From patchwork Mon Aug 22 21:12:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Thibault X-Patchwork-Id: 56930 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 213713858439 for ; Mon, 22 Aug 2022 21:12:26 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from sonata.ens-lyon.org (domu-toccata.ens-lyon.fr [140.77.166.138]) by sourceware.org (Postfix) with ESMTPS id 255613858D3C for ; Mon, 22 Aug 2022 21:12:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 255613858D3C Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=ens-lyon.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=bounce.ens-lyon.org Received: from localhost (localhost [127.0.0.1]) by sonata.ens-lyon.org (Postfix) with ESMTP id 4B6DC20170; Mon, 22 Aug 2022 23:12:13 +0200 (CEST) Received: from sonata.ens-lyon.org ([127.0.0.1]) by localhost (sonata.ens-lyon.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lULDxngXDbtr; Mon, 22 Aug 2022 23:12:13 +0200 (CEST) Received: from begin (lfbn-bor-1-376-208.w109-215.abo.wanadoo.fr [109.215.91.208]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by sonata.ens-lyon.org (Postfix) with ESMTPSA id 0FE212016E; Mon, 22 Aug 2022 23:12:13 +0200 (CEST) Received: from samy by begin with local (Exim 4.96) (envelope-from ) id 1oQEiS-00Fjxd-2C; Mon, 22 Aug 2022 23:12:12 +0200 From: Samuel Thibault To: libc-alpha@sourceware.org Subject: [hurd, commited] hurd: Fix starting static binaries with stack protection enabled Date: Mon, 22 Aug 2022 23:12:12 +0200 Message-Id: <20220822211212.3751584-1-samuel.thibault@ens-lyon.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Spam-Status: No, score=-13.4 required=5.0 tests=BAYES_00, GIT_PATCH_0, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: commit-hurd@gnu.org Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" gcc introduces gs:0x14 accesses in most functions, so we need some tcbhead to be ready very early during initialization. This configures a static area which can be referenced by various protected functions, until proper TLS is set up. --- sysdeps/mach/hurd/i386/init-first.c | 13 +++++++++++++ sysdeps/mach/hurd/i386/tls.h | 11 +++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/sysdeps/mach/hurd/i386/init-first.c b/sysdeps/mach/hurd/i386/init-first.c index f10d4a1bc2..7d8721856b 100644 --- a/sysdeps/mach/hurd/i386/init-first.c +++ b/sysdeps/mach/hurd/i386/init-first.c @@ -42,6 +42,11 @@ extern int __libc_argc attribute_hidden; extern char **__libc_argv attribute_hidden; extern char **_dl_argv; +#ifndef SHARED +unsigned short __init1_desc; +static tcbhead_t __init1_tcbhead; +#endif + /* Things that want to be run before _hurd_init or much anything else. Importantly, these are called before anything tries to use malloc. */ DEFINE_HOOK (_hurd_preinit_hook, (void)); @@ -243,6 +248,13 @@ first_init (void) /* Initialize data structures so we can do RPCs. */ __mach_init (); +#ifndef SHARED + /* In the static case, we need to set up TLS early so that the stack + protection guard can be read at gs:0x14 by the gcc-generated snippets. */ + _hurd_tls_init(&__init1_tcbhead); + asm ("movw %%gs,%w0" : "=m" (__init1_desc)); +#endif + RUN_RELHOOK (_hurd_preinit_hook, ()); } @@ -285,6 +297,7 @@ strong_alias (posixland_init, __libc_init_first); This poorly-named function is called by static-start.S, which should not exist at all. */ void +inhibit_stack_protector _hurd_stack_setup (void) { intptr_t caller = (intptr_t) __builtin_return_address (0); diff --git a/sysdeps/mach/hurd/i386/tls.h b/sysdeps/mach/hurd/i386/tls.h index 264ed9a9c5..3817b7230d 100644 --- a/sysdeps/mach/hurd/i386/tls.h +++ b/sysdeps/mach/hurd/i386/tls.h @@ -49,7 +49,6 @@ typedef struct mach_port_t reply_port; /* This thread's reply port. */ struct hurd_sigstate *_hurd_sigstate; } tcbhead_t; -#endif /* Return tcbhead_t from a TLS segment descriptor. */ # define HURD_DESC_TLS(desc) \ @@ -60,10 +59,18 @@ typedef struct }) /* Return 1 if TLS is not initialized yet. */ +#ifndef SHARED +extern unsigned short __init1_desc; +#define __HURD_DESC_INITIAL(gs, ds) ((gs) == (ds) || (gs) == __init1_desc) +#else +#define __HURD_DESC_INITIAL(gs, ds) ((gs) == (ds)) +#endif + #define __LIBC_NO_TLS() \ ({ unsigned short ds, gs; \ asm ("movw %%ds,%w0; movw %%gs,%w1" : "=q" (ds), "=q" (gs)); \ - __builtin_expect (ds == gs, 0); }) + __builtin_expect(__HURD_DESC_INITIAL(gs, ds), 0); }) +#endif /* The TCB can have any size and the memory following the address the thread pointer points to is unspecified. Allocate the TCB there. */