public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
From: H.J. Lu <hjl@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc] x86/cet: Don't disable CET if not single threaded
Date: Wed, 20 Dec 2023 13:45:54 +0000 (GMT) [thread overview]
Message-ID: <20231220134554.232293861823@sourceware.org> (raw)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=41560a9312ce0ec7203480eef8f865076bff9edb
commit 41560a9312ce0ec7203480eef8f865076bff9edb
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Jul 28 14:06:01 2023 -0700
x86/cet: Don't disable CET if not single threaded
In permissive mode, don't disable IBT nor SHSTK when dlopening a legacy
shared library if not single threaded since IBT and SHSTK may be still
enabled in other threads. Other threads with IBT or SHSTK enabled will
crash when calling functions in the legacy shared library. Instead, an
error will be issued.
Diff:
---
sysdeps/x86/dl-cet.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/sysdeps/x86/dl-cet.c b/sysdeps/x86/dl-cet.c
index 67c51ee8c2..e486e549be 100644
--- a/sysdeps/x86/dl-cet.c
+++ b/sysdeps/x86/dl-cet.c
@@ -20,6 +20,7 @@
#include <libintl.h>
#include <ldsodefs.h>
#include <dl-cet.h>
+#include <sys/single_threaded.h>
/* GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
are defined in <elf.h>, which are only available for C sources.
@@ -233,7 +234,10 @@ dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
&& (info->feature_1_legacy
& GNU_PROPERTY_X86_FEATURE_1_IBT) != 0)
{
- if (info->enable_ibt_type != cet_permissive)
+ /* Don't disable IBT if not single threaded since IBT may be still
+ enabled in other threads. */
+ if (info->enable_ibt_type != cet_permissive
+ || !SINGLE_THREAD_P)
{
legacy_obj = info->feature_1_legacy_ibt;
msg = N_("rebuild shared object with IBT support enabled");
@@ -249,7 +253,10 @@ dl_cet_check_dlopen (struct link_map *m, struct dl_cet_info *info)
&& (info->feature_1_legacy
& GNU_PROPERTY_X86_FEATURE_1_SHSTK) != 0)
{
- if (info->enable_shstk_type != cet_permissive)
+ /* Don't disable SHSTK if not single threaded since SHSTK may be
+ still enabled in other threads. */
+ if (info->enable_shstk_type != cet_permissive
+ || !SINGLE_THREAD_P)
{
legacy_obj = info->feature_1_legacy_shstk;
msg = N_("rebuild shared object with SHSTK support enabled");
reply other threads:[~2023-12-20 13:45 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231220134554.232293861823@sourceware.org \
--to=hjl@sourceware.org \
--cc=glibc-cvs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).