This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Linux/x86: Support shadow stack pointer in setjmp/longjmp
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: Joseph Myers <joseph at codesourcery dot com>, Yu-cheng Yu <yu-cheng dot yu at intel dot com>, "Tsimbalist, Igor V" <igor dot v dot tsimbalist at intel dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Mon, 18 Dec 2017 10:08:59 -0800
- Subject: Re: [PATCH] Linux/x86: Support shadow stack pointer in setjmp/longjmp
- Authentication-results: sourceware.org; auth=none
- References: <20171218162753.GA25026@gmail.com> <alpine.DEB.2.20.1712181741480.26421@digraph.polyomino.org.uk> <CAMe9rOr3gEyaJZ7ukNTY=MiSdWnPbmLOqduodyk3Mx8Qn9J58w@mail.gmail.com>
Resent to glibc. Sorry if you got this email twice.
On Mon, Dec 18, 2017 at 9:54 AM, H.J. Lu <hjl.tools@gmail.com> wrote:
> On Mon, Dec 18, 2017 at 9:44 AM, Joseph Myers <joseph@codesourcery.com> wrote:
>> On Mon, 18 Dec 2017, H.J. Lu wrote:
>>
>>> * sysdeps/unix/sysv/linux/i386/__longjmp.S: New file.
>>> * sysdeps/unix/sysv/linux/i386/bsd-_setjmp.S: Likewise.
>>> * sysdeps/unix/sysv/linux/i386/bsd-setjmp.S: Likewise.
>>> * sysdeps/unix/sysv/linux/i386/setjmp.S: Likewise.
>>> * sysdeps/unix/sysv/linux/x86_64/__longjmp.S: Likewise.
>>> * sysdeps/unix/sysv/linux/x86_64/setjmp.S: Likewise.
>>
>> Why are all these files Linux-specific? ____longjmp_chk is Linux-specific
>> because it does a sysaltstack syscall, but I don't see anything
>> OS-specific in these files. Why shouldn't shadow stack support be
>> available for all OSes on these architectures?
>
> Shadow stack support needs CET support in OS kernel. We are updating
> Linux arch_prctl syscall to support CET.
>
>> Is support for the relevant instructions available in all binutils
>> versions supported for building glibc? If not, does __SHSTK__ being
>> defined guarantee that GCC was built with a binutils version with the
>> required support, or do we need additional configure checks for binutils
>> support?
>
> We check if binutils and GCC support CET before we enable CET:
>
> https://sourceware.org/git/?p=glibc.git;a=commit;h=d977bdb7caa1a0795687b1ea88cd24183231a37e
>
> diff --git a/sysdeps/unix/sysv/linux/x86/configure.ac
> b/sysdeps/unix/sysv/linux/x86/configure.ac
> new file mode 100644
> index 0000000..7ef9fbe
> --- /dev/null
> +++ b/sysdeps/unix/sysv/linux/x86/configure.ac
> @@ -0,0 +1,48 @@
> +GLIBC_PROVIDES dnl See aclocal.m4 in the top level source directory.
> +# Local configure fragment for sysdeps/unix/sysv/linux/x86.
> +
> +if test x"$enable_cet" = xdefault || test x"$enable_cet" = xyes; then
> + # Check if CET can be enabled.
> + AC_CACHE_CHECK(whether CET can be enabled,
> + libc_cv_x86_cet_available, [dnl
> +cat > conftest.c <<EOF
> +#if !defined __IBT__ || !defined __SHSTK__
> +# error CET isn't available.
> +#endif
> +EOF
> + if AC_TRY_COMMAND(${CC-cc} -c $CFLAGS -fcf-protection -mcet -include
> cet.h conftest.c 1>&AS_MESSAGE_LOG_FD); then
> + libc_cv_x86_cet_available=yes
> + else
> + libc_cv_x86_cet_available=no
> + fi
> + rm -rf conftest*])
> + if test $libc_cv_x86_cet_available = yes; then
> + enable_cet=yes
> + else
> + if test x"$enable_cet" = xdefault; then
> + enable_cet=no
> + else
> + AC_MSG_ERROR([$CC doesn't support CET])
> + fi
> + fi
> +fi
> +if test $enable_cet = yes; then
> + # Check if assembler supports CET.
> + AC_CACHE_CHECK(whether $AS supports CET,
> + libc_cv_x86_cet_as, [dnl
> +cat > conftest.s <<EOF
> + incsspd %ecx
> +EOF
> + if AC_TRY_COMMAND(${CC-cc} -c $CFLAGS conftest.s -o conftest.o
> 1>&AS_MESSAGE_LOG_FD); then
> + libc_cv_x86_cet_as=yes
> + else
> + libc_cv_x86_cet_as=no
> + fi
> + rm -rf conftest*])
> + if test $libc_cv_x86_cet_as = no; then
> + AC_MSG_ERROR([$AS doesn't support CET])
> + fi
> + AC_DEFINE(ENABLE_CET, 1,
> + [Enable Intel Control-flow Enforcement Technology (CET)])
> +fi
> +LIBC_CONFIG_VAR([enable-cet], [$enable_cet])
> --
>
> H.J.
--
H.J.