n.S).
> - faaee1f07ed (x86: Support shadow stack pointer in setjmp/longjmp).
> - c02695d7764 (x86/CET: Update vfork to prevent child return).
> - c02695d7764 (x86: Update vfork to pop shadow stack).
> - 5d844e1b725 (i386: Enable CET support in ucontext functions).
>
> Checked on i686-linux-gnu.
> ---
> sysdeps/i386/__longjmp.S | 73 ---------
> sysdeps/i386/add_n.S | 25 ----
> sysdeps/i386/bsd-_setjmp.S | 21 ---
> sysdeps/i386/bsd-setjmp.S | 21 ---
> sysdeps/i386/i686/add_n.S | 25 ----
> sysdeps/i386/setjmp.S | 21 ---
> sysdeps/i386/sub_n.S | 24 ---
> .../unix/sysv/linux/i386/____longjmp_chk.S | 37 -----
> sysdeps/unix/sysv/linux/i386/getcontext.S | 56 -------
> sysdeps/unix/sysv/linux/i386/makecontext.S | 123 ----------------
> sysdeps/unix/sysv/linux/i386/setcontext.S | 101 +------------
> sysdeps/unix/sysv/linux/i386/swapcontext.S | 139 ------------------
> sysdeps/unix/sysv/linux/i386/sysdep.h | 5 -
> sysdeps/unix/sysv/linux/i386/ucontext_i.sym | 4 -
> sysdeps/unix/sysv/linux/i386/vfork.S | 29 ----
> sysdeps/x86/sysdep.h | 2 -
> 16 files changed, 3 insertions(+), 703 deletions(-)
>
> diff --git a/sysdeps/i386/__longjmp.S b/sysdeps/i386/__longjmp.S
> index 302c00ac62..bb83609d57 100644
> --- a/sysdeps/i386/__longjmp.S
> +++ b/sysdeps/i386/__longjmp.S
> @@ -19,55 +19,14 @@
> #include <sysdep.h>
> #include <pointer_guard.h>
> #include <jmpbuf-offsets.h>
> -#include <jmp_buf-ssp.h>
> #include <asm-syntax.h>
> #include <stap-probe.h>
>
> -/* Don't restore shadow stack register if
> - 1. Shadow stack isn't enabled. Or
> - 2. __longjmp is defined for __longjmp_cancel.
> - */
> -#if !SHSTK_ENABLED || defined __longjmp
> -# undef SHADOW_STACK_POINTER_OFFSET
> -#endif
> -
> .text
> ENTRY (__longjmp)
> #ifdef PTR_DEMANGLE
> movl 4(%esp), %eax /* User's jmp_buf in %eax. */
>
> -# ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# else
> - xorl %edx, %edx
> -# endif
> - /* Check and adjust the Shadow-Stack-Pointer. */
> - rdsspd %edx
> - /* And compare it with the saved ssp value. */
> - subl SHADOW_STACK_POINTER_OFFSET(%eax), %edx
> - je L(skip_ssp)
> - /* Count the number of frames to adjust and adjust it
> - with incssp instruction. The instruction can adjust
> - the ssp by [0..255] value only thus use a loop if
> - the number of frames is bigger than 255. */
> - negl %edx
> - shrl $2, %edx
> - /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
> - restoring Shadow-Stack-Pointer of setjmp's caller, we
> - need to unwind shadow stack by one more frame. */
> - addl $1, %edx
> - movl $255, %ebx
> -L(loop):
> - cmpl %ebx, %edx
> - cmovb %edx, %ebx
> - incsspd %ebx
> - subl %ebx, %edx
> - ja L(loop)
> -L(skip_ssp):
> -# endif
> /* Save the return address now. */
> movl (JB_PC*4)(%eax), %edx
> /* Get the stack pointer. */
> @@ -98,38 +57,6 @@ L(skip_ssp):
> #else
> movl 4(%esp), %ecx /* User's jmp_buf in %ecx. */
> movl 8(%esp), %eax /* Second argument is return value. */
> -# ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# endif
> - /* Check and adjust the Shadow-Stack-Pointer. */
> - xorl %edx, %edx
> - /* Get the current ssp. */
> - rdsspd %edx
> - /* And compare it with the saved ssp value. */
> - subl SHADOW_STACK_POINTER_OFFSET(%ecx), %edx
> - je L(skip_ssp)
> - /* Count the number of frames to adjust and adjust it
> - with incssp instruction. The instruction can adjust
> - the ssp by [0..255] value only thus use a loop if
> - the number of frames is bigger than 255. */
> - negl %edx
> - shrl $2, %edx
> - /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
> - restoring Shadow-Stack-Pointer of setjmp's caller, we
> - need to unwind shadow stack by one more frame. */
> - addl $1, %edx
> - movl $255, %ebx
> -L(loop):
> - cmpl %ebx, %edx
> - cmovb %edx, %ebx
> - incsspd %ebx
> - subl %ebx, %edx
> - ja L(loop)
> -L(skip_ssp):
> -# endif
> /* Save the return address now. */
> movl (JB_PC*4)(%ecx), %edx
> LIBC_PROBE (longjmp, 3, 4@%ecx, -4@%eax, 4@%edx)
> diff --git a/sysdeps/i386/add_n.S b/sysdeps/i386/add_n.S
> index d4af6d92ec..c1b7098b1c 100644
> --- a/sysdeps/i386/add_n.S
> +++ b/sysdeps/i386/add_n.S
> @@ -40,13 +40,6 @@ ENTRY (__mpn_add_n)
> cfi_rel_offset (esi, 0)
> movl S2(%esp),%edx
> movl SIZE(%esp),%ecx
> -
> -#if IBT_ENABLED
> - pushl %ebx
> - cfi_adjust_cfa_offset (4)
> - cfi_rel_offset (ebx, 0)
> -#endif
> -
> movl %ecx,%eax
> shrl $3,%ecx /* compute count for unrolled loop */
> negl %eax
> @@ -58,9 +51,6 @@ ENTRY (__mpn_add_n)
> subl %eax,%esi /* ... by a constant when we ... */
> subl %eax,%edx /* ... enter the loop */
> shrl $2,%eax /* restore previous value */
> -#if IBT_ENABLED
> - leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
> -#endif
> #ifdef PIC
> /* Calculate start address in loop for PIC. Due to limitations in some
> assemblers, Loop-L0-3 cannot be put into the leal */
> @@ -74,40 +64,30 @@ L(0): leal (%eax,%eax,8),%eax
> #else
> /* Calculate start address in loop for non-PIC. */
> leal (L(oop) - 3)(%eax,%eax,8),%eax
> -#endif
> -#if IBT_ENABLED
> - addl %ebx,%eax /* Adjust for endbr32 */
> #endif
> jmp *%eax /* jump into loop */
> ALIGN (3)
> L(oop): movl (%esi),%eax
> adcl (%edx),%eax
> movl %eax,(%edi)
> - _CET_ENDBR
> movl 4(%esi),%eax
> adcl 4(%edx),%eax
> movl %eax,4(%edi)
> - _CET_ENDBR
> movl 8(%esi),%eax
> adcl 8(%edx),%eax
> movl %eax,8(%edi)
> - _CET_ENDBR
> movl 12(%esi),%eax
> adcl 12(%edx),%eax
> movl %eax,12(%edi)
> - _CET_ENDBR
> movl 16(%esi),%eax
> adcl 16(%edx),%eax
> movl %eax,16(%edi)
> - _CET_ENDBR
> movl 20(%esi),%eax
> adcl 20(%edx),%eax
> movl %eax,20(%edi)
> - _CET_ENDBR
> movl 24(%esi),%eax
> adcl 24(%edx),%eax
> movl %eax,24(%edi)
> - _CET_ENDBR
> movl 28(%esi),%eax
> adcl 28(%edx),%eax
> movl %eax,28(%edi)
> @@ -120,11 +100,6 @@ L(oop): movl (%esi),%eax
> sbbl %eax,%eax
> negl %eax
>
> -#if IBT_ENABLED
> - popl %ebx
> - cfi_adjust_cfa_offset (-4)
> - cfi_restore (ebx)
> -#endif
> popl %esi
> cfi_adjust_cfa_offset (-4)
> cfi_restore (esi)
> diff --git a/sysdeps/i386/bsd-_setjmp.S b/sysdeps/i386/bsd-_setjmp.S
> index eb3ac9c8e9..5fd671a477 100644
> --- a/sysdeps/i386/bsd-_setjmp.S
> +++ b/sysdeps/i386/bsd-_setjmp.S
> @@ -23,18 +23,12 @@
> #include <sysdep.h>
> #include <pointer_guard.h>
> #include <jmpbuf-offsets.h>
> -#include <jmp_buf-ssp.h>
> #include <stap-probe.h>
>
> #define PARMS 4 /* no space for saved regs */
> #define JMPBUF PARMS
> #define SIGMSK JMPBUF+4
>
> -/* Don't save shadow stack register if shadow stack isn't enabled. */
> -#if !SHSTK_ENABLED
> -# undef SHADOW_STACK_POINTER_OFFSET
> -#endif
> -
> ENTRY (_setjmp)
>
> xorl %eax, %eax
> @@ -58,21 +52,6 @@ ENTRY (_setjmp)
> movl %ebp, (JB_BP*4)(%edx) /* Save caller's frame pointer. */
>
> movl %eax, JB_SIZE(%edx) /* No signal mask set. */
> -#ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# else
> - xorl %ecx, %ecx
> -# endif
> - /* Get the current Shadow-Stack-Pointer and save it. */
> - rdsspd %ecx
> - movl %ecx, SHADOW_STACK_POINTER_OFFSET(%edx)
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> -L(skip_ssp):
> -# endif
> -#endif
> ret
> END (_setjmp)
> libc_hidden_def (_setjmp)
> diff --git a/sysdeps/i386/bsd-setjmp.S b/sysdeps/i386/bsd-setjmp.S
> index c03f235d0f..13338a6480 100644
