public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
* [glibc/fw/x86-shstk-backtrace] x86_64: Use shadow stack for backtrace implementation
@ 2024-05-31 20:49 Florian Weimer
0 siblings, 0 replies; only message in thread
From: Florian Weimer @ 2024-05-31 20:49 UTC (permalink / raw)
To: glibc-cvs
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c5f7f4fc8bb857cbe07972ff1e29970b101e9995
commit c5f7f4fc8bb857cbe07972ff1e29970b101e9995
Author: Florian Weimer <fweimer@redhat.com>
Date: Fri May 31 12:26:43 2024 +0200
x86_64: Use shadow stack for backtrace implementation
Test failures:
FAIL: debug/tst-backtrace4
FAIL: misc/tst-sigcontext-get_pc
The return address of signal handlers is not on the shadow stack.
Diff:
---
debug/backtrace.c | 13 +++++-
sysdeps/generic/arch_backtrace.h | 25 ++++++++++
sysdeps/unix/sysv/linux/tst-sigcontext-get_pc.c | 4 +-
sysdeps/unix/sysv/linux/x86_64/libc_sigaction.c | 1 +
sysdeps/x86/cpu-features.c | 2 +-
sysdeps/x86_64/arch_backtrace.h | 62 +++++++++++++++++++++++++
sysdeps/x86_64/dl-cet.c | 4 +-
7 files changed, 106 insertions(+), 5 deletions(-)
diff --git a/debug/backtrace.c b/debug/backtrace.c
index 969d699bd1..2ed0112cb8 100644
--- a/debug/backtrace.c
+++ b/debug/backtrace.c
@@ -20,6 +20,7 @@
#include <stdlib.h>
#include <unwind.h>
#include <unwind-link.h>
+#include <arch_backtrace.h>
struct trace_arg
{
@@ -63,6 +64,16 @@ backtrace_helper (struct _Unwind_Context *ctx, void *a)
int
__backtrace (void **array, int size)
{
+ if (size <= 0)
+ return 0;
+
+ /* Try the architecture-specific implementation first. */
+ {
+ int result = __arch_backtrace (array, size);
+ if (result >= 0)
+ return result;
+ }
+
struct trace_arg arg =
{
.array = array,
@@ -72,7 +83,7 @@ __backtrace (void **array, int size)
.cnt = -1
};
- if (size <= 0 || arg.unwind_link == NULL)
+ if (arg.unwind_link == NULL)
return 0;
UNWIND_LINK_PTR (arg.unwind_link, _Unwind_Backtrace)
diff --git a/sysdeps/generic/arch_backtrace.h b/sysdeps/generic/arch_backtrace.h
new file mode 100644
index 0000000000..ebdffd7cb7
--- /dev/null
+++ b/sysdeps/generic/arch_backtrace.h
@@ -0,0 +1,25 @@
+/* Architecture-specific backtrace implementation. Generic version.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+/* The generic implementation always uses falls back to the libgcc
+ unwinder. */
+static inline __always_inline int
+__arch_backtrace (void **array, int size)
+{
+ return -1;
+}
diff --git a/sysdeps/unix/sysv/linux/tst-sigcontext-get_pc.c b/sysdeps/unix/sysv/linux/tst-sigcontext-get_pc.c
index ea375f97d9..df1c9c43df 100644
--- a/sysdeps/unix/sysv/linux/tst-sigcontext-get_pc.c
+++ b/sysdeps/unix/sysv/linux/tst-sigcontext-get_pc.c
@@ -38,8 +38,10 @@ handler (int signal, siginfo_t *info, void *ctx)
uintptr_t pc = sigcontext_get_pc (ctx);
printf ("info: address in signal handler: 0x%" PRIxPTR "\n", pc);
+ printf ("info: siginfo_t address: %p\n", info);
+ printf ("info: ucontext_t address: %p\n", ctx);
- void *callstack[10];
+ void *callstack[20];
int callstack_count = backtrace (callstack, array_length (callstack));
TEST_VERIFY_EXIT (callstack_count > 0);
