[v7,10/23] aarch64: Add glibc.cpu.aarch64_gcs tunable

Message ID 20250103154141.47731-11-yury.khrustalev@arm.com (mailing list archive)
State Superseded
Headers
Series aarch64: Add support for Guarded Control Stack extension |

Checks

Context Check Description
redhat-pt-bot/TryBot-apply_patch success Patch applied to master at the time it was sent

Commit Message

Yury Khrustalev Jan. 3, 2025, 3:41 p.m. UTC
  From: Szabolcs Nagy <szabolcs.nagy@arm.com>

This tunable is for controlling the GCS status. It is the argument to
the PR_SET_SHADOW_STACK_STATUS prctl, by default 0, so GCS is disabled.

The status is stored into GL(dl_aarch64_gcs) early and only applied
later, since enabling GCS is tricky: it must happen on a top level
stack frame. Using GL instead of GLRO because it may need updates
depending on loaded libraries that happen after readonly protection
is applied, however library marking based GCS setting is not yet
implemented.

Reviewed-by: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
---
 sysdeps/aarch64/dl-tunables.list              |  5 +++
 .../unix/sysv/linux/aarch64/cpu-features.c    |  8 ++++
 .../unix/sysv/linux/aarch64/dl-procruntime.c  | 37 +++++++++++++++++++
 3 files changed, 50 insertions(+)
 create mode 100644 sysdeps/unix/sysv/linux/aarch64/dl-procruntime.c
  

Patch

diff --git a/sysdeps/aarch64/dl-tunables.list b/sysdeps/aarch64/dl-tunables.list
index 5c1a172559..4b28341b72 100644
--- a/sysdeps/aarch64/dl-tunables.list
+++ b/sysdeps/aarch64/dl-tunables.list
@@ -21,5 +21,10 @@  glibc {
     name {
       type: STRING
     }
+    aarch64_gcs {
+      type: UINT_64
+      minval: 0
+      default: 0
+    }
   }
 }
diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c
index 26cf6d4a56..97f61e05fe 100644
--- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c
+++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c
@@ -176,4 +176,12 @@  init_cpu_features (struct cpu_features *cpu_features)
 
   /* Check if MOPS is supported.  */
   cpu_features->mops = GLRO (dl_hwcap2) & HWCAP2_MOPS;
+
+#ifndef HWCAP_GCS
+#define HWCAP_GCS (1UL << 32)
+#endif
+
+  if (GLRO (dl_hwcap) & HWCAP_GCS)
+    /* GCS status may be updated later by binary compatibility checks.  */
+    GL (dl_aarch64_gcs) = TUNABLE_GET (glibc, cpu, aarch64_gcs, uint64_t, 0);
 }
diff --git a/sysdeps/unix/sysv/linux/aarch64/dl-procruntime.c b/sysdeps/unix/sysv/linux/aarch64/dl-procruntime.c
new file mode 100644
index 0000000000..044544aa78
--- /dev/null
+++ b/sysdeps/unix/sysv/linux/aarch64/dl-procruntime.c
@@ -0,0 +1,37 @@ 
+/* Data for processor runtime information.  AArch64 version.
+   Copyright (C) 2024-2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#ifndef PROCINFO_CLASS
+# define PROCINFO_CLASS
+#endif
+
+#if !IS_IN (ldconfig)
+# if !defined PROCINFO_DECL && defined SHARED
+  ._dl_aarch64_gcs
+# else
+PROCINFO_CLASS unsigned long _dl_aarch64_gcs
+# endif
+# ifndef PROCINFO_DECL
+= 0
+# endif
+# if !defined SHARED || defined PROCINFO_DECL
+;
+# else
+,
+# endif
+#endif