> --- a/sysdeps/i386/bsd-setjmp.S
> +++ b/sysdeps/i386/bsd-setjmp.S
> @@ -23,18 +23,12 @@
> #include <sysdep.h>
> #include <pointer_guard.h>
> #include <jmpbuf-offsets.h>
> -#include <jmp_buf-ssp.h>
> #include <stap-probe.h>
>
> #define PARMS 4 /* no space for saved regs */
> #define JMPBUF PARMS
> #define SIGMSK JMPBUF+4
>
> -/* Don't save shadow stack register if shadow stack isn't enabled. */
> -#if !SHSTK_ENABLED
> -# undef SHADOW_STACK_POINTER_OFFSET
> -#endif
> -
> ENTRY (setjmp)
> /* Note that we have to use a non-exported symbol in the next
> jump since otherwise gas will emit it as a jump through the
> @@ -58,21 +52,6 @@ ENTRY (setjmp)
> #endif
> movl %ecx, (JB_PC*4)(%eax)
> movl %ebp, (JB_BP*4)(%eax) /* Save caller's frame pointer. */
> -#ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# else
> - xorl %ecx, %ecx
> -# endif
> - /* Get the current Shadow-Stack-Pointer and save it. */
> - rdsspd %ecx
> - movl %ecx, SHADOW_STACK_POINTER_OFFSET(%eax)
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> -L(skip_ssp):
> -# endif
> -#endif
>
> /* Call __sigjmp_save. */
> pushl $1
> diff --git a/sysdeps/i386/i686/add_n.S b/sysdeps/i386/i686/add_n.S
> index c2bc798187..bbc0cc71a2 100644
> --- a/sysdeps/i386/i686/add_n.S
> +++ b/sysdeps/i386/i686/add_n.S
> @@ -44,13 +44,6 @@ ENTRY (__mpn_add_n)
> cfi_rel_offset (esi, 0)
> movl S2(%esp),%edx
> movl SIZE(%esp),%ecx
> -
> -#if IBT_ENABLED
> - pushl %ebx
> - cfi_adjust_cfa_offset (4)
> - cfi_rel_offset (ebx, 0)
> -#endif
> -
> movl %ecx,%eax
> shrl $3,%ecx /* compute count for unrolled loop */
> negl %eax
> @@ -62,9 +55,6 @@ ENTRY (__mpn_add_n)
> subl %eax,%esi /* ... by a constant when we ... */
> subl %eax,%edx /* ... enter the loop */
> shrl $2,%eax /* restore previous value */
> -#if IBT_ENABLED
> - leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
> -#endif
> #ifdef PIC
> /* Calculate start address in loop for PIC. */
> leal (L(oop)-L(0)-3)(%eax,%eax,8),%eax
> @@ -73,40 +63,30 @@ L(0):
> #else
> /* Calculate start address in loop for non-PIC. */
> leal (L(oop) - 3)(%eax,%eax,8),%eax
> -#endif
> -#if IBT_ENABLED
> - addl %ebx,%eax /* Adjust for endbr32 */
> #endif
> jmp *%eax /* jump into loop */
> ALIGN (3)
> L(oop): movl (%esi),%eax
> adcl (%edx),%eax
> movl %eax,(%edi)
> - _CET_ENDBR
> movl 4(%esi),%eax
> adcl 4(%edx),%eax
> movl %eax,4(%edi)
> - _CET_ENDBR
> movl 8(%esi),%eax
> adcl 8(%edx),%eax
> movl %eax,8(%edi)
> - _CET_ENDBR
> movl 12(%esi),%eax
> adcl 12(%edx),%eax
> movl %eax,12(%edi)
> - _CET_ENDBR
> movl 16(%esi),%eax
> adcl 16(%edx),%eax
> movl %eax,16(%edi)
> - _CET_ENDBR
> movl 20(%esi),%eax
> adcl 20(%edx),%eax
> movl %eax,20(%edi)
> - _CET_ENDBR
> movl 24(%esi),%eax
> adcl 24(%edx),%eax
> movl %eax,24(%edi)
> - _CET_ENDBR
> movl 28(%esi),%eax
> adcl 28(%edx),%eax
> movl %eax,28(%edi)
> @@ -119,11 +99,6 @@ L(oop): movl (%esi),%eax
> sbbl %eax,%eax
> negl %eax
>
> -#if IBT_ENABLED
> - popl %ebx
> - cfi_adjust_cfa_offset (-4)
> - cfi_restore (ebx)
> -#endif
> popl %esi
> cfi_adjust_cfa_offset (-4)
> cfi_restore (esi)
> diff --git a/sysdeps/i386/setjmp.S b/sysdeps/i386/setjmp.S
> index ab1a8090cb..08a98f2388 100644
> --- a/sysdeps/i386/setjmp.S
> +++ b/sysdeps/i386/setjmp.S
> @@ -19,7 +19,6 @@
> #include <sysdep.h>
> #include <pointer_guard.h>
> #include <jmpbuf-offsets.h>
> -#include <jmp_buf-ssp.h>
> #include <asm-syntax.h>
> #include <stap-probe.h>
>
> @@ -27,11 +26,6 @@
> #define JMPBUF PARMS
> #define SIGMSK JMPBUF+4
>
> -/* Don't save shadow stack register if shadow stack isn't enabled. */
> -#if !SHSTK_ENABLED
> -# undef SHADOW_STACK_POINTER_OFFSET
> -#endif
> -
> ENTRY (__sigsetjmp)
>
> movl JMPBUF(%esp), %eax
> @@ -53,21 +47,6 @@ ENTRY (__sigsetjmp)
> movl %ecx, (JB_PC*4)(%eax)
> movl %ebp, (JB_BP*4)(%eax) /* Save caller's frame pointer. */
>
> -#ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# else
> - xorl %ecx, %ecx
> -# endif
> - /* Get the current Shadow-Stack-Pointer and save it. */
> - rdsspd %ecx
> - movl %ecx, SHADOW_STACK_POINTER_OFFSET(%eax)
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> -L(skip_ssp):
> -# endif
> -#endif
> #if IS_IN (rtld)
> /* In ld.so we never save the signal mask. */
> xorl %eax, %eax
> diff --git a/sysdeps/i386/sub_n.S b/sysdeps/i386/sub_n.S
> index 3ebe984672..f463bec9ff 100644
> --- a/sysdeps/i386/sub_n.S
> +++ b/sysdeps/i386/sub_n.S
> @@ -40,13 +40,6 @@ ENTRY (__mpn_sub_n)
> cfi_rel_offset (esi, 0)
> movl S2(%esp),%edx
> movl SIZE(%esp),%ecx
> -
> -#if IBT_ENABLED
> - pushl %ebx
> - cfi_adjust_cfa_offset (4)
> - cfi_rel_offset (ebx, 0)
> -#endif
> -
> movl %ecx,%eax
> shrl $3,%ecx /* compute count for unrolled loop */
> negl %eax
> @@ -58,9 +51,6 @@ ENTRY (__mpn_sub_n)
> subl %eax,%esi /* ... by a constant when we ... */
> subl %eax,%edx /* ... enter the loop */
> shrl $2,%eax /* restore previous value */
> -#if defined __CET__ && (__CET__ & 1) != 0
> - leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
> -#endif
> #ifdef PIC
> /* Calculate start address in loop for PIC. Due to limitations in some
> assemblers, Loop-L0-3 cannot be put into the leal */
> @@ -74,20 +64,15 @@ L(0): leal (%eax,%eax,8),%eax
> #else
> /* Calculate start address in loop for non-PIC. */
> leal (L(oop) - 3)(%eax,%eax,8),%eax
> -#endif
> -#if defined __CET__ && (__CET__ & 1) != 0
> - addl %ebx,%eax /* Adjust for endbr32 */
> #endif
> jmp *%eax /* jump into loop */
> ALIGN (3)
> L(oop): movl (%esi),%eax
> sbbl (%edx),%eax
> movl %eax,(%edi)
> - _CET_ENDBR
> movl 4(%esi),%eax
> sbbl 4(%edx),%eax
> movl %eax,4(%edi)
> - _CET_ENDBR
> movl 8(%esi),%eax
> sbbl 8(%edx),%eax
> movl %eax,8(%edi)
> @@ -95,19 +80,15 @@ L(oop): movl (%esi),%eax
> movl 12(%esi),%eax
> sbbl 12(%edx),%eax
> movl %eax,12(%edi)
> - _CET_ENDBR
> movl 16(%esi),%eax
> sbbl 16(%edx),%eax
> movl %eax,16(%edi)
> - _CET_ENDBR
> movl 20(%esi),%eax
> sbbl 20(%edx),%eax
> movl %eax,20(%edi)
> - _CET_ENDBR
> movl 24(%esi),%eax
> sbbl 24(%edx),%eax
> movl %eax,24(%edi)
> - _CET_ENDBR
> movl 28(%esi),%eax
> sbbl 28(%edx),%eax
> movl %eax,28(%edi)
> @@ -120,11 +101,6 @@ L(oop): movl (%esi),%eax
> sbbl %eax,%eax
> negl %eax
>
> -#if defined __CET__ && (__CET__ & 1) != 0
> - popl %ebx
> - cfi_adjust_cfa_offset (-4)
> - cfi_restore (ebx)
> -#endif
> popl %esi
> cfi_adjust_cfa_offset (-4)
> cfi_restore (esi)
> diff --git a/sysdeps/unix/sysv/linux/i386/____longjmp_chk.S b/sysdeps/unix/sysv/linux/i386/____longjmp_chk.S
> index 0c49010f93..35538f6df6 100644
> --- a/sysdeps/unix/sysv/linux/i386/____longjmp_chk.S
> +++ b/sysdeps/unix/sysv/linux/i386/____longjmp_chk.S
> @@ -18,14 +18,9 @@
> #include <sysdep.h>
> #include <pointer_guard.h>
> #include <jmpbuf-offsets.h>
> -#include <jmp_buf-ssp.h>
> #include <asm-syntax.h>
> #include <stap-probe.h>
>
> -/* Don't restore shadow stack register if shadow stack isn't enabled. */
> -#if !SHSTK_ENABLED
> -# undef SHADOW_STACK_POINTER_OFFSET
> -#endif
>
> .section .rodata.str1.1,"aMS",@progbits,1
> .type longjmp_msg,@object
> @@ -52,38 +47,6 @@ longjmp_msg:
> ENTRY (____longjmp_chk)
> movl 4(%esp), %ecx /* User's jmp_buf in %ecx. */
>
> -#ifdef SHADOW_STACK_POINTER_OFFSET
