From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1039) id EF0AA3858401; Mon, 1 Jan 2024 13:24:18 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org EF0AA3858401 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1704115458; bh=C8DKy/f5mFLDMzOmGovRgfTR/7rpeZY3qcecZlfI8gg=; h=From:To:Subject:Date:From; b=lmGUTSaMEIl/ap1huDCDHZx8pjoMLYoDh3INZXTXG5KmJBZLunjt5tZp9126wxH1l OoPIvpnkMQibzEUPj2kR22KVYVIKXYSA6VEQysHcq9FHktklRLR9oS9GOApX2ta9sP XOjXTJ/pwzpAhjebjGAKi7uaMWYdjvhxhgl9BGso= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: H.J. Lu To: glibc-cvs@sourceware.org Subject: [glibc] x86/cet: Check feature_1 in TCB for active IBT and SHSTK X-Act-Checkin: glibc X-Git-Author: H.J. Lu X-Git-Refname: refs/heads/master X-Git-Oldrev: 541641a3de8d89464151bd879552755e882c832e X-Git-Newrev: d360dcc001cb12504cd3e8dbddee20df6bebb0f8 Message-Id: <20240101132418.EF0AA3858401@sourceware.org> Date: Mon, 1 Jan 2024 13:24:18 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d360dcc001cb12504cd3e8dbddee20df6bebb0f8 commit d360dcc001cb12504cd3e8dbddee20df6bebb0f8 Author: H.J. Lu Date: Fri Dec 29 08:43:52 2023 -0800 x86/cet: Check feature_1 in TCB for active IBT and SHSTK Initially, IBT and SHSTK are marked as active when CPU supports them and CET are enabled in glibc. They can be disabled early by tunables before relocation. Since after relocation, GLRO(dl_x86_cpu_features) becomes read-only, we can't update GLRO(dl_x86_cpu_features) to mark IBT and SHSTK as inactive. Instead, check the feature_1 field in TCB to decide if IBT and SHST are active. Diff: --- sysdeps/x86/bits/platform/x86.h | 8 ++++++++ sysdeps/x86/get-cpuid-feature-leaf.c | 11 ++++++++++- sysdeps/x86/sys/platform/x86.h | 17 +++++++++++++++++ 3 files changed, 35 insertions(+), 1 deletion(-) diff --git a/sysdeps/x86/bits/platform/x86.h b/sysdeps/x86/bits/platform/x86.h index 1e23d53ba2..1575ae53fb 100644 --- a/sysdeps/x86/bits/platform/x86.h +++ b/sysdeps/x86/bits/platform/x86.h @@ -337,3 +337,11 @@ enum x86_cpu_AVX10_YMM = x86_cpu_index_24_ecx_0_ebx + 17, x86_cpu_AVX10_ZMM = x86_cpu_index_24_ecx_0_ebx + 18, }; + +/* Bits in the feature_1 field in TCB. */ + +enum +{ + x86_feature_1_ibt = 1U << 0, + x86_feature_1_shstk = 1U << 1 +}; diff --git a/sysdeps/x86/get-cpuid-feature-leaf.c b/sysdeps/x86/get-cpuid-feature-leaf.c index 9317a6b494..f69936b31e 100644 --- a/sysdeps/x86/get-cpuid-feature-leaf.c +++ b/sysdeps/x86/get-cpuid-feature-leaf.c @@ -15,9 +15,18 @@ License along with the GNU C Library; if not, see . */ - +#include +#include #include +#ifdef __x86_64__ +# ifdef __LP64__ +_Static_assert (FEATURE_1_OFFSET == 72, "FEATURE_1_OFFSET != 72"); +# else +_Static_assert (FEATURE_1_OFFSET == 40, "FEATURE_1_OFFSET != 40"); +# endif +#endif + const struct cpuid_feature * __x86_get_cpuid_feature_leaf (unsigned int leaf) { diff --git a/sysdeps/x86/sys/platform/x86.h b/sysdeps/x86/sys/platform/x86.h index 1ea2c5fc0b..89b1b16f22 100644 --- a/sysdeps/x86/sys/platform/x86.h +++ b/sysdeps/x86/sys/platform/x86.h @@ -45,6 +45,23 @@ x86_cpu_present (unsigned int __index) static __inline__ _Bool x86_cpu_active (unsigned int __index) { + if (__index == x86_cpu_IBT || __index == x86_cpu_SHSTK) + { +#ifdef __x86_64__ + unsigned int __feature_1; +# ifdef __LP64__ + __asm__ ("mov %%fs:72, %0" : "=r" (__feature_1)); +# else + __asm__ ("mov %%fs:40, %0" : "=r" (__feature_1)); +# endif + if (__index == x86_cpu_IBT) + return __feature_1 & x86_feature_1_ibt; + else + return __feature_1 & x86_feature_1_shstk; +#else + return false; +#endif + } const struct cpuid_feature *__ptr = __x86_get_cpuid_feature_leaf (__index / (8 * sizeof (unsigned int) * 4)); unsigned int __reg