From patchwork Wed Oct 23 08:39:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yury Khrustalev X-Patchwork-Id: 99371 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2AFD43858424 for ; Wed, 23 Oct 2024 08:44:43 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by sourceware.org (Postfix) with ESMTP id 58EAE385841D for ; Wed, 23 Oct 2024 08:44:00 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 58EAE385841D Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 58EAE385841D Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=217.140.110.172 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729673043; cv=none; b=rHXaO0flltVKP81GshGXgceREwonsSOTKo4Alz2y2dPSHDial21LvPSQ1xh8uUsbUtYbjCetIFkLk5NBNlSdmMsOEYlaVGD7cOei/LvVxww2wjzGhbjYgNfktI7oAdzDlRKgzM4kpZRMPYwBseGT58rqtQ1IeZyiBX3/eb1PEEs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729673043; c=relaxed/simple; bh=smDODWu4h5JVw+3jea+ek5IafU08BQrRM282Ijz/m5A=; h=From:To:Subject:Date:Message-Id:MIME-Version; b=bU5nT2fa5D3KYBHoiUV/oEFIlH3BxuBoPjXbltD/hK3bRFZkJrYa5vqngrdcS3g/5rk42IolzbSvSvm7r5k+4Jo+iz+pHuU3pB1DaYYSTK7XmeKWJJKB53P565vgP0LVn913iC95/IyQ3MNsByGqLo8/wgdbGCeubxFz5SAoEng= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id D04BF1576; Wed, 23 Oct 2024 01:44:29 -0700 (PDT) Received: from udebian.localdomain (unknown [10.1.39.30]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 76DF83F528; Wed, 23 Oct 2024 01:43:59 -0700 (PDT) From: Yury Khrustalev To: libc-alpha@sourceware.org Cc: fweimer@redhat.com, adhemerval.zanella@linaro.org, codonell@redhat.com, nsz@gcc.gnu.org Subject: [PATCH v3 17/23] aarch64: Handle gcs marking Date: Wed, 23 Oct 2024 09:39:14 +0100 Message-Id: <20241023083920.466015-18-yury.khrustalev@arm.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241023083920.466015-1-yury.khrustalev@arm.com> References: <20241023083920.466015-1-yury.khrustalev@arm.com> MIME-Version: 1.0 X-Spam-Status: No, score=-13.6 required=5.0 tests=BAYES_00, GIT_PATCH_0, KAM_DMARC_NONE, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, KAM_SHORT, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org From: Szabolcs Nagy --- sysdeps/aarch64/Makefile | 4 ++- sysdeps/aarch64/dl-gcs.c | 59 +++++++++++++++++++++++++++++++++++++++ sysdeps/aarch64/dl-prop.h | 15 ++++++---- sysdeps/aarch64/linkmap.h | 1 + 4 files changed, 73 insertions(+), 6 deletions(-) create mode 100644 sysdeps/aarch64/dl-gcs.c diff --git a/sysdeps/aarch64/Makefile b/sysdeps/aarch64/Makefile index ca8b96f550..74479604f2 100644 --- a/sysdeps/aarch64/Makefile +++ b/sysdeps/aarch64/Makefile @@ -9,7 +9,9 @@ LDFLAGS-rtld += -Wl,-z,force-bti,--fatal-warnings endif ifeq ($(subdir),elf) -sysdep-dl-routines += dl-bti +sysdep-dl-routines += \ + dl-bti \ + dl-gcs tests += tst-audit26 \ tst-audit27 diff --git a/sysdeps/aarch64/dl-gcs.c b/sysdeps/aarch64/dl-gcs.c new file mode 100644 index 0000000000..a92deb54b5 --- /dev/null +++ b/sysdeps/aarch64/dl-gcs.c @@ -0,0 +1,59 @@ +/* AArch64 GCS functions. + Copyright (C) 2024 Free Software Foundation, Inc. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +static void +fail (struct link_map *l, const char *program) +{ + if (program) + _dl_fatal_printf ("%s: %s: not GCS compatible\n", program, l->l_name); + else + _dl_signal_error (0, l->l_name, "dlopen", N_("not GCS compatible")); +} + +static void +check_gcs (struct link_map *l, const char *program) +{ + if (!l->l_mach.gcs) + { + if (GLRO(dl_aarch64_gcs_policy) == 2 || !program) + fail (l, program); + if (GLRO(dl_aarch64_gcs_policy) == 1 && program) + GL(dl_aarch64_gcs) = 0; + } +} + +/* Apply GCS policy for L and its dependencies. */ + +void +_dl_gcs_check (struct link_map *l, const char *program) +{ + /* GCS is disabled. */ + if (GL(dl_aarch64_gcs) == 0) + return; + /* GCS marking is ignored. */ + if (GLRO(dl_aarch64_gcs_policy) == 0) + return; + + check_gcs (l, program); + for (unsigned int i = 0; i < l->l_searchlist.r_nlist; i++) + check_gcs (l->l_initfini[i], program); +} diff --git a/sysdeps/aarch64/dl-prop.h b/sysdeps/aarch64/dl-prop.h index df05c0211d..72ac11aec0 100644 --- a/sysdeps/aarch64/dl-prop.h +++ b/sysdeps/aarch64/dl-prop.h @@ -24,16 +24,21 @@ extern void _dl_bti_protect (struct link_map *, int) attribute_hidden; extern void _dl_bti_check (struct link_map *, const char *) attribute_hidden; +extern void _dl_gcs_check (struct link_map *, const char *) + attribute_hidden; + static inline void __attribute__ ((always_inline)) _rtld_main_check (struct link_map *m, const char *program) { _dl_bti_check (m, program); + _dl_gcs_check (m, program); } static inline void __attribute__ ((always_inline)) _dl_open_check (struct link_map *m) { _dl_bti_check (m, NULL); + _dl_gcs_check (m, NULL); } static inline void __attribute__ ((always_inline)) @@ -45,10 +50,6 @@ static inline int _dl_process_gnu_property (struct link_map *l, int fd, uint32_t type, uint32_t datasz, void *data) { - if (!GLRO(dl_aarch64_cpu_features).bti) - /* Skip note processing. */ - return 0; - if (type == GNU_PROPERTY_AARCH64_FEATURE_1_AND) { /* Stop if the property note is ill-formed. */ @@ -57,7 +58,11 @@ _dl_process_gnu_property (struct link_map *l, int fd, uint32_t type, unsigned int feature_1 = *(unsigned int *) data; if (feature_1 & GNU_PROPERTY_AARCH64_FEATURE_1_BTI) - _dl_bti_protect (l, fd); + if (GLRO(dl_aarch64_cpu_features).bti) + _dl_bti_protect (l, fd); + + if (feature_1 & GNU_PROPERTY_AARCH64_FEATURE_1_GCS) + l->l_mach.gcs = 1; /* Stop if we processed the property note. */ return 0; diff --git a/sysdeps/aarch64/linkmap.h b/sysdeps/aarch64/linkmap.h index 56a63fc3dd..423fc0bd8e 100644 --- a/sysdeps/aarch64/linkmap.h +++ b/sysdeps/aarch64/linkmap.h @@ -23,4 +23,5 @@ struct link_map_machine ElfW(Addr) plt; /* Address of .plt */ void *tlsdesc_table; /* Address of TLS descriptor hash table. */ bool bti_fail; /* Failed to enable Branch Target Identification. */ + bool gcs; /* Guarded Control Stack marking. */ };