> -# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -# else
> - xorl %edx, %edx
> -# endif
> - /* Check and adjust the Shadow-Stack-Pointer. */
> - rdsspd %edx
> - /* And compare it with the saved ssp value. */
> - subl SHADOW_STACK_POINTER_OFFSET(%ecx), %edx
> - je L(skip_ssp)
> - /* Count the number of frames to adjust and adjust it
> - with incssp instruction. The instruction can adjust
> - the ssp by [0..255] value only thus use a loop if
> - the number of frames is bigger than 255. */
> - negl %edx
> - shrl $2, %edx
> - /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
> - restoring Shadow-Stack-Pointer of setjmp's caller, we
> - need to unwind shadow stack by one more frame. */
> - addl $1, %edx
> - movl $255, %ebx
> -L(loop):
> - cmpl %ebx, %edx
> - cmovb %edx, %ebx
> - incsspd %ebx
> - subl %ebx, %edx
> - ja L(loop)
> -L(skip_ssp):
> -#endif
> /* Save the return address now. */
> movl (JB_PC*4)(%ecx), %edx
> /* Get the stack pointer. */
> diff --git a/sysdeps/unix/sysv/linux/i386/getcontext.S b/sysdeps/unix/sysv/linux/i386/getcontext.S
> index 3202ac002e..9c1ca3c263 100644
> --- a/sysdeps/unix/sysv/linux/i386/getcontext.S
> +++ b/sysdeps/unix/sysv/linux/i386/getcontext.S
> @@ -17,7 +17,6 @@
> <https://www.gnu.org/licenses/>. */
>
> #include <sysdep.h>
> -#include <asm/prctl.h>
>
> #include "ucontext_i.h"
>
> @@ -42,61 +41,6 @@ ENTRY(__getcontext)
> movw %fs, %dx
> movl %edx, oFS(%eax)
>
> -#if SHSTK_ENABLED
> - /* Check if shadow stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(no_shstk)
> -
> - /* Save EAX in EDX. */
> - movl %eax, %edx
> -
> - xorl %eax, %eax
> - cmpl %gs:SSP_BASE_OFFSET, %eax
> - jnz L(shadow_stack_bound_recorded)
> -
> - /* Save EBX in the first scratch register slot. */
> - movl %ebx, oSCRATCH1(%edx)
> -
> - /* Get the base address and size of the default shadow stack
> - which must be the current shadow stack since nothing has
> - been recorded yet. */
> - sub $24, %esp
> - mov %esp, %ecx
> - movl $ARCH_CET_STATUS, %ebx
> - movl $__NR_arch_prctl, %eax
> - ENTER_KERNEL
> - testl %eax, %eax
> - jz L(continue_no_err)
> -
> - /* This should never happen. */
> - hlt
> -
> -L(continue_no_err):
> - /* Restore EBX from the first scratch register slot. */
> - movl oSCRATCH1(%edx), %ebx
> -
> - /* Record the base of the current shadow stack. */
> - movl 8(%esp), %eax
> - movl %eax, %gs:SSP_BASE_OFFSET
> - add $24, %esp
> -
> -L(shadow_stack_bound_recorded):
> - /* Load address of the context data structure. */
> - movl 4(%esp), %eax
> -
> - /* Get the current shadow stack pointer. */
> - rdsspd %edx
> - /* NB: Save the caller's shadow stack so that we can jump back
> - to the caller directly. */
> - addl $4, %edx
> - movl %edx, oSSP(%eax)
> -
> - /* Save the current shadow stack base in ucontext. */
> - movl %gs:SSP_BASE_OFFSET, %edx
> - movl %edx, (oSSP + 4)(%eax)
> -
> -L(no_shstk):
> -#endif
> /* We have separate floating-point register content memory on the
> stack. We use the __fpregs_mem block in the context. Set the
> links up correctly. */
> diff --git a/sysdeps/unix/sysv/linux/i386/makecontext.S b/sysdeps/unix/sysv/linux/i386/makecontext.S
> index 814127d130..7ee56300fa 100644
> --- a/sysdeps/unix/sysv/linux/i386/makecontext.S
> +++ b/sysdeps/unix/sysv/linux/i386/makecontext.S
> @@ -17,7 +17,6 @@
> <https://www.gnu.org/licenses/>. */
>
> #include <sysdep.h>
> -#include <asm/prctl.h>
>
> #include "ucontext_i.h"
>
> @@ -68,127 +67,6 @@ ENTRY(__makecontext)
> jnz 1b
> 2:
>
> -#if SHSTK_ENABLED
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(skip_ssp)
> -
> - /* Reload the pointer to ucontext. */
> - movl 4(%esp), %eax
> -
> - /* Shadow stack is enabled. We need to allocate a new shadow
> - stack. */
> - subl oSS_SP(%eax), %edx
> - shrl $STACK_SIZE_TO_SHADOW_STACK_SIZE_SHIFT, %edx
> -
> - /* Align shadow stack size to 8 bytes. */
> - addl $7, %edx
> - andl $-8, %edx
> -
> - /* Store shadow stack size in __ssp[2]. */
> - movl %edx, (oSSP + 8)(%eax)
> -
> - /* Save ESI in the second scratch register slot. */
> - movl %esi, oSCRATCH2(%eax)
> - /* Save EDI in the third scratch register slot. */
> - movl %edi, oSCRATCH3(%eax)
> -
> - /* Save the pointer to ucontext. */
> - movl %eax, %edi
> -
> - /* Get the original shadow stack pointer. */
> - rdsspd %esi
> -
> - /* Align the saved original shadow stack pointer to the next
> - 8 byte aligned boundary. */
> - andl $-8, %esi
> -
> - /* Load the top of the new stack into EDX. */
> - movl oESP(%eax), %edx
> -
> - /* We need to terminate the FDE here because the unwinder looks
> - at ra-1 for unwind information. */
> - cfi_endproc
> -
> - /* Swap the original stack pointer with the top of the new
> - stack. */
> - xchgl %esp, %edx
> -
> - /* Add 4 bytes since CALL will push the 4-byte return address
> - onto stack. */
> - addl $4, %esp
> -
> - /* Allocate the new shadow stack. Save EBX in the first scratch
> - register slot. */
> - movl %ebx, oSCRATCH1(%eax)
> -
> - /* CET syscall takes 64-bit sizes. */
> - subl $16, %esp
> - movl (oSSP + 8)(%eax), %ecx
> - movl %ecx, (%esp)
> - movl $0, 4(%esp)
> - movl %ecx, 8(%esp)
> - movl $0, 12(%esp)
> - movl %esp, %ecx
> -
> - movl $ARCH_CET_ALLOC_SHSTK, %ebx
> - movl $__NR_arch_prctl, %eax
> - ENTER_KERNEL
> - testl %eax, %eax
> - jne L(hlt) /* This should never happen. */
> -
> - /* Copy the base address of the new shadow stack to __ssp[1]. */
> - movl (%esp), %eax
> - movl %eax, (oSSP + 4)(%edi)
> -
> - addl $16, %esp
> -
> - /* Restore EBX from the first scratch register slot. */
> - movl oSCRATCH1(%edi), %ebx
> -
> - /* Get the size of the new shadow stack. */
> - movl (oSSP + 8)(%edi), %ecx
> -
> - /* Use the restore stoken to restore the new shadow stack. */
> - rstorssp -8(%eax, %ecx)
> -
> - /* Save the restore token at the next 8 byte aligned boundary
> - on the original shadow stack. */
> - saveprevssp
> -
> - /* Push the address of "jmp exitcode" onto the new stack as
> - well as the new shadow stack. */
> - call 1f
> - jmp L(exitcode)
> -1:
> -
> - /* Get the new shadow stack pointer. */
> - rdsspd %eax
> -
> - /* Use the restore stoken to restore the original shadow stack. */
> - rstorssp -8(%esi)
> -
> - /* Save the restore token on the new shadow stack. */
> - saveprevssp
> -
> - /* Store the new shadow stack pointer in __ssp[0]. */
> - movl %eax, oSSP(%edi)
> -
> - /* Restore the original stack. */
> - mov %edx, %esp
> -
> - cfi_startproc
> -
> - /* Restore ESI from the second scratch register slot. */
> - movl oSCRATCH2(%edi), %esi
> - /* Restore EDI from the third scratch register slot. */
> - movl oSCRATCH3(%edi), %edi
> -
> - ret
> -
> -L(skip_ssp):
> -#endif
> -
> /* If the function we call returns we must continue with the
> context which is given in the uc_link element. To do this
> set the return address for the function the user provides
> @@ -244,7 +122,6 @@ L(call_exit):
> call HIDDEN_JUMPTARGET(exit)
> /* The 'exit' call should never return. In case it does cause
> the process to terminate. */
> -L(hlt):
> hlt
> cfi_startproc
> END(__makecontext)
> diff --git a/sysdeps/unix/sysv/linux/i386/setcontext.S b/sysdeps/unix/sysv/linux/i386/setcontext.S
> index 966fcbee1e..b6d827d11f 100644
