This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug dynamic-link/21598] i386 _dl_runtime_resolve/_dl_runtime_profile is incompatible with shadow stack
- From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 29 Jun 2017 00:17:37 +0000
- Subject: [Bug dynamic-link/21598] i386 _dl_runtime_resolve/_dl_runtime_profile is incompatible with shadow stack
- Auto-submitted: auto-generated
- References: <bug-21598-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=21598
--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, hjl/cet/property has been created
at 4beb1286e82f161771f35d873d8622ff0ff56c5f (commit)
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4beb1286e82f161771f35d873d8622ff0ff56c5f
commit 4beb1286e82f161771f35d873d8622ff0ff56c5f
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Wed Jun 28 15:16:46 2017 -0700
Add _dl_runtime_resolve_shstk
Add a SHSTK compatible symbol resolver to support Shadow Stack in Intel
Control-flow Enforcement Technology (CET) instructions:
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=871e7c06e3de07f70c546caa8bdb44c65afb8a1a
commit 871e7c06e3de07f70c546caa8bdb44c65afb8a1a
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Thu Jun 22 04:15:39 2017 -0700
x86: Add <sys/cet.h> to support Intel CET
To support Intel Control-flow Enforcement Technology (CET) instructions:
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-en
forcement-technology-preview.pdf
include sysdeps/unix/sysv/linux/x86/sys/cet.h for assembly codes so that
ELF program property can be added to relocatable objects generated from
assembly codes if defines__IBT__ or __SHSTK__ is defined. If compiler
defines__IBT__, the IBT bit is turned on in x86 feature. If compiler
defines __SHSTK__, the SHSTK bit is turned on in x86 feature.
* configure.ac: Add --enable-cet.
* configure: Regenerated.
* sysdeps/unix/sysv/linux/x86/Makefile (asm-CPPFLAGS): Add
$(cet_cflags) -include $(..)sysdeps/unix/sysv/linux/x86/sys/cet.h.
(+cflags): Add $(cet_cflags).
* sysdeps/unix/sysv/linux/x86/configure: New file.
* sysdeps/unix/sysv/linux/x86/configure.ac: Likewise.
* sysdeps/unix/sysv/linux/x86/sys/cet.h: Likewise.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9a4ad672c0b2cd11231484e6787d2f0f4b87f1bc
commit 9a4ad672c0b2cd11231484e6787d2f0f4b87f1bc
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Wed Jun 21 13:07:05 2017 -0700
Add NT_GNU_PROPERTY_TYPE_0 macros
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b74624eb2ce216014e6d87caa057ae490afc5205
commit b74624eb2ce216014e6d87caa057ae490afc5205
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Thu Jun 22 08:51:42 2017 -0700
x86: Add IBT/SHSTK support to cpu-features
* sysdeps/x86/cpu-features.h (bit_cpu_BIT): New.
(bit_cpu_SHSTK): Likewise.
(index_cpu_IBT): Likewise.
(index_cpu_SHSTK): Likewise.
(reg_IBT): Likewise.
(reg_SHSTK): Likewise.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=15c62c9c2074312ab6bd8af20aa353ecc7bb0900
commit 15c62c9c2074312ab6bd8af20aa353ecc7bb0900
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Jun 16 14:27:02 2017 -0700
Add private_function for private functions within glibc
i386 _dl_runtime_resolve:
movl (%esp), %ecx
movl %eax, (%esp) # Store the function address.
movl 4(%esp), %eax
ret $12 # Jump to function address.
is incompatible with Shadow Stack in Intel Control-flow Enforcement
Technology (CET) instructions:
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf
since shadow stack doesn't match return stack. We need to use register
indirect branch via %ecx. That means only 2 parameters can be passed
in registers for external function calls with lazy binding. However,
internal_function, which should be used only with hidden function, is
defined as
# define internal_function __attribute__ ((regparm (3), stdcall))
and used with private function calls between different shared objects of
glibc. We introduce private_function for such purpose:
# define private_function __attribute__ ((regparm (2), stdcall))
so that %ecx can be used by _dl_runtime_resolve as scratch register.
[BZ #21598]
* config.h.in (USE_REGPARMS): Removed.
(internal_function): Undef.
