From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x30.google.com (mail-oa1-x30.google.com [IPv6:2001:4860:4864:20::30]) by sourceware.org (Postfix) with ESMTPS id 020503858D3C for ; Fri, 12 Jan 2024 02:53:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 020503858D3C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 020503858D3C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:4860:4864:20::30 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1705027996; cv=none; b=A3iwtmIaeuXLmiigqvFriwBEXuXg5yoUMx3/VRLcHzB8PyRJshx6PM3/rAXp0UKs6swK/UOHDLqW4EtVWkqcShWkJdeRJ8bnwMflBoE7UzZkYhIfoRkpDvJnULA08m4flavEnfevnq6HcT+6GxizyR1Cs1YmXH2iH6eKWcwcqHs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1705027996; c=relaxed/simple; bh=WAm6hokOh+ROCkh0nJp8KZslaRyK9xGlUAPhGDZWiuI=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=tdBU/GqSXyef2WZTXo40YvAkQUl1D8tWUC6ehQEuTF5VckIfsVjZevXonFkKVYK10ZcY72le3IPtkAoQ+AfJ+rKAFtf8C2jo2Q9YpaMlID2DhfT9bTUGsmDxlSZEk+j/mx6A72SlBX0UiePL3y0LWPfFkqqb02oMHEAtQK8Lf5g= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-oa1-x30.google.com with SMTP id 586e51a60fabf-20451ecbb80so3045308fac.2 for ; Thu, 11 Jan 2024 18:53:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705027993; x=1705632793; darn=sourceware.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=7UayVrsRPCP2Pwv1ztU/+7B/JD8d5lOKjzC04T+8pcA=; b=lgV5FOa59NEz33B1w1mJtVAr0Qh9h7aJMnO/XiLNrK0nsIsz+m2OcptkfF10tq/NMv ptUDzuOlA4w/S1UAPG1PpyK7o07VTWyIq0veEerXBdPaZpE6VaDXwcw+VfPPw2sURdyf OhbAR1HsC0T9m1B7vYcuWiHFwgUGkzhipVWiUNeaKi2JA5NQyLA0crx0GziFMwvADbEr LsgYxdRY/xuLT7xdXvTv7sjaAheIXEgNqFBUoheay/1Zlx+mlL1e8OssnBJYs492N121 Ct0bIDmpONZbLDb3kKbmz3JV+E1PYoWohlBUEFXFDEDawuCcQxQNpgCxB31RAO5340g9 GIBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705027993; x=1705632793; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7UayVrsRPCP2Pwv1ztU/+7B/JD8d5lOKjzC04T+8pcA=; b=aDL6XJJyMp87SqIPS2bP4/Yxl56tND5V2xrVHI6FDf+jiTKao6DfxDHv9xfG0Bb7Vm n6y6UV/c6jgURH2Cy3j+faEwZTWF2HkqDHBdNBT0MdjsSa88gHXP2Zn2dREB7OagPAuB 41Xybm/devGF75jBkyNWdkflg2iOT+ltj7yGowh205DDRvjUHFFvxY/GqZ+XpfC8GZBj ISZlP1mKsCOw+6it4/Z3nqmVRDbVB7LTtYyRemg/dFVmzuIsZ6ozjbgIapdFQStOVKSw EcH1pwsCCeS08egruVYLTYWIRc/uTD8HxycfkV2LufcXB7bJ1fuXlC+cNarZPfFpiyG3 fxXA== X-Gm-Message-State: AOJu0YxqgJZiAphVDijP4KEMeZhkodI1umNQci7j9g1iJ2934uExYeat 1zBfhz8LmgTb00/jCV0W2obv/uvM6Y0z22nlv8v+BR4akIQ= X-Google-Smtp-Source: AGHT+IFbHDmJ8mWKqo2Hh0vqwlDIuxZkhxpSqWkHcjIK1/oIA2WLMqe7MFnSzJcZIDTm3guQfa3RlHzSJCBblXFDRFg= X-Received: by 2002:a05:6871:48b:b0:206:75d6:a41e with SMTP id f11-20020a056871048b00b0020675d6a41emr905900oaj.80.1705027993107; Thu, 11 Jan 2024 18:53:13 -0800 (PST) MIME-Version: 1.0 References: <20240110164847.3304707-1-hjl.tools@gmail.com> In-Reply-To: <20240110164847.3304707-1-hjl.tools@gmail.com> From: Noah Goldstein Date: Thu, 11 Jan 2024 18:53:01 -0800 Message-ID: Subject: Re: [PATCH] x86-64/cet: Make CET feature check specific to Linux/x86 To: "H.J. Lu" Cc: libc-alpha@sourceware.org, josmyers@redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-9.