> --- a/sysdeps/unix/sysv/linux/i386/setcontext.S
> +++ b/sysdeps/unix/sysv/linux/i386/setcontext.S
> @@ -17,7 +17,6 @@
> <https://www.gnu.org/licenses/>. */
>
> #include <sysdep.h>
> -#include <asm/prctl.h>
>
> #include "ucontext_i.h"
>
> @@ -56,6 +55,9 @@ ENTRY(__setcontext)
> movl oFS(%eax), %ecx
> movw %cx, %fs
>
> + /* Fetch the address to return to. */
> + movl oEIP(%eax), %ecx
> +
> /* Load the new stack pointer. */
> cfi_def_cfa (eax, 0)
> cfi_offset (edi, oEDI)
> @@ -64,103 +66,6 @@ ENTRY(__setcontext)
> cfi_offset (ebx, oEBX)
> movl oESP(%eax), %esp
>
> -#if SHSTK_ENABLED
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(no_shstk)
> -
> - /* If the base of the target shadow stack is the same as the
> - base of the current shadow stack, we unwind the shadow
> - stack. Otherwise it is a stack switch and we look for a
> - restore token. */
> - movl oSSP(%eax), %esi
> - movl %esi, %edi
> -
> - /* Get the base of the target shadow stack. */
> - movl (oSSP + 4)(%eax), %ecx
> - cmpl %gs:SSP_BASE_OFFSET, %ecx
> - je L(unwind_shadow_stack)
> -
> - /* Align the saved original shadow stack pointer to the next
> - 8 byte aligned boundary. */
> - andl $-8, %esi
> -
> -L(find_restore_token_loop):
> - /* Look for a restore token. */
> - movl -8(%esi), %ebx
> - andl $-8, %ebx
> - cmpl %esi, %ebx
> - je L(restore_shadow_stack)
> -
> - /* Try the next slot. */
> - subl $8, %esi
> - jmp L(find_restore_token_loop)
> -
> -L(restore_shadow_stack):
> - /* Pop return address from the shadow stack since setcontext
> - will not return. */
> - movl $1, %ebx
> - incsspd %ebx
> -
> - /* Use the restore stoken to restore the target shadow stack. */
> - rstorssp -8(%esi)
> -
> - /* Save the restore token on the old shadow stack. NB: This
> - restore token may be checked by setcontext or swapcontext
> - later. */
> - saveprevssp
> -
> - /* Record the new shadow stack base that was switched to. */
> - movl (oSSP + 4)(%eax), %ebx
> - movl %ebx, %gs:SSP_BASE_OFFSET
> -
> -L(unwind_shadow_stack):
> - rdsspd %ebx
> - subl %edi, %ebx
> - je L(skip_unwind_shadow_stack)
> - negl %ebx
> - shrl $2, %ebx
> - movl $255, %esi
> -L(loop):
> - cmpl %esi, %ebx
> - cmovb %ebx, %esi
> - incsspd %esi
> - subl %esi, %ebx
> - ja L(loop)
> -
> -L(skip_unwind_shadow_stack):
> -
> - /* Load the values of all the preserved registers (except ESP). */
> - movl oEDI(%eax), %edi
> - movl oESI(%eax), %esi
> - movl oEBP(%eax), %ebp
> - movl oEBX(%eax), %ebx
> -
> - /* Get the return address set with getcontext. */
> - movl oEIP(%eax), %ecx
> -
> - /* Check if return address is valid for the case when setcontext
> - is invoked from L(exitcode) with linked context. */
> - rdsspd %eax
> - cmpl (%eax), %ecx
> - /* Clear EAX to indicate success. NB: Don't use xorl to keep
> - EFLAGS for jne. */
> - movl $0, %eax
> - jne L(jmp)
> - /* Return to the new context if return address valid. */
> - pushl %ecx
> - ret
> -
> -L(jmp):
> - /* Jump to the new context directly. */
> - jmp *%ecx
> -
> -L(no_shstk):
> -#endif
> -
> - /* Fetch the address to return to. */
> - movl oEIP(%eax), %ecx
> -
> /* Push the return address on the new stack so we can return there. */
> pushl %ecx
>
> diff --git a/sysdeps/unix/sysv/linux/i386/swapcontext.S b/sysdeps/unix/sysv/linux/i386/swapcontext.S
> index b8367f025e..bb736ae7d2 100644
> --- a/sysdeps/unix/sysv/linux/i386/swapcontext.S
> +++ b/sysdeps/unix/sysv/linux/i386/swapcontext.S
> @@ -17,7 +17,6 @@
> <https://www.gnu.org/licenses/>. */
>
> #include <sysdep.h>
> -#include <asm/prctl.h>
>
> #include "ucontext_i.h"
>
> @@ -76,144 +75,6 @@ ENTRY(__swapcontext)
> movl oFS(%eax), %edx
> movw %dx, %fs
>
> -#if SHSTK_ENABLED
> - /* Check if Shadow Stack is enabled. */
> - testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
> - jz L(no_shstk)
> -
> - xorl %eax, %eax
> - cmpl %gs:SSP_BASE_OFFSET, %eax
> - jnz L(shadow_stack_bound_recorded)
> -
> - /* Get the base address and size of the default shadow stack
> - which must be the current shadow stack since nothing has
> - been recorded yet. */
> - sub $24, %esp
> - mov %esp, %ecx
> - movl $ARCH_CET_STATUS, %ebx
> - movl $__NR_arch_prctl, %eax
> - ENTER_KERNEL
> - testl %eax, %eax
> - jz L(continue_no_err)
> -
> - /* This should never happen. */
> - hlt
> -
> -L(continue_no_err):
> - /* Record the base of the current shadow stack. */
> - movl 8(%esp), %eax
> - movl %eax, %gs:SSP_BASE_OFFSET
> - add $24, %esp
> -
> -L(shadow_stack_bound_recorded):
> - /* Load address of the context data structure we save in. */
> - movl 4(%esp), %eax
> -
> - /* Load address of the context data structure we swap in */
> - movl 8(%esp), %edx
> -
> - /* If we unwind the stack, we can't undo stack unwinding. Just
> - save the target shadow stack pointer as the current shadow
> - stack pointer. */
> - movl oSSP(%edx), %ecx
> - movl %ecx, oSSP(%eax)
> -
> - /* Save the current shadow stack base in ucontext. */
> - movl %gs:SSP_BASE_OFFSET, %ecx
> - movl %ecx, (oSSP + 4)(%eax)
> -
> - /* If the base of the target shadow stack is the same as the
> - base of the current shadow stack, we unwind the shadow
> - stack. Otherwise it is a stack switch and we look for a
> - restore token. */
> - movl oSSP(%edx), %esi
> - movl %esi, %edi
> -
> - /* Get the base of the target shadow stack. */
> - movl (oSSP + 4)(%edx), %ecx
> - cmpl %gs:SSP_BASE_OFFSET, %ecx
> - je L(unwind_shadow_stack)
> -
> - /* Align the saved original shadow stack pointer to the next
> - 8 byte aligned boundary. */
> - andl $-8, %esi
> -
> -L(find_restore_token_loop):
> - /* Look for a restore token. */
> - movl -8(%esi), %ebx
> - andl $-8, %ebx
> - cmpl %esi, %ebx
> - je L(restore_shadow_stack)
> -
> - /* Try the next slot. */
> - subl $8, %esi
> - jmp L(find_restore_token_loop)
> -
> -L(restore_shadow_stack):
> - /* The target shadow stack will be restored. Save the current
> - shadow stack pointer. */
> - rdsspd %ecx
> - movl %ecx, oSSP(%eax)
> -
> - /* Use the restore stoken to restore the target shadow stack. */
> - rstorssp -8(%esi)
> -
> - /* Save the restore token on the old shadow stack. NB: This
> - restore token may be checked by setcontext or swapcontext
> - later. */
> - saveprevssp
> -
> - /* Record the new shadow stack base that was switched to. */
> - movl (oSSP + 4)(%edx), %ebx
> - movl %ebx, %gs:SSP_BASE_OFFSET
> -
> -L(unwind_shadow_stack):
> - rdsspd %ebx
> - subl %edi, %ebx
> - je L(skip_unwind_shadow_stack)
> - negl %ebx
> - shrl $2, %ebx
> - movl $255, %esi
> -L(loop):
> - cmpl %esi, %ebx
> - cmovb %ebx, %esi
> - incsspd %esi
> - subl %esi, %ebx
> - ja L(loop)
> -
> -L(skip_unwind_shadow_stack):
> -
> - /* Load the new stack pointer. */
> - movl oESP(%edx), %esp
> -
> - /* Load the values of all the preserved registers (except ESP). */
> - movl oEDI(%edx), %edi
> - movl oESI(%edx), %esi
> - movl oEBP(%edx), %ebp
> - movl oEBX(%edx), %ebx
> -
> - /* Get the return address set with getcontext. */
> - movl oEIP(%edx), %ecx
> -
> - /* Check if return address is valid for the case when setcontext
> - is invoked from L(exitcode) with linked context. */
> - rdsspd %eax
> - cmpl (%eax), %ecx
> - /* Clear EAX to indicate success. NB: Don't use xorl to keep
