diff mbox series

[v4,12/17] riscv/cfi: Store shadow stack information in TLS

Message ID	20260526061703.2188042-13-jesse.huang@sifive.com (mailing list archive)
State	New
Headers	DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 983934BA7993 From: Jesse Huang <jesse.huang@sifive.com> To: libc-alpha@sourceware.org Cc: andrew@sifive.com, darius@bluespec.com, debug@rivosinc.com, jeffreyalaw@gmail.com, kito.cheng@sifive.com, palmer@dabbelt.com, Jesse Huang <jesse.huang@sifive.com> Subject: [PATCH v4 12/17] riscv/cfi: Store shadow stack information in TLS Date: Mon, 25 May 2026 23:16:58 -0700 Message-Id: <20260526061703.2188042-13-jesse.huang@sifive.com> In-Reply-To: <20260526061703.2188042-1-jesse.huang@sifive.com> References: <20260526061703.2188042-1-jesse.huang@sifive.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org
Series	Support RISC-V Control Flow Integrifty (CFI) \| [v4,00/17] Support RISC-V Control Flow Integrifty (CFI) [v4,01/17] riscv: Add --enable-cfi option for controlling cfi features [v4,02/17] riscv/cfi: Setup necessary options for enable-cfi option [v4,03/17] riscv: Add GNU property definitions for RISC-V CFI [v4,04/17] riscv: Adjust assembly routines to support landing pad [v4,05/17] riscv: Introduce feature variables for holding RISC-V GNU properties [v4,06/17] riscv/cfi: Add prctl definitions for RISC-V CFI [v4,07/17] riscv/cfi: Enable CFI on static binaries [v4,08/17] riscv/cfi: Enable CFI on dynamic binaries [v4,09/17] riscv/cfi: introduce tunables for CFI features [v4,10/17] riscv/cfi: Adjust setjmp/longjmp for shadow stack to work [v4,11/17] riscv/cfi: Support locking/disabling CFI and move OS depedent code [v4,12/17] riscv/cfi: Store shadow stack information in TLS [v4,13/17] riscv/cfi: Add internal sigset_t union and use it for both ucontext/jmpbuf [v4,14/17] riscv/cfi: Add __allocate_shadow_stack for mapping new shadow stack [v4,15/17] riscv/cfi: Support ucontext under CFI [v4,16/17] riscv/cfi: Add __INDIRECT_RETURN attribute to swapcontext [v4,17/17] riscv/cfi: Switch to new prctl interface

Checks

Context	Check	Description
redhat-pt-bot/TryBot-apply_patch	success	Patch applied to master at the time it was sent
linaro-tcwg-bot/tcwg_glibc_build--master-arm	success	Build passed
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64	success	Build passed
linaro-tcwg-bot/tcwg_glibc_check--master-aarch64	success	Test passed
linaro-tcwg-bot/tcwg_glibc_check--master-arm	success	Test passed

Commit Message

Jesse Huang May 26, 2026, 6:16 a.m. UTC

  Switching between different ucontexts involves two cases, one is both
sharing a same shadow stack, which requires a unwinding, and the other
is both using a different shadow stack, which require a stack switch
using shadow stack restore token.

By storing shadow stack base in TLS and compare to the one stored in the
context, we can tell the difference and perform the right action.
---
 sysdeps/riscv/nptl/Makefile        | 1 +
 sysdeps/riscv/nptl/tcb-offsets.sym | 5 +++++
 sysdeps/riscv/nptl/tls.h           | 2 ++
 3 files changed, 8 insertions(+)
 create mode 100644 sysdeps/riscv/nptl/Makefile
 create mode 100644 sysdeps/riscv/nptl/tcb-offsets.sym

diff mbox series

Patch

diff --git a/sysdeps/riscv/nptl/Makefile b/sysdeps/riscv/nptl/Makefile
new file mode 100644
index 0000000000..2b7bf43403
--- /dev/null
+++ b/sysdeps/riscv/nptl/Makefile
@@ -0,0 +1 @@ 
+gen-as-const-headers += tcb-offsets.sym
diff --git a/sysdeps/riscv/nptl/tcb-offsets.sym b/sysdeps/riscv/nptl/tcb-offsets.sym
new file mode 100644
index 0000000000..5257acccec
--- /dev/null
+++ b/sysdeps/riscv/nptl/tcb-offsets.sym
@@ -0,0 +1,5 @@ 
+#include <sysdep.h>
+#include <tls.h>
+#include <kernel-features.h>
+
+TLS_SSP_BASE_OFFSET     (offsetof (tcbhead_t, ssp_base) - sizeof (tcbhead_t))
diff --git a/sysdeps/riscv/nptl/tls.h b/sysdeps/riscv/nptl/tls.h
index b2e0f3c249..f618b32b54 100644
--- a/sysdeps/riscv/nptl/tls.h
+++ b/sysdeps/riscv/nptl/tls.h
@@ -44,6 +44,8 @@  typedef struct
 {
   dtv_t *dtv;
   void *private;
+  /* The marker for the current shadow stack.  */
+  unsigned long long int ssp_base;
 } tcbhead_t;
 
 /* This is the size of the initial TCB.  Because our TCB is before the thread