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,KAM_NUMSUBJECT,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Wed, Jan 10, 2024 at 8:49=E2=80=AFAM H.J. Lu wrote= : > > CET feature bits in TCB, which are Linux specific, are used to check if > CET features are active. Move CET feature check to Linux/x86 directory. > --- > .../sysv/linux/x86/bits/platform/features.h | 48 +++++++++++++++++++ > sysdeps/unix/sysv/linux/x86_64/dl-cet.h | 8 ++++ > .../linux/x86_64/get-cpuid-feature-leaf.c | 24 ++++++++++ > sysdeps/x86/Makefile | 6 ++- > sysdeps/x86/bits/platform/features.h | 27 +++++++++++ > sysdeps/x86/bits/platform/x86.h | 8 ---- > sysdeps/x86/get-cpuid-feature-leaf.c | 8 ---- > sysdeps/x86/sys/platform/x86.h | 19 ++------ > sysdeps/x86_64/dl-machine.h | 9 ++-- > 9 files changed, 120 insertions(+), 37 deletions(-) > create mode 100644 sysdeps/unix/sysv/linux/x86/bits/platform/features.h > create mode 100644 sysdeps/unix/sysv/linux/x86_64/get-cpuid-feature-leaf= .c > create mode 100644 sysdeps/x86/bits/platform/features.h > > diff --git a/sysdeps/unix/sysv/linux/x86/bits/platform/features.h b/sysde= ps/unix/sysv/linux/x86/bits/platform/features.h > new file mode 100644 > index 0000000000..7704febe92 > --- /dev/null > +++ b/sysdeps/unix/sysv/linux/x86/bits/platform/features.h > @@ -0,0 +1,48 @@ > +/* Inline functions for x86 CPU features. > + This file is part of the GNU C Library. > + Copyright (C) 2024 Free Software Foundation, Inc. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#ifndef _SYS_PLATFORM_X86_H > +# error "Never include directly; use instead." > +#endif > + > +/* Bits in the feature_1 field in TCB. */ > + > +enum > +{ > + x86_feature_1_ibt =3D 1U << 0, > + x86_feature_1_shstk =3D 1U << 1 > +}; > + > +static __inline__ _Bool > +x86_cpu_cet_active (unsigned int __index) > +{ > +#ifdef __x86_64__ > + unsigned int __feature_1; > +# ifdef __LP64__ > + __asm__ ("mov %%fs:72, %0" : "=3Dr" (__feature_1)); > +# else > + __asm__ ("mov %%fs:40, %0" : "=3Dr" (__feature_1)); > +# endif > + if (__index =3D=3D x86_cpu_IBT) > + return __feature_1 & x86_feature_1_ibt; > + else > + return __feature_1 & x86_feature_1_shstk; > +#else > + return false; > +#endif > +} > diff --git a/sysdeps/unix/sysv/linux/x86_64/dl-cet.h b/sysdeps/unix/sysv/= linux/x86_64/dl-cet.h > index a00c7ee662..1fe3133406 100644 > --- a/sysdeps/unix/sysv/linux/x86_64/dl-cet.h > +++ b/sysdeps/unix/sysv/linux/x86_64/dl-cet.h > @@ -54,6 +54,14 @@ dl_cet_get_cet_status (void) > return status; > } > > +static __always_inline bool > +dl_cet_ibt_enabled (void) > +{ > + unsigned int feature_1 =3D THREAD_GETMEM (THREAD_SELF, > + header.feature_1); > + return (feature_1 & GNU_PROPERTY_X86_FEATURE_1_IBT) !=3D 0; > +} > + > /* Enable shadow stack with a macro to avoid shadow stack underflow. */ > #define ENABLE_X86_CET(cet_feature) \ > if ((cet_feature & GNU_PROPERTY_X86_FEATURE_1_SHSTK)) \ > diff --git a/sysdeps/unix/sysv/linux/x86_64/get-cpuid-feature-leaf.c b/sy= sdeps/unix/sysv/linux/x86_64/get-cpuid-feature-leaf.c > new file mode 100644 > index 0000000000..39b342463c > --- /dev/null > +++ b/sysdeps/unix/sysv/linux/x86_64/get-cpuid-feature-leaf.c > @@ -0,0 +1,24 @@ > +/* Get CPUID feature leaf. Linux/x86-64 version. > + Copyright (C) 2024 Free Software Foundation, Inc. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > + > +#ifdef __LP64__ > +_Static_assert (FEATURE_1_OFFSET =3D=3D 72, "FEATURE_1_OFFSET !=3D 72"); > +#else > +_Static_assert (FEATURE_1_OFFSET =3D=3D 40, "FEATURE_1_OFFSET !=3D 40"); > +#endif > diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile > index bf913594c1..4d50b327b5 100644 > --- a/sysdeps/x86/Makefile > +++ b/sysdeps/x86/Makefile > @@ -5,7 +5,11 @@ endif > ifeq ($(subdir),elf) > sysdep_routines +=3D get-cpuid-feature-leaf > sysdep-dl-routines +=3D dl-get-cpu-features > -sysdep_headers +=3D sys/platform/x86.h bits/platform/x86.h > +sysdep_headers +=3D \ > + bits/platform/features.h \ > + bits/platform/x86.h \ > + sys/platform/x86.h \ > +# sysdep_headers > > CFLAGS-dl-get-cpu-features.os +=3D $(rtld-early-cflags) > CFLAGS-get-cpuid-feature-leaf.o +=3D $(no-stack-protector) > diff --git a/sysdeps/x86/bits/platform/features.h b/sysdeps/x86/bits/plat= form/features.h > new file mode 100644 > index 0000000000..f02489266e > --- /dev/null > +++ b/sysdeps/x86/bits/platform/features.h > @@ -0,0 +1,27 @@ > +/* Inline functions for x86 CPU features. > + This file is part of the GNU C Library. > + Copyright (C) 2024 Free Software Foundation, Inc. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#ifndef _SYS_PLATFORM_X86_H > +# error "Never include directly; use instead." > +#endif > + > +static __inline__ _Bool > +x86_cpu_cet_active (unsigned int __index) > +{ > + return false; > +} > diff --git a/sysdeps/x86/bits/platform/x86.h b/sysdeps/x86/bits/platform/= x86.h > index c31d086194..8b157d99b3 100644 > --- a/sysdeps/x86/bits/platform/x86.h > +++ b/sysdeps/x86/bits/platform/x86.h > @@ -337,11 +337,3 @@ enum > x86_cpu_AVX10_YMM =3D x86_cpu_index_24_ecx_0_ebx + 17, > x86_cpu_AVX10_ZMM =3D x86_cpu_index_24_ecx_0_ebx + 18, > }; > - > -/* Bits in the feature_1 field in TCB. */ > - > -enum > -{ > - x86_feature_1_ibt =3D 1U << 0, > - x86_feature_1_shstk =3D 1U << 1 > -}; > diff --git a/sysdeps/x86/get-cpuid-feature-leaf.c b/sysdeps/x86/get-cpuid= -feature-leaf.c > index e6a41cc79c..6f67346081 100644 > --- a/sysdeps/x86/get-cpuid-feature-leaf.c > +++ b/sysdeps/x86/get-cpuid-feature-leaf.c > @@ -19,14 +19,6 @@ > #include > #include > > -#ifdef __x86_64__ > -# ifdef __LP64__ > -_Static_assert (FEATURE_1_OFFSET =3D=3D 72, "FEATURE_1_OFFSET !=3D 72"); > -# else > -_Static_assert (FEATURE_1_OFFSET =3D=3D 40, "FEATURE_1_OFFSET !=3D 40"); > -# endif > -#endif > - > const struct cpuid_feature * > __x86_get_cpuid_feature_leaf (unsigned int leaf) > { > diff --git a/sysdeps/x86/sys/platform/x86.h b/sysdeps/x86/sys/platform/x8= 6.h > index 4d77c0991d..b8066ccc9f 100644 > --- a/sysdeps/x86/sys/platform/x86.h > +++ b/sysdeps/x86/sys/platform/x86.h > @@ -22,6 +22,7 @@ > #include > #include > #include > +#include > > __BEGIN_DECLS > > @@ -46,22 +47,8 @@ static __inline__ _Bool > x86_cpu_active (unsigned int __index) > { > if (__index =3D=3D x86_cpu_IBT || __index =3D=3D x86_cpu_SHSTK) > - { > -#ifdef __x86_64__ > - unsigned int __feature_1; > -# ifdef __LP64__ > - __asm__ ("mov %%fs:72, %0" : "=3Dr" (__feature_1)); > -# else > - __asm__ ("mov %%fs:40, %0" : "=3Dr" (__feature_1)); > -# endif > - if (__index =3D=3D x86_cpu_IBT) > - return __feature_1 & x86_feature_1_ibt; > - else > - return __feature_1 & x86_feature_1_shstk; > -#else > - return false; > -#endif > - } > + return x86_cpu_cet_active (__index); > + > const struct cpuid_feature *__ptr =3D __x86_get_cpuid_feature_leaf > (__index / (8 * sizeof (unsigned int) * 4)); > unsigned int __reg > diff --git a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h > index 2d2ce503a5..6d605d0d32 100644 > --- a/sysdeps/x86_64/dl-machine.h > +++ b/sysdeps/x86_64/dl-machine.h > @@ -587,10 +587,11 @@ x86_64_rewrite_plt (struct link_map *map, ElfW(Addr= ) plt_rewrite) > const ElfW(Rela) *reloc =3D (const void *) start; > const ElfW(Rela) *reloc_end =3D (const void *) (start + size); > > - unsigned int feature_1 =3D THREAD_GETMEM (THREAD_SELF, > - header.feature_1); > - bool ibt_enabled_p > - =3D (feature_1 & GNU_PROPERTY_X86_FEATURE_1_IBT) !=3D 0; > +# ifdef __CET__ > + bool ibt_enabled_p =3D dl_cet_ibt_enabled (); > +# else > + bool ibt_enabled_p =3D false; > +# endif > > if (__glibc_unlikely (GLRO(dl_debug_mask) & DL_DEBUG_FILES)) > _dl_debug_printf ("\nchanging PLT in '%s' to direct branch\n", > -- > 2.43.0 > LGTM. Reviewed-by: Noah Goldstein