source-git / glibc

Clone
Source Code
GIT

Blame sysdeps/x86/dl-cet.c

c8 c8s master
  1.   d64664ff2849160a2f7c54bc5fc69110b360c35e
  2.   sysdeps
  3.   x86
  4.   dl-cet.c
Blob History Raw
Packit Service 82fcde 
/* x86 CET initializers function.
Packit Service 82fcde 
   Copyright (C) 2018 Free Software Foundation, Inc.
Packit Service 82fcde
Packit Service 82fcde 
   The GNU C Library is free software; you can redistribute it and/or
Packit Service 82fcde 
   modify it under the terms of the GNU Lesser General Public
Packit Service 82fcde 
   License as published by the Free Software Foundation; either
Packit Service 82fcde 
   version 2.1 of the License, or (at your option) any later version.
Packit Service 82fcde
Packit Service 82fcde 
   The GNU C Library is distributed in the hope that it will be useful,
Packit Service 82fcde 
   but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 82fcde 
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 82fcde 
   Lesser General Public License for more details.
Packit Service 82fcde
Packit Service 82fcde 
   You should have received a copy of the GNU Lesser General Public
Packit Service 82fcde 
   License along with the GNU C Library; if not, see
Packit Service 82fcde 
   <http://www.gnu.org/licenses/>.  */
Packit Service 82fcde
Packit Service 82fcde 
#include <unistd.h>
Packit Service 82fcde 
#include <errno.h>
Packit Service 82fcde 
#include <libintl.h>
Packit Service 82fcde 
#include <ldsodefs.h>
Packit Service 82fcde 
#include <dl-cet.h>
Packit Service 82fcde 
#include <cet-tunables.h>
Packit Service 82fcde
Packit Service 82fcde 
/* GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
Packit Service 82fcde 
   are defined in <elf.h>, which are only available for C sources.
Packit Service 82fcde 
   X86_FEATURE_1_IBT and X86_FEATURE_1_SHSTK are defined in <sysdep.h>
Packit Service 82fcde 
   which are available for both C and asm sources.  They must match.   */
Packit Service 82fcde 
#if GNU_PROPERTY_X86_FEATURE_1_IBT != X86_FEATURE_1_IBT
Packit Service 82fcde 
# error GNU_PROPERTY_X86_FEATURE_1_IBT != X86_FEATURE_1_IBT
Packit Service 82fcde 
#endif
Packit Service 82fcde 
#if GNU_PROPERTY_X86_FEATURE_1_SHSTK != X86_FEATURE_1_SHSTK
Packit Service 82fcde 
# error GNU_PROPERTY_X86_FEATURE_1_SHSTK != X86_FEATURE_1_SHSTK
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
static int
Packit Service 82fcde 
dl_cet_mark_legacy_region (struct link_map *l)
Packit Service 82fcde 
{
Packit Service 82fcde 
  /* Mark PT_LOAD segments with PF_X in legacy code page bitmap.  */
Packit Service 82fcde 
  size_t i, phnum = l->l_phnum;
Packit Service 82fcde 
  const ElfW(Phdr) *phdr = l->l_phdr;
Packit Service 82fcde 
#ifdef __x86_64__
Packit Service 82fcde 
  typedef unsigned long long word_t;
Packit Service 82fcde 
#else
Packit Service 82fcde 
  typedef unsigned long word_t;
Packit Service 82fcde 
#endif
Packit Service 82fcde 
  unsigned int bits_to_set;
Packit Service 82fcde 
  word_t mask_to_set;
Packit Service 82fcde 
#define BITS_PER_WORD (sizeof (word_t) * 8)
Packit Service 82fcde 
#define BITMAP_FIRST_WORD_MASK(start) \
Packit Service 82fcde 
  (~((word_t) 0) << ((start) & (BITS_PER_WORD - 1)))
Packit Service 82fcde 
#define BITMAP_LAST_WORD_MASK(nbits) \
Packit Service 82fcde 
  (~((word_t) 0) >> (-(nbits) & (BITS_PER_WORD - 1)))
Packit Service 82fcde
Packit Service 82fcde 
  word_t *bitmap = (word_t *) GL(dl_x86_legacy_bitmap)[0];
Packit Service 82fcde 
  word_t bitmap_size = GL(dl_x86_legacy_bitmap)[1];
Packit Service 82fcde 
  word_t *p;
Packit Service 82fcde 
  size_t page_size = GLRO(dl_pagesize);
Packit Service 82fcde
Packit Service 82fcde 
  for (i = 0; i < phnum; i++)
Packit Service 82fcde 
    if (phdr[i].p_type == PT_LOAD && (phdr[i].p_flags & PF_X))
Packit Service 82fcde 
      {
Packit Service 82fcde 
	/* One bit in legacy bitmap represents a page.  */
Packit Service 82fcde 
	ElfW(Addr) start = (phdr[i].p_vaddr + l->l_addr) / page_size;
Packit Service 82fcde 
	ElfW(Addr) len = (phdr[i].p_memsz + page_size - 1) / page_size;
Packit Service 82fcde 
	ElfW(Addr) end = start + len;
Packit Service 82fcde
Packit Service 82fcde 