> - EFLAGS for jne. */
> - movl $0, %eax
> - jne L(jmp)
> - /* Return to the new context if return address valid. */
> - pushl %ecx
> - ret
> -
> -L(jmp):
> - /* Jump to the new context directly. */
> - jmp *%ecx
> -
> -L(no_shstk):
> -#endif
> -
> /* Fetch the address to return to. */
> movl oEIP(%eax), %ecx
>
> diff --git a/sysdeps/unix/sysv/linux/i386/sysdep.h b/sysdeps/unix/sysv/linux/i386/sysdep.h
> index 516a85ce12..25852f894e 100644
> --- a/sysdeps/unix/sysv/linux/i386/sysdep.h
> +++ b/sysdeps/unix/sysv/linux/i386/sysdep.h
> @@ -446,9 +446,4 @@ struct libc_do_syscall_args
>
> #endif /* __ASSEMBLER__ */
>
> -/* Each shadow stack slot takes 4 bytes. Assuming that each stack
> - frame takes 128 bytes, this is used to compute shadow stack size
> - from stack size. */
> -#define STACK_SIZE_TO_SHADOW_STACK_SIZE_SHIFT 5
> -
> #endif /* linux/i386/sysdep.h */
> diff --git a/sysdeps/unix/sysv/linux/i386/ucontext_i.sym b/sysdeps/unix/sysv/linux/i386/ucontext_i.sym
> index 1d8608eafc..1dfe03d2cc 100644
> --- a/sysdeps/unix/sysv/linux/i386/ucontext_i.sym
> +++ b/sysdeps/unix/sysv/linux/i386/ucontext_i.sym
> @@ -22,10 +22,6 @@ oEBP mreg (EBP)
> oESP mreg (ESP)
> oEBX mreg (EBX)
> oEIP mreg (EIP)
> -oSCRATCH1 mreg (EAX)
> -oSCRATCH2 mreg (ECX)
> -oSCRATCH3 mreg (EDX)
> oFPREGS mcontext (fpregs)
> oSIGMASK ucontext (uc_sigmask)
> oFPREGSMEM ucontext (__fpregs_mem)
> -oSSP ucontext (__ssp)
> diff --git a/sysdeps/unix/sysv/linux/i386/vfork.S b/sysdeps/unix/sysv/linux/i386/vfork.S
> index 80c2058f1e..4352ebea46 100644
> --- a/sysdeps/unix/sysv/linux/i386/vfork.S
> +++ b/sysdeps/unix/sysv/linux/i386/vfork.S
> @@ -36,39 +36,10 @@ ENTRY (__vfork)
> movl $SYS_ify (vfork), %eax
> int $0x80
>
> - /* Jump to the return PC. Don't jump directly since this
> - disturbs the branch target cache. Instead push the return
> - address back on the stack. */
> - pushl %ecx
> - cfi_adjust_cfa_offset (4)
> -
> cmpl $-4095, %eax
> /* Branch forward if it failed. */
> jae SYSCALL_ERROR_LABEL
>
> -#if SHSTK_ENABLED
> - /* Check if shadow stack is in use. */
> - xorl %edx, %edx
> - rdsspd %edx
> - testl %edx, %edx
> - /* Normal return if shadow stack isn't in use. */
> - je L(no_shstk)
> -
> - testl %eax, %eax
> - /* In parent, normal return. */
> - jnz L(no_shstk)
> -
> - /* NB: In child, jump back to caller via indirect branch without
> - popping shadow stack which is shared with parent. Keep shadow
> - stack mismatched so that child returns in the vfork-calling
> - function will trigger SIGSEGV. */
> - popl %ecx
> - cfi_adjust_cfa_offset (-4)
> - jmp *%ecx
> -
> -L(no_shstk):
> -#endif
> -
> ret
>
> PSEUDO_END (__vfork)
> diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h
> index 5a14ca5110..5b27a50cb7 100644
> --- a/sysdeps/x86/sysdep.h
> +++ b/sysdeps/x86/sysdep.h
> @@ -40,11 +40,9 @@ enum cf_protection_level
>
> #ifdef __CET__
> # define CET_ENABLED 1
> -# define IBT_ENABLED (__CET__ & X86_FEATURE_1_IBT)
> # define SHSTK_ENABLED (__CET__ & X86_FEATURE_1_SHSTK)
> #else
> # define CET_ENABLED 0
> -# define IBT_ENABLED 0
> # define SHSTK_ENABLED 0
> #endif
>
> --
> 2.34.1
>
All CET bits in sysdeps/x86/sysdep.h should be moved to
sysdeps/x86_64/sysdep.h.
--
H.J.
@@ -19,55 +19,14 @@
#include <sysdep.h>
#include <pointer_guard.h>
#include <jmpbuf-offsets.h>
-#include <jmp_buf-ssp.h>
#include <asm-syntax.h>
#include <stap-probe.h>
-/* Don't restore shadow stack register if
- 1. Shadow stack isn't enabled. Or
- 2. __longjmp is defined for __longjmp_cancel.
- */
-#if !SHSTK_ENABLED || defined __longjmp
-# undef SHADOW_STACK_POINTER_OFFSET
-#endif
-
.text
ENTRY (__longjmp)
#ifdef PTR_DEMANGLE
movl 4(%esp), %eax /* User's jmp_buf in %eax. */
-# ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# else
- xorl %edx, %edx
-# endif
- /* Check and adjust the Shadow-Stack-Pointer. */
- rdsspd %edx
- /* And compare it with the saved ssp value. */
- subl SHADOW_STACK_POINTER_OFFSET(%eax), %edx
- je L(skip_ssp)
- /* Count the number of frames to adjust and adjust it
- with incssp instruction. The instruction can adjust
- the ssp by [0..255] value only thus use a loop if
- the number of frames is bigger than 255. */
- negl %edx
- shrl $2, %edx
- /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
- restoring Shadow-Stack-Pointer of setjmp's caller, we
- need to unwind shadow stack by one more frame. */
- addl $1, %edx
- movl $255, %ebx
-L(loop):
- cmpl %ebx, %edx
- cmovb %edx, %ebx
- incsspd %ebx
- subl %ebx, %edx
- ja L(loop)
-L(skip_ssp):
-# endif
/* Save the return address now. */
movl (JB_PC*4)(%eax), %edx
/* Get the stack pointer. */
@@ -98,38 +57,6 @@ L(skip_ssp):
#else
movl 4(%esp), %ecx /* User's jmp_buf in %ecx. */
movl 8(%esp), %eax /* Second argument is return value. */
-# ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# endif
- /* Check and adjust the Shadow-Stack-Pointer. */
- xorl %edx, %edx
- /* Get the current ssp. */
- rdsspd %edx
- /* And compare it with the saved ssp value. */
- subl SHADOW_STACK_POINTER_OFFSET(%ecx), %edx
- je L(skip_ssp)
- /* Count the number of frames to adjust and adjust it
- with incssp instruction. The instruction can adjust
- the ssp by [0..255] value only thus use a loop if
- the number of frames is bigger than 255. */
- negl %edx
- shrl $2, %edx
- /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
- restoring Shadow-Stack-Pointer of setjmp's caller, we
- need to unwind shadow stack by one more frame. */
- addl $1, %edx
- movl $255, %ebx
-L(loop):
- cmpl %ebx, %edx
- cmovb %edx, %ebx
- incsspd %ebx
- subl %ebx, %edx
- ja L(loop)
-L(skip_ssp):
-# endif
/* Save the return address now. */
movl (JB_PC*4)(%ecx), %edx
LIBC_PROBE (longjmp, 3, 4@%ecx, -4@%eax, 4@%edx)
@@ -40,13 +40,6 @@ ENTRY (__mpn_add_n)
cfi_rel_offset (esi, 0)
movl S2(%esp),%edx
movl SIZE(%esp),%ecx
-
-#if IBT_ENABLED
- pushl %ebx
- cfi_adjust_cfa_offset (4)
- cfi_rel_offset (ebx, 0)
-#endif
-
movl %ecx,%eax
shrl $3,%ecx /* compute count for unrolled loop */
negl %eax
@@ -58,9 +51,6 @@ ENTRY (__mpn_add_n)
subl %eax,%esi /* ... by a constant when we ... */
subl %eax,%edx /* ... enter the loop */
shrl $2,%eax /* restore previous value */
-#if IBT_ENABLED
- leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
-#endif
#ifdef PIC
/* Calculate start address in loop for PIC. Due to limitations in some
assemblers, Loop-L0-3 cannot be put into the leal */
@@ -74,40 +64,30 @@ L(0): leal (%eax,%eax,8),%eax
#else
/* Calculate start address in loop for non-PIC. */
leal (L(oop) - 3)(%eax,%eax,8),%eax
-#endif
-#if IBT_ENABLED
- addl %ebx,%eax /* Adjust for endbr32 */
#endif
jmp *%eax /* jump into loop */
ALIGN (3)
L(oop): movl (%esi),%eax
adcl (%edx),%eax
movl %eax,(%edi)
- _CET_ENDBR
movl 4(%esi),%eax
adcl 4(%edx),%eax
movl %eax,4(%edi)
- _CET_ENDBR
movl 8(%esi),%eax
adcl 8(%edx),%eax
movl %eax,8(%edi)
- _CET_ENDBR
movl 12(%esi),%eax
adcl 12(%edx),%eax
movl %eax,12(%edi)
- _CET_ENDBR
movl 16(%esi),%eax
adcl 16(%edx),%eax
movl %eax,16(%edi)
- _CET_ENDBR
movl 20(%esi),%eax
adcl 20(%edx),%eax
movl %eax,20(%edi)
- _CET_ENDBR
movl 24(%esi),%eax
adcl 24(%edx),%eax
movl %eax,24(%edi)
- _CET_ENDBR
movl 28(%esi),%eax
adcl 28(%edx),%eax