TEST_VERIFY_EXIT (callstack_count <= array_length (callstack));
diff --git a/sysdeps/unix/sysv/linux/x86_64/libc_sigaction.c b/sysdeps/unix/sysv/linux/x86_64/libc_sigaction.c
index b39812f81d..bb41cf1047 100644
--- a/sysdeps/unix/sysv/linux/x86_64/libc_sigaction.c
+++ b/sysdeps/unix/sysv/linux/x86_64/libc_sigaction.c
@@ -76,6 +76,7 @@ asm \
".align 16\n" \
".LSTART_" #name ":\n" \
" .type __" #name ",@function\n" \
+ " .globl __" #name "\n" \
"__" #name ":\n" \
" movq $" #syscall ", %rax\n" \
" syscall\n" \
diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c
index 3d7c2819d7..459844dd20 100644
--- a/sysdeps/x86/cpu-features.c
+++ b/sysdeps/x86/cpu-features.c
@@ -147,7 +147,7 @@ update_active (struct cpu_features *cpu_features)
if (!CPU_FEATURES_CPU_P (cpu_features, RTM_ALWAYS_ABORT))
CPU_FEATURE_SET_ACTIVE (cpu_features, RTM);
-#if CET_ENABLED && 0
+#if CET_ENABLED
CPU_FEATURE_SET_ACTIVE (cpu_features, IBT);
CPU_FEATURE_SET_ACTIVE (cpu_features, SHSTK);
#endif
diff --git a/sysdeps/x86_64/arch_backtrace.h b/sysdeps/x86_64/arch_backtrace.h
new file mode 100644
index 0000000000..64f173f734
--- /dev/null
+++ b/sysdeps/x86_64/arch_backtrace.h
@@ -0,0 +1,62 @@
+/* Architecture-specific backtrace implementation. x86-64 version.
+ Copyright (C) 2024 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <stdbool.h>
+#include <sysdep.h>
+
+/* From libc_sigaction.c. */
+extern void restore_rt (void) asm ("__restore_rt") attribute_hidden;
+
+/* Copy addresses from the shadow stack if available. */
+static inline __always_inline int
+__arch_backtrace (void **array, int size)
+{
+#if CET_ENABLED
+ void **ssp;
+ asm ("rdsspq %0"
+ : "=r" (ssp)
+ : "0" (0));
+ if (ssp == NULL)
+ return -1;
+
+ void **ssp_base = (void **) THREAD_GETMEM (THREAD_SELF, header.ssp_base);
+ if (ssp_base < ssp)
+ /* Covers the NULL case. */
+ return 0;
+
+ long int limit = ssp_base - ssp;
+ if (limit > size)
+ limit = size;
+
+#if 1
+ __builtin_memcpy (array, ssp, limit * sizeof (*array));
+ return limit;
+#else
+ /* We cannot use memcpy because we need to filter out signal
+ frames. */
+ int count = 0;
+ for (unsigned int i = 0; i < limit; ++i)
+ if (ssp[i] != restore_rt)
+ array[count++] = ssp[i];
+ return count;
+#endif
+
+#else /* !CET_ENABLED */
+ return -1;
+#endif
+}
diff --git a/sysdeps/x86_64/dl-cet.c b/sysdeps/x86_64/dl-cet.c
index d21854924d..25fa6e30b6 100644
--- a/sysdeps/x86_64/dl-cet.c
+++ b/sysdeps/x86_64/dl-cet.c
@@ -338,8 +338,8 @@ _dl_cet_setup_features (unsigned int cet_feature)
: "=r" (ssp)
: "0" (0));
if (ssp != NULL)
- /* The caller is the top-most frame, hence the + 8. */
- THREAD_SETMEM (THREAD_SELF, header.ssp_base, ssp + 8);
+ /* The caller is the top-most frame, hence the + 1. */
+ THREAD_SETMEM (THREAD_SELF, header.ssp_base, ssp + 1);
cet_feature = dl_cet_get_cet_status ();
if (cet_feature != 0)
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-05-31 20:49 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-05-31 20:49 [glibc/fw/x86-shstk-backtrace] x86_64: Use shadow stack for backtrace implementation Florian Weimer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).