@@ -55,7 +55,7 @@ dl_cfi_disable_cfi (unsigned int feature) {
#ifdef __riscv_landing_pad
if (feature & GNU_PROPERTY_RISCV_FEATURE_1_CFI_LP_UNLABELED)
{
- res = prctl (PR_SET_INDIR_BR_LP_STATUS, 0, 0, 0, 0);
+ res = prctl (PR_SET_CFI, PR_CFI_BRANCH_LANDING_PADS, PR_CFI_DISABLE, 0, 0);
if (res)
return res;
}
@@ -77,7 +77,8 @@ dl_cfi_lock_cfi (unsigned int feature)
int res = 0;
#ifdef __riscv_landing_pad
if (feature & GNU_PROPERTY_RISCV_FEATURE_1_CFI_LP_UNLABELED)
- res |= prctl (PR_LOCK_INDIR_BR_LP_STATUS, 0, 0, 0, 0);
+ res |= prctl (PR_SET_CFI, PR_CFI_BRANCH_LANDING_PADS,
+ PR_CFI_ENABLE | PR_CFI_LOCK, 0, 0);
#endif /* __riscv_landing_pad */
#ifdef __riscv_shadow_stack
if (feature & GNU_PROPERTY_RISCV_FEATURE_1_CFI_SS)
@@ -92,7 +93,7 @@ dl_cfi_get_cfi_status (void) {
unsigned long buf = 0;
int ret = 0;
#ifdef __riscv_landing_pad
- ret = prctl (PR_GET_INDIR_BR_LP_STATUS, &buf, 0, 0, 0);
+ ret = prctl (PR_GET_CFI, PR_CFI_BRANCH_LANDING_PADS, &buf, 0, 0);
if (!ret && buf)
status |= GNU_PROPERTY_RISCV_FEATURE_1_CFI_LP_UNLABELED;
#endif /* __riscv_landing_pad */
@@ -109,7 +110,7 @@ static __always_inline int
dl_cfi_enable_lp (unsigned int feature) {
if (!(feature & GNU_PROPERTY_RISCV_FEATURE_1_CFI_LP_UNLABELED))
return -1;
- return INTERNAL_SYSCALL_CALL (prctl, PR_SET_INDIR_BR_LP_STATUS,
- PR_INDIR_BR_LP_ENABLE, 0, 0, 0);
+ return INTERNAL_SYSCALL_CALL (prctl, PR_SET_CFI, PR_CFI_BRANCH_LANDING_PADS,
+ PR_CFI_ENABLE, 0, 0);
}
#endif /* __riscv_landing_pad */
@@ -21,28 +21,23 @@
#define PR_LOCK_SHADOW_STACK_STATUS 76
/*
- * Get the current indirect branch tracking configuration for the current
- * thread, this will be the value configured via PR_SET_INDIR_BR_LP_STATUS.
+ * Get or set the control flow integrity (CFI) configuration for the
+ * current thread.
+ *
+ * Some per-thread control flow integrity settings are not yet
+ * controlled through this prctl(); see for example
+ * PR_{GET,SET,LOCK}_SHADOW_STACK_STATUS
*/
-#define PR_GET_INDIR_BR_LP_STATUS 79
+#define PR_GET_CFI 80
+#define PR_SET_CFI 81
/*
- * Set the indirect branch tracking configuration. PR_INDIR_BR_LP_ENABLE will
- * enable cpu feature for user thread, to track all indirect branches and ensure
- * they land on arch defined landing pad instruction.
- * x86 - If enabled, an indirect branch must land on `ENDBRANCH` instruction.
- * arch64 - If enabled, an indirect branch must land on `BTI` instruction.
- * riscv - If enabled, an indirect branch must land on `lpad` instruction.
- * PR_INDIR_BR_LP_DISABLE will disable feature for user thread and indirect
- * branches will no more be tracked by cpu to land on arch defined landing pad
- * instruction.
+ * Forward-edge CFI variants (excluding ARM64 BTI, which has its own
+ * prctl()s).
*/
-#define PR_SET_INDIR_BR_LP_STATUS 80
-# define PR_INDIR_BR_LP_ENABLE (1UL << 0)
+#define PR_CFI_BRANCH_LANDING_PADS 0
-/*
- * Prevent further changes to the specified indirect branch tracking
- * configuration. All bits may be locked via this call, including
- * undefined bits.
- */
-#define PR_LOCK_INDIR_BR_LP_STATUS 81
+/* Return and control values for PR_{GET,SET}_CFI */
+# define PR_CFI_ENABLE (1UL << 0)
+# define PR_CFI_DISABLE (1UL << 1)
+# define PR_CFI_LOCK (1UL << 2)