[v4,19/22] aarch64: Process gnu properties in static exe

Message ID 20241129163721.2385847-20-yury.khrustalev@arm.com
State Under Review
Delegated to: Carlos O'Donell
Headers
Series aarch64: Add support for Guarded Control Stack extension |

Checks

Context Check Description
redhat-pt-bot/TryBot-apply_patch success Patch applied to master at the time it was sent
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64 success Build passed
linaro-tcwg-bot/tcwg_glibc_check--master-aarch64 success Test passed
linaro-tcwg-bot/tcwg_glibc_build--master-arm success Build passed
linaro-tcwg-bot/tcwg_glibc_check--master-arm success Test passed

Commit Message

Yury Khrustalev Nov. 29, 2024, 4:37 p.m. UTC
  From: Szabolcs Nagy <szabolcs.nagy@arm.com>

Unlike for BTI, the kernel does not process GCS properties so update
GL(dl_aarch64_gcs) before the GCS status is set.
---
 sysdeps/unix/sysv/linux/aarch64/libc-start.h | 12 ++++++++++++
 1 file changed, 12 insertions(+)
  

Comments

Adhemerval Zanella Netto Dec. 3, 2024, 6:56 p.m. UTC | #1
On 29/11/24 13:37, Yury Khrustalev wrote:
> From: Szabolcs Nagy <szabolcs.nagy@arm.com>
> 
> Unlike for BTI, the kernel does not process GCS properties so update
> GL(dl_aarch64_gcs) before the GCS status is set.

Although it would only used for aarch64, I think we should make this change
generic as I suggested for memory sealing support [1].

[1] https://patchwork.sourceware.org/project/glibc/patch/20240930200831.1669010-3-adhemerval.zanella@linaro.org/

> ---
>  sysdeps/unix/sysv/linux/aarch64/libc-start.h | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.h b/sysdeps/unix/sysv/linux/aarch64/libc-start.h
> index 0dd102c374..1cc4dab818 100644
> --- a/sysdeps/unix/sysv/linux/aarch64/libc-start.h
> +++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.h
> @@ -21,6 +21,8 @@
>  
>  #ifndef SHARED
>  
> +# include <dl-prop.h>
> +
>  # ifndef PR_SET_SHADOW_STACK_STATUS
>  #  define PR_GET_SHADOW_STACK_STATUS	74
>  #  define PR_SET_SHADOW_STACK_STATUS	75
> @@ -36,6 +38,16 @@ aarch64_libc_setup_tls (void)
>  {
>    __libc_setup_tls ();
>  
> +  struct link_map *main_map = _dl_get_dl_main_map ();
> +  const ElfW(Phdr) *phdr = GL(dl_phdr);
> +  const ElfW(Phdr) *ph;
> +  for (ph = phdr; ph < phdr + GL(dl_phnum); ph++)
> +    if (ph->p_type == PT_GNU_PROPERTY)
> +      {
> +	_dl_process_pt_gnu_property (main_map, -1, ph);
> +	_rtld_main_check (main_map, _dl_argv[0]);
> +	break;
> +      }
>    uint64_t s = GL(dl_aarch64_gcs);
>    if (s != 0)
>      INLINE_SYSCALL_CALL (prctl, PR_SET_SHADOW_STACK_STATUS, s, 0, 0, 0);
  

Patch

diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.h b/sysdeps/unix/sysv/linux/aarch64/libc-start.h
index 0dd102c374..1cc4dab818 100644
--- a/sysdeps/unix/sysv/linux/aarch64/libc-start.h
+++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.h
@@ -21,6 +21,8 @@ 
 
 #ifndef SHARED
 
+# include <dl-prop.h>
+
 # ifndef PR_SET_SHADOW_STACK_STATUS
 #  define PR_GET_SHADOW_STACK_STATUS	74
 #  define PR_SET_SHADOW_STACK_STATUS	75
@@ -36,6 +38,16 @@  aarch64_libc_setup_tls (void)
 {
   __libc_setup_tls ();
 
+  struct link_map *main_map = _dl_get_dl_main_map ();
+  const ElfW(Phdr) *phdr = GL(dl_phdr);
+  const ElfW(Phdr) *ph;
+  for (ph = phdr; ph < phdr + GL(dl_phnum); ph++)
+    if (ph->p_type == PT_GNU_PROPERTY)
+      {
+	_dl_process_pt_gnu_property (main_map, -1, ph);
+	_rtld_main_check (main_map, _dl_argv[0]);
+	break;
+      }
   uint64_t s = GL(dl_aarch64_gcs);
   if (s != 0)
     INLINE_SYSCALL_CALL (prctl, PR_SET_SHADOW_STACK_STATUS, s, 0, 0, 0);