movl %eax,28(%edi)
@@ -120,11 +100,6 @@ L(oop): movl (%esi),%eax
sbbl %eax,%eax
negl %eax
-#if IBT_ENABLED
- popl %ebx
- cfi_adjust_cfa_offset (-4)
- cfi_restore (ebx)
-#endif
popl %esi
cfi_adjust_cfa_offset (-4)
cfi_restore (esi)
@@ -23,18 +23,12 @@
#include <sysdep.h>
#include <pointer_guard.h>
#include <jmpbuf-offsets.h>
-#include <jmp_buf-ssp.h>
#include <stap-probe.h>
#define PARMS 4 /* no space for saved regs */
#define JMPBUF PARMS
#define SIGMSK JMPBUF+4
-/* Don't save shadow stack register if shadow stack isn't enabled. */
-#if !SHSTK_ENABLED
-# undef SHADOW_STACK_POINTER_OFFSET
-#endif
-
ENTRY (_setjmp)
xorl %eax, %eax
@@ -58,21 +52,6 @@ ENTRY (_setjmp)
movl %ebp, (JB_BP*4)(%edx) /* Save caller's frame pointer. */
movl %eax, JB_SIZE(%edx) /* No signal mask set. */
-#ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# else
- xorl %ecx, %ecx
-# endif
- /* Get the current Shadow-Stack-Pointer and save it. */
- rdsspd %ecx
- movl %ecx, SHADOW_STACK_POINTER_OFFSET(%edx)
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
-L(skip_ssp):
-# endif
-#endif
ret
END (_setjmp)
libc_hidden_def (_setjmp)
@@ -23,18 +23,12 @@
#include <sysdep.h>
#include <pointer_guard.h>
#include <jmpbuf-offsets.h>
-#include <jmp_buf-ssp.h>
#include <stap-probe.h>
#define PARMS 4 /* no space for saved regs */
#define JMPBUF PARMS
#define SIGMSK JMPBUF+4
-/* Don't save shadow stack register if shadow stack isn't enabled. */
-#if !SHSTK_ENABLED
-# undef SHADOW_STACK_POINTER_OFFSET
-#endif
-
ENTRY (setjmp)
/* Note that we have to use a non-exported symbol in the next
jump since otherwise gas will emit it as a jump through the
@@ -58,21 +52,6 @@ ENTRY (setjmp)
#endif
movl %ecx, (JB_PC*4)(%eax)
movl %ebp, (JB_BP*4)(%eax) /* Save caller's frame pointer. */
-#ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# else
- xorl %ecx, %ecx
-# endif
- /* Get the current Shadow-Stack-Pointer and save it. */
- rdsspd %ecx
- movl %ecx, SHADOW_STACK_POINTER_OFFSET(%eax)
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
-L(skip_ssp):
-# endif
-#endif
/* Call __sigjmp_save. */
pushl $1
@@ -44,13 +44,6 @@ ENTRY (__mpn_add_n)
cfi_rel_offset (esi, 0)
movl S2(%esp),%edx
movl SIZE(%esp),%ecx
-
-#if IBT_ENABLED
- pushl %ebx
- cfi_adjust_cfa_offset (4)
- cfi_rel_offset (ebx, 0)
-#endif
-
movl %ecx,%eax
shrl $3,%ecx /* compute count for unrolled loop */
negl %eax
@@ -62,9 +55,6 @@ ENTRY (__mpn_add_n)
subl %eax,%esi /* ... by a constant when we ... */
subl %eax,%edx /* ... enter the loop */
shrl $2,%eax /* restore previous value */
-#if IBT_ENABLED
- leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
-#endif
#ifdef PIC
/* Calculate start address in loop for PIC. */
leal (L(oop)-L(0)-3)(%eax,%eax,8),%eax
@@ -73,40 +63,30 @@ L(0):
#else
/* Calculate start address in loop for non-PIC. */
leal (L(oop) - 3)(%eax,%eax,8),%eax
-#endif
-#if IBT_ENABLED
- addl %ebx,%eax /* Adjust for endbr32 */
#endif
jmp *%eax /* jump into loop */
ALIGN (3)
L(oop): movl (%esi),%eax
adcl (%edx),%eax
movl %eax,(%edi)
- _CET_ENDBR
movl 4(%esi),%eax
adcl 4(%edx),%eax
movl %eax,4(%edi)
- _CET_ENDBR
movl 8(%esi),%eax
adcl 8(%edx),%eax
movl %eax,8(%edi)
- _CET_ENDBR
movl 12(%esi),%eax
adcl 12(%edx),%eax
movl %eax,12(%edi)
- _CET_ENDBR
movl 16(%esi),%eax
adcl 16(%edx),%eax
movl %eax,16(%edi)
- _CET_ENDBR
movl 20(%esi),%eax
adcl 20(%edx),%eax
movl %eax,20(%edi)
- _CET_ENDBR
movl 24(%esi),%eax
adcl 24(%edx),%eax
movl %eax,24(%edi)
- _CET_ENDBR
movl 28(%esi),%eax
adcl 28(%edx),%eax
movl %eax,28(%edi)
@@ -119,11 +99,6 @@ L(oop): movl (%esi),%eax
sbbl %eax,%eax
negl %eax
-#if IBT_ENABLED
- popl %ebx
- cfi_adjust_cfa_offset (-4)
- cfi_restore (ebx)
-#endif
popl %esi
cfi_adjust_cfa_offset (-4)
cfi_restore (esi)
@@ -19,7 +19,6 @@
#include <sysdep.h>
#include <pointer_guard.h>
#include <jmpbuf-offsets.h>
-#include <jmp_buf-ssp.h>
#include <asm-syntax.h>
#include <stap-probe.h>
@@ -27,11 +26,6 @@
#define JMPBUF PARMS
#define SIGMSK JMPBUF+4
-/* Don't save shadow stack register if shadow stack isn't enabled. */
-#if !SHSTK_ENABLED
-# undef SHADOW_STACK_POINTER_OFFSET
-#endif
-
ENTRY (__sigsetjmp)
movl JMPBUF(%esp), %eax
@@ -53,21 +47,6 @@ ENTRY (__sigsetjmp)
movl %ecx, (JB_PC*4)(%eax)
movl %ebp, (JB_BP*4)(%eax) /* Save caller's frame pointer. */
-#ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# else
- xorl %ecx, %ecx
-# endif
- /* Get the current Shadow-Stack-Pointer and save it. */
- rdsspd %ecx
- movl %ecx, SHADOW_STACK_POINTER_OFFSET(%eax)
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
-L(skip_ssp):
-# endif
-#endif
#if IS_IN (rtld)
/* In ld.so we never save the signal mask. */
xorl %eax, %eax
@@ -40,13 +40,6 @@ ENTRY (__mpn_sub_n)
cfi_rel_offset (esi, 0)
movl S2(%esp),%edx
movl SIZE(%esp),%ecx
-
-#if IBT_ENABLED
- pushl %ebx
- cfi_adjust_cfa_offset (4)
- cfi_rel_offset (ebx, 0)
-#endif
-
movl %ecx,%eax
shrl $3,%ecx /* compute count for unrolled loop */
negl %eax
@@ -58,9 +51,6 @@ ENTRY (__mpn_sub_n)
subl %eax,%esi /* ... by a constant when we ... */
subl %eax,%edx /* ... enter the loop */
shrl $2,%eax /* restore previous value */
-#if defined __CET__ && (__CET__ & 1) != 0
- leal -4(,%eax,4),%ebx /* Count for 4-byte endbr32 */
-#endif
#ifdef PIC
/* Calculate start address in loop for PIC. Due to limitations in some
assemblers, Loop-L0-3 cannot be put into the leal */
@@ -74,20 +64,15 @@ L(0): leal (%eax,%eax,8),%eax
#else
/* Calculate start address in loop for non-PIC. */
leal (L(oop) - 3)(%eax,%eax,8),%eax
-#endif
-#if defined __CET__ && (__CET__ & 1) != 0
- addl %ebx,%eax /* Adjust for endbr32 */
#endif
jmp *%eax /* jump into loop */
ALIGN (3)
L(oop): movl (%esi),%eax
sbbl (%edx),%eax
movl %eax,(%edi)
- _CET_ENDBR
movl 4(%esi),%eax
sbbl 4(%edx),%eax
movl %eax,4(%edi)
- _CET_ENDBR
movl 8(%esi),%eax
sbbl 8(%edx),%eax
movl %eax,8(%edi)
@@ -95,19 +80,15 @@ L(oop): movl (%esi),%eax
movl 12(%esi),%eax
sbbl 12(%edx),%eax
movl %eax,12(%edi)
- _CET_ENDBR
movl 16(%esi),%eax
sbbl 16(%edx),%eax
movl %eax,16(%edi)
- _CET_ENDBR
movl 20(%esi),%eax
sbbl 20(%edx),%eax
movl %eax,20(%edi)
- _CET_ENDBR
movl 24(%esi),%eax
sbbl 24(%edx),%eax
movl %eax,24(%edi)
- _CET_ENDBR
movl 28(%esi),%eax
sbbl 28(%edx),%eax
movl %eax,28(%edi)
@@ -120,11 +101,6 @@ L(oop): movl (%esi),%eax
sbbl %eax,%eax
negl %eax
-#if defined __CET__ && (__CET__ & 1) != 0
- popl %ebx
- cfi_adjust_cfa_offset (-4)
- cfi_restore (ebx)
-#endif
popl %esi
cfi_adjust_cfa_offset (-4)
cfi_restore (esi)
@@ -18,14 +18,9 @@
#include <sysdep.h>
#include <pointer_guard.h>
#include <jmpbuf-offsets.h>
-#include <jmp_buf-ssp.h>
#include <asm-syntax.h>
#include <stap-probe.h>
-/* Don't restore shadow stack register if shadow stack isn't enabled. */
-#if !SHSTK_ENABLED
-# undef SHADOW_STACK_POINTER_OFFSET
-#endif
.section .rodata.str1.1,"aMS",@progbits,1
.type longjmp_msg,@object
@@ -52,38 +47,6 @@ longjmp_msg:
ENTRY (____longjmp_chk)
movl 4(%esp), %ecx /* User's jmp_buf in %ecx. */
-#ifdef SHADOW_STACK_POINTER_OFFSET
-# if IS_IN (libc) && defined SHARED && defined FEATURE_1_OFFSET
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-# else
- xorl %edx, %edx
-# endif
- /* Check and adjust the Shadow-Stack-Pointer. */
- rdsspd %edx