(private_function): New. Undef.
* debug/fortify_fail.c (__fortify_fail): Replace internal_function
with private_function.
* elf/dl-addr.c (_dl_addr): Likewise.
* elf/dl-error-skeleton.c (_dl_signal_error): Likewise.
(_dl_catch_error): Likewise.
* elf/dl-execstack.c (_dl_make_stack_executable): Likewise.
* elf/dl-load.c (_dl_rtld_di_serinfo): Likewise.
* elf/dl-open.c (_dl_find_dso_for_object): Likewise.
* elf/dl-support.c (_dl_make_stack_executable_hook): Likewise.
* elf/dl-sym.c (_dl_vsym): Likewise.
(_dl_sym): Likewise.
* elf/dl-tls.c (_dl_get_tls_static_info): Likewise.
(_dl_allocate_tls_init): Likewise.
(_dl_allocate_tls): Likewise.
(_dl_deallocate_tls): Likewise.
* grp/grp-merge.c (__copy_grp): Likewise.
(__merge_grp): Likewise.
* grp/grp-merge.h (__copy_grp): Likewise.
(__merge_grp): Likewise.
* include/dlfcn.h (_dl_addr): Likewise.
(_dl_sym): Likewise.
(_dl_vsym): Likewise.
* include/rpc/pmap_clnt.h (__libc_rpc_getport): Likewise.
* include/stdio.h (__fortify_fail): Likewise.
* include/stdlib.h (__strtof_nan): Likewise.
(__strtod_nan): Likewise.
(__strtold_nan): Likewise.
(__wcstof_nan): Likewise.
(__wcstod_nan): Likewise.
(__wcstold_nan): Likewise.
(__strtof128_nan): Likewise.
(__wcstof128_nan): Likewise.
* inet/inet6_scopeid_pton.c (__inet6_scopeid_pton): Likewise.
* inet/net-internal.h (__inet6_scopeid_pton): Likewise.
* nptl/allocatestack.c (__make_stacks_executable): Likewise.
* nptl/libc_pthread_init.c (__libc_pthread_init): Likewise.
* nptl/pthreadP.h (__make_stacks_executable): Likewise.
(__libc_pthread_init): Likewise.
* nss/XXX-lookup.c (DB_LOOKUP_FCT): Likewise.
(DB_COMPAT_FCT): Likewise.
* nss/getXXbyYY_r.c (DB_LOOKUP_FCT): Likewise.
* nss/getXXent_r.c (DB_LOOKUP_FCT): Likewise.
* nss/nsswitch.h (db_lookup_function): Likewise.
* resolv/gai_misc.h (__gai_sigqueue): Likewise.
* resolv/gai_sigqueue.c (__gai_sigqueue): Likewise.
* stdlib/strtod_nan_main.c (STRTOD_NAN): Likewise.
* sunrpc/pm_getport.c (__libc_rpc_getport): Likewise.
* sysdeps/generic/ldsodefs.h (_dl_make_stack_executable_hook):
Likewise.
(_dl_make_stack_executable): Likewise.
(_dl_signal_error): Likewise.
(_dl_catch_error): Likewise.
(_dl_rtld_di_serinfo): Likewise.
(_dl_allocate_tls): Likewise.
(_dl_get_tls_static_info): Likewise.
(_dl_allocate_tls_init): Likewise.
(_dl_deallocate_tls): Likewise.
(_dl_find_dso_for_object): Likewise.
* sysdeps/unix/sysv/linux/dl-execstack.c
(_dl_make_stack_executable): Likewise.
* sysdeps/unix/sysv/linux/gai_sigqueue.c (__gai_sigqueue):
Likewise.
* sysdeps/unix/sysv/linux/netlink_assert_response.c
(__netlink_assert_response): Likewise.
* sysdeps/unix/sysv/linux/netlinkaccess.h
(__netlink_assert_response): Likewise.
* include/libc-symbols.h (private_function): New.
* sysdeps/i386/configure.ac (USE_REGPARMS): Removed.
(internal_function): New AC_DEFINE.
(private_function): Likewise.
* sysdeps/i386/configure: Regenerated.
-----------------------------------------------------------------------
--
You are receiving this mail because:
You are on the CC list for the bug.