	if ((end / 8) > bitmap_size)
Packit Service 82fcde 
	  return -EINVAL;
Packit Service 82fcde
Packit Service 82fcde 
	p = bitmap + (start / BITS_PER_WORD);
Packit Service 82fcde 
	bits_to_set = BITS_PER_WORD - (start % BITS_PER_WORD);
Packit Service 82fcde 
	mask_to_set = BITMAP_FIRST_WORD_MASK (start);
Packit Service 82fcde
Packit Service 82fcde 
	while (len >= bits_to_set)
Packit Service 82fcde 
	  {
Packit Service 82fcde 
	    *p |= mask_to_set;
Packit Service 82fcde 
	    len -= bits_to_set;
Packit Service 82fcde 
	    bits_to_set = BITS_PER_WORD;
Packit Service 82fcde 
	    mask_to_set = ~((word_t) 0);
Packit Service 82fcde 
	    p++;
Packit Service 82fcde 
	  }
Packit Service 82fcde 
	if (len)
Packit Service 82fcde 
	  {
Packit Service 82fcde 
	    mask_to_set &= BITMAP_LAST_WORD_MASK (end);
Packit Service 82fcde 
	    *p |= mask_to_set;
Packit Service 82fcde 
	  }
Packit Service 82fcde 
      }
Packit Service 82fcde
Packit Service 82fcde 
  return 0;
Packit Service 82fcde 
}
Packit Service 82fcde
Packit Service 82fcde 
/* Check if object M is compatible with CET.  */
Packit Service 82fcde
Packit Service 82fcde 
static void
Packit Service 82fcde 
dl_cet_check (struct link_map *m, const char *program)
Packit Service 82fcde 
{
Packit Service 82fcde 
  /* Check how IBT should be enabled.  */
Packit Service 82fcde 
  unsigned int enable_ibt_type
Packit Service 82fcde 
    = GL(dl_x86_feature_1)[1] & ((1 << CET_MAX) - 1);
Packit Service 82fcde 
  /* Check how SHSTK should be enabled.  */
Packit Service 82fcde 
  unsigned int enable_shstk_type
Packit Service 82fcde 
    = ((GL(dl_x86_feature_1)[1] >> CET_MAX) & ((1 << CET_MAX) - 1));
Packit Service 82fcde
Packit Service 82fcde 
  /* No legacy object check if both IBT and SHSTK are always on.  */
Packit Service 82fcde 
  if (enable_ibt_type == CET_ALWAYS_ON
Packit Service 82fcde 
      && enable_shstk_type == CET_ALWAYS_ON)
Packit Service 82fcde 
    return;
Packit Service 82fcde
Packit Service 82fcde 
  /* Check if IBT is enabled by kernel.  */
Packit Service 82fcde 
  bool ibt_enabled
Packit Service 82fcde 
    = (GL(dl_x86_feature_1)[0] & GNU_PROPERTY_X86_FEATURE_1_IBT) != 0;
Packit Service 82fcde 
  /* Check if SHSTK is enabled by kernel.  */
Packit Service 82fcde 
  bool shstk_enabled
Packit Service 82fcde 
    = (GL(dl_x86_feature_1)[0] & GNU_PROPERTY_X86_FEATURE_1_SHSTK) != 0;
Packit Service 82fcde
Packit Service 82fcde 
  if (ibt_enabled || shstk_enabled)
Packit Service 82fcde 
    {
Packit Service 82fcde 
      struct link_map *l = NULL;
Packit Service 82fcde
Packit Service 82fcde 
      /* Check if IBT and SHSTK are enabled in object.  */
Packit Service 82fcde 
      bool enable_ibt = (ibt_enabled
Packit Service 82fcde 
			 && enable_ibt_type != CET_ALWAYS_OFF);
Packit Service 82fcde 
      bool enable_shstk = (shstk_enabled
Packit Service 82fcde 
			   && enable_shstk_type != CET_ALWAYS_OFF);
Packit Service 82fcde 
      if (program)
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  /* Enable IBT and SHSTK only if they are enabled in executable.
Packit Service 82fcde 
	     NB: IBT and SHSTK may be disabled by environment variable:
Packit Service 82fcde
Packit Service 82fcde 
	     GLIBC_TUNABLES=glibc.tune.hwcaps=-IBT,-SHSTK
Packit Service 82fcde 
	   */
Packit Service 82fcde 
	  enable_ibt &= (HAS_CPU_FEATURE (IBT)
Packit Service 82fcde 
			 && (enable_ibt_type == CET_ALWAYS_ON
Packit Service 82fcde 
			     || (m->l_cet & lc_ibt) != 0));
Packit Service 82fcde 
	  enable_shstk &= (HAS_CPU_FEATURE (SHSTK)
Packit Service 82fcde 
			   && (enable_shstk_type == CET_ALWAYS_ON
Packit Service 82fcde 
			       || (m->l_cet & lc_shstk) != 0));
Packit Service 82fcde 
	}
Packit Service 82fcde
Packit Service 82fcde 
      /* ld.so is CET-enabled by kernel.  But shared objects may not
Packit Service 82fcde 
	 support IBT nor SHSTK.  */
Packit Service 82fcde 
      if (enable_ibt || enable_shstk)
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  int res;
Packit Service 82fcde 
	  unsigned int i;
Packit Service 82fcde 
	  unsigned int first_legacy, last_legacy;
Packit Service 82fcde 
	  bool need_legacy_bitmap = false;