- /* And compare it with the saved ssp value. */
- subl SHADOW_STACK_POINTER_OFFSET(%ecx), %edx
- je L(skip_ssp)
- /* Count the number of frames to adjust and adjust it
- with incssp instruction. The instruction can adjust
- the ssp by [0..255] value only thus use a loop if
- the number of frames is bigger than 255. */
- negl %edx
- shrl $2, %edx
- /* NB: We saved Shadow-Stack-Pointer of setjmp. Since we are
- restoring Shadow-Stack-Pointer of setjmp's caller, we
- need to unwind shadow stack by one more frame. */
- addl $1, %edx
- movl $255, %ebx
-L(loop):
- cmpl %ebx, %edx
- cmovb %edx, %ebx
- incsspd %ebx
- subl %ebx, %edx
- ja L(loop)
-L(skip_ssp):
-#endif
/* Save the return address now. */
movl (JB_PC*4)(%ecx), %edx
/* Get the stack pointer. */
@@ -17,7 +17,6 @@
<https://www.gnu.org/licenses/>. */
#include <sysdep.h>
-#include <asm/prctl.h>
#include "ucontext_i.h"
@@ -42,61 +41,6 @@ ENTRY(__getcontext)
movw %fs, %dx
movl %edx, oFS(%eax)
-#if SHSTK_ENABLED
- /* Check if shadow stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(no_shstk)
-
- /* Save EAX in EDX. */
- movl %eax, %edx
-
- xorl %eax, %eax
- cmpl %gs:SSP_BASE_OFFSET, %eax
- jnz L(shadow_stack_bound_recorded)
-
- /* Save EBX in the first scratch register slot. */
- movl %ebx, oSCRATCH1(%edx)
-
- /* Get the base address and size of the default shadow stack
- which must be the current shadow stack since nothing has
- been recorded yet. */
- sub $24, %esp
- mov %esp, %ecx
- movl $ARCH_CET_STATUS, %ebx
- movl $__NR_arch_prctl, %eax
- ENTER_KERNEL
- testl %eax, %eax
- jz L(continue_no_err)
-
- /* This should never happen. */
- hlt
-
-L(continue_no_err):
- /* Restore EBX from the first scratch register slot. */
- movl oSCRATCH1(%edx), %ebx
-
- /* Record the base of the current shadow stack. */
- movl 8(%esp), %eax
- movl %eax, %gs:SSP_BASE_OFFSET
- add $24, %esp
-
-L(shadow_stack_bound_recorded):
- /* Load address of the context data structure. */
- movl 4(%esp), %eax
-
- /* Get the current shadow stack pointer. */
- rdsspd %edx
- /* NB: Save the caller's shadow stack so that we can jump back
- to the caller directly. */
- addl $4, %edx
- movl %edx, oSSP(%eax)
-
- /* Save the current shadow stack base in ucontext. */
- movl %gs:SSP_BASE_OFFSET, %edx
- movl %edx, (oSSP + 4)(%eax)
-
-L(no_shstk):
-#endif
/* We have separate floating-point register content memory on the
stack. We use the __fpregs_mem block in the context. Set the
links up correctly. */
@@ -17,7 +17,6 @@
<https://www.gnu.org/licenses/>. */
#include <sysdep.h>
-#include <asm/prctl.h>
#include "ucontext_i.h"
@@ -68,127 +67,6 @@ ENTRY(__makecontext)
jnz 1b
2:
-#if SHSTK_ENABLED
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(skip_ssp)
-
- /* Reload the pointer to ucontext. */
- movl 4(%esp), %eax
-
- /* Shadow stack is enabled. We need to allocate a new shadow
- stack. */
- subl oSS_SP(%eax), %edx
- shrl $STACK_SIZE_TO_SHADOW_STACK_SIZE_SHIFT, %edx
-
- /* Align shadow stack size to 8 bytes. */
- addl $7, %edx
- andl $-8, %edx
-
- /* Store shadow stack size in __ssp[2]. */
- movl %edx, (oSSP + 8)(%eax)
-
- /* Save ESI in the second scratch register slot. */
- movl %esi, oSCRATCH2(%eax)
- /* Save EDI in the third scratch register slot. */
- movl %edi, oSCRATCH3(%eax)
-
- /* Save the pointer to ucontext. */
- movl %eax, %edi
-
- /* Get the original shadow stack pointer. */
- rdsspd %esi
-
- /* Align the saved original shadow stack pointer to the next
- 8 byte aligned boundary. */
- andl $-8, %esi
-
- /* Load the top of the new stack into EDX. */
- movl oESP(%eax), %edx
-
- /* We need to terminate the FDE here because the unwinder looks
- at ra-1 for unwind information. */
- cfi_endproc
-
- /* Swap the original stack pointer with the top of the new
- stack. */
- xchgl %esp, %edx
-
- /* Add 4 bytes since CALL will push the 4-byte return address
- onto stack. */
- addl $4, %esp
-
- /* Allocate the new shadow stack. Save EBX in the first scratch
- register slot. */
- movl %ebx, oSCRATCH1(%eax)
-
- /* CET syscall takes 64-bit sizes. */
- subl $16, %esp
- movl (oSSP + 8)(%eax), %ecx
- movl %ecx, (%esp)
- movl $0, 4(%esp)
- movl %ecx, 8(%esp)
- movl $0, 12(%esp)
- movl %esp, %ecx
-
- movl $ARCH_CET_ALLOC_SHSTK, %ebx
- movl $__NR_arch_prctl, %eax
- ENTER_KERNEL
- testl %eax, %eax
- jne L(hlt) /* This should never happen. */
-
- /* Copy the base address of the new shadow stack to __ssp[1]. */
- movl (%esp), %eax
- movl %eax, (oSSP + 4)(%edi)
-
- addl $16, %esp
-
- /* Restore EBX from the first scratch register slot. */
- movl oSCRATCH1(%edi), %ebx
-
- /* Get the size of the new shadow stack. */
- movl (oSSP + 8)(%edi), %ecx
-
- /* Use the restore stoken to restore the new shadow stack. */
- rstorssp -8(%eax, %ecx)
-
- /* Save the restore token at the next 8 byte aligned boundary
- on the original shadow stack. */
- saveprevssp
-
- /* Push the address of "jmp exitcode" onto the new stack as
- well as the new shadow stack. */
- call 1f
- jmp L(exitcode)
-1:
-
- /* Get the new shadow stack pointer. */
- rdsspd %eax
-
- /* Use the restore stoken to restore the original shadow stack. */
- rstorssp -8(%esi)
-
- /* Save the restore token on the new shadow stack. */
- saveprevssp
-
- /* Store the new shadow stack pointer in __ssp[0]. */
- movl %eax, oSSP(%edi)
-
- /* Restore the original stack. */
- mov %edx, %esp
-
- cfi_startproc
-
- /* Restore ESI from the second scratch register slot. */
- movl oSCRATCH2(%edi), %esi
- /* Restore EDI from the third scratch register slot. */
- movl oSCRATCH3(%edi), %edi
-
- ret
-
-L(skip_ssp):
-#endif
-
/* If the function we call returns we must continue with the
context which is given in the uc_link element. To do this
set the return address for the function the user provides
@@ -244,7 +122,6 @@ L(call_exit):
call HIDDEN_JUMPTARGET(exit)
/* The 'exit' call should never return. In case it does cause
the process to terminate. */
-L(hlt):
hlt
cfi_startproc
END(__makecontext)
@@ -17,7 +17,6 @@
<https://www.gnu.org/licenses/>. */
#include <sysdep.h>
-#include <asm/prctl.h>
#include "ucontext_i.h"
@@ -56,6 +55,9 @@ ENTRY(__setcontext)
movl oFS(%eax), %ecx
movw %cx, %fs
+ /* Fetch the address to return to. */
+ movl oEIP(%eax), %ecx
+
/* Load the new stack pointer. */
cfi_def_cfa (eax, 0)
cfi_offset (edi, oEDI)
@@ -64,103 +66,6 @@ ENTRY(__setcontext)
cfi_offset (ebx, oEBX)
movl oESP(%eax), %esp
-#if SHSTK_ENABLED
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(no_shstk)
-
- /* If the base of the target shadow stack is the same as the
- base of the current shadow stack, we unwind the shadow
- stack. Otherwise it is a stack switch and we look for a
- restore token. */
- movl oSSP(%eax), %esi
- movl %esi, %edi
-
- /* Get the base of the target shadow stack. */
- movl (oSSP + 4)(%eax), %ecx
- cmpl %gs:SSP_BASE_OFFSET, %ecx
- je L(unwind_shadow_stack)
-
- /* Align the saved original shadow stack pointer to the next
- 8 byte aligned boundary. */
- andl $-8, %esi
-
-L(find_restore_token_loop):
- /* Look for a restore token. */
- movl -8(%esi), %ebx
- andl $-8, %ebx
- cmpl %esi, %ebx
- je L(restore_shadow_stack)
-
- /* Try the next slot. */
- subl $8, %esi
- jmp L(find_restore_token_loop)
-
-L(restore_shadow_stack):
- /* Pop return address from the shadow stack since setcontext
- will not return. */
- movl $1, %ebx
- incsspd %ebx
-
- /* Use the restore stoken to restore the target shadow stack. */
- rstorssp -8(%esi)
-
- /* Save the restore token on the old shadow stack. NB: This
- restore token may be checked by setcontext or swapcontext
- later. */
- saveprevssp
-
- /* Record the new shadow stack base that was switched to. */
- movl (oSSP + 4)(%eax), %ebx
- movl %ebx, %gs:SSP_BASE_OFFSET
-
-L(unwind_shadow_stack):
- rdsspd %ebx
- subl %edi, %ebx
- je L(skip_unwind_shadow_stack)
- negl %ebx
- shrl $2, %ebx
- movl $255, %esi
-L(loop):
- cmpl %esi, %ebx
- cmovb %ebx, %esi
- incsspd %esi
- subl %esi, %ebx
- ja L(loop)
-
-L(skip_unwind_shadow_stack):
-
- /* Load the values of all the preserved registers (except ESP). */
- movl oEDI(%eax), %edi
- movl oESI(%eax), %esi
- movl oEBP(%eax), %ebp
- movl oEBX(%eax), %ebx
-
- /* Get the return address set with getcontext. */
- movl oEIP(%eax), %ecx
-
- /* Check if return address is valid for the case when setcontext
- is invoked from L(exitcode) with linked context. */
- rdsspd %eax
- cmpl (%eax), %ecx
- /* Clear EAX to indicate success. NB: Don't use xorl to keep
- EFLAGS for jne. */
- movl $0, %eax
- jne L(jmp)
- /* Return to the new context if return address valid. */
- pushl %ecx
- ret
-
-L(jmp):
- /* Jump to the new context directly. */
- jmp *%ecx
-
-L(no_shstk):
-#endif
-
- /* Fetch the address to return to. */
- movl oEIP(%eax), %ecx
-
/* Push the return address on the new stack so we can return there. */
pushl %ecx
@@ -17,7 +17,6 @@
<https://www.gnu.org/licenses/>. */
#include <sysdep.h>
-#include <asm/prctl.h>
#include "ucontext_i.h"
@@ -76,144 +75,6 @@ ENTRY(__swapcontext)
movl oFS(%eax), %edx
movw %dx, %fs
-#if SHSTK_ENABLED
- /* Check if Shadow Stack is enabled. */
- testl $X86_FEATURE_1_SHSTK, %gs:FEATURE_1_OFFSET
- jz L(no_shstk)
-
- xorl %eax, %eax
- cmpl %gs:SSP_BASE_OFFSET, %eax
- jnz L(shadow_stack_bound_recorded)
-
- /* Get the base address and size of the default shadow stack
- which must be the current shadow stack since nothing has
- been recorded yet. */
- sub $24, %esp
- mov %esp, %ecx
- movl $ARCH_CET_STATUS, %ebx
- movl $__NR_arch_prctl, %eax
- ENTER_KERNEL
- testl %eax, %eax
- jz L(continue_no_err)
-
- /* This should never happen. */
- hlt
-
-L(continue_no_err):
- /* Record the base of the current shadow stack. */
- movl 8(%esp), %eax
- movl %eax, %gs:SSP_BASE_OFFSET
- add $24, %esp
-
-L(shadow_stack_bound_recorded):
- /* Load address of the context data structure we save in. */
- movl 4(%esp), %eax
-
- /* Load address of the context data structure we swap in */
- movl 8(%esp), %edx
-
- /* If we unwind the stack, we can't undo stack unwinding. Just
- save the target shadow stack pointer as the current shadow
- stack pointer. */
- movl oSSP(%edx), %ecx
- movl %ecx, oSSP(%eax)
-
- /* Save the current shadow stack base in ucontext. */
- movl %gs:SSP_BASE_OFFSET, %ecx
- movl %ecx, (oSSP + 4)(%eax)
-
- /* If the base of the target shadow stack is the same as the
- base of the current shadow stack, we unwind the shadow
- stack. Otherwise it is a stack switch and we look for a
- restore token. */
- movl oSSP(%edx), %esi
- movl %esi, %edi
-
- /* Get the base of the target shadow stack. */
- movl (oSSP + 4)(%edx), %ecx
- cmpl %gs:SSP_BASE_OFFSET, %ecx
- je L(unwind_shadow_stack)
-
- /* Align the saved original shadow stack pointer to the next
- 8 byte aligned boundary. */
- andl $-8, %esi
-
-L(find_restore_token_loop):
- /* Look for a restore token. */
- movl -8(%esi), %ebx
- andl $-8, %ebx
- cmpl %esi, %ebx
- je L(restore_shadow_stack)
-
- /* Try the next slot. */
- subl $8, %esi
- jmp L(find_restore_token_loop)
-
-L(restore_shadow_stack):
- /* The target shadow stack will be restored. Save the current
- shadow stack pointer. */
- rdsspd %ecx
- movl %ecx, oSSP(%eax)
-
- /* Use the restore stoken to restore the target shadow stack. */
- rstorssp -8(%esi)
-
- /* Save the restore token on the old shadow stack. NB: This
- restore token may be checked by setcontext or swapcontext
- later. */
- saveprevssp
-
- /* Record the new shadow stack base that was switched to. */
- movl (oSSP + 4)(%edx), %ebx
- movl %ebx, %gs:SSP_BASE_OFFSET
-
-L(unwind_shadow_stack):
- rdsspd %ebx
- subl %edi, %ebx
- je L(skip_unwind_shadow_stack)
- negl %ebx
- shrl $2, %ebx
- movl $255, %esi
-L(loop):
- cmpl %esi, %ebx
- cmovb %ebx, %esi
- incsspd %esi
- subl %esi, %ebx
- ja L(loop)
-
-L(skip_unwind_shadow_stack):
-
- /* Load the new stack pointer. */
- movl oESP(%edx), %esp
-
- /* Load the values of all the preserved registers (except ESP). */
- movl oEDI(%edx), %edi
- movl oESI(%edx), %esi
- movl oEBP(%edx), %ebp
- movl oEBX(%edx), %ebx
-
- /* Get the return address set with getcontext. */
- movl oEIP(%edx), %ecx
-
- /* Check if return address is valid for the case when setcontext
- is invoked from L(exitcode) with linked context. */
- rdsspd %eax
- cmpl (%eax), %ecx
- /* Clear EAX to indicate success. NB: Don't use xorl to keep
- EFLAGS for jne. */
- movl $0, %eax
- jne L(jmp)
- /* Return to the new context if return address valid. */
- pushl %ecx
- ret
-
-L(jmp):
- /* Jump to the new context directly. */
- jmp *%ecx
-
-L(no_shstk):
-#endif
-
/* Fetch the address to return to. */
movl oEIP(%eax), %ecx
@@ -446,9 +446,4 @@ struct libc_do_syscall_args
#endif /* __ASSEMBLER__ */
-/* Each shadow stack slot takes 4 bytes. Assuming that each stack
- frame takes 128 bytes, this is used to compute shadow stack size
- from stack size. */
-#define STACK_SIZE_TO_SHADOW_STACK_SIZE_SHIFT 5
-
#endif /* linux/i386/sysdep.h */
@@ -22,10 +22,6 @@ oEBP mreg (EBP)
oESP mreg (ESP)
oEBX mreg (EBX)
oEIP mreg (EIP)
-oSCRATCH1 mreg (EAX)
-oSCRATCH2 mreg (ECX)
-oSCRATCH3 mreg (EDX)
oFPREGS mcontext (fpregs)
oSIGMASK ucontext (uc_sigmask)
oFPREGSMEM ucontext (__fpregs_mem)
-oSSP ucontext (__ssp)
@@ -36,39 +36,10 @@ ENTRY (__vfork)
movl $SYS_ify (vfork), %eax
int $0x80
- /* Jump to the return PC. Don't jump directly since this
- disturbs the branch target cache. Instead push the return
- address back on the stack. */
- pushl %ecx
- cfi_adjust_cfa_offset (4)
-
cmpl $-4095, %eax
/* Branch forward if it failed. */
jae SYSCALL_ERROR_LABEL
-#if SHSTK_ENABLED
- /* Check if shadow stack is in use. */
- xorl %edx, %edx
- rdsspd %edx
- testl %edx, %edx
- /* Normal return if shadow stack isn't in use. */
- je L(no_shstk)
-
- testl %eax, %eax
- /* In parent, normal return. */
- jnz L(no_shstk)
-
- /* NB: In child, jump back to caller via indirect branch without
- popping shadow stack which is shared with parent. Keep shadow
- stack mismatched so that child returns in the vfork-calling
- function will trigger SIGSEGV. */
- popl %ecx
- cfi_adjust_cfa_offset (-4)
- jmp *%ecx
-
-L(no_shstk):
-#endif
-
ret
PSEUDO_END (__vfork)
@@ -40,11 +40,9 @@ enum cf_protection_level
#ifdef __CET__
# define CET_ENABLED 1
-# define IBT_ENABLED (__CET__ & X86_FEATURE_1_IBT)
# define SHSTK_ENABLED (__CET__ & X86_FEATURE_1_SHSTK)
#else
# define CET_ENABLED 0
-# define IBT_ENABLED 0
# define SHSTK_ENABLED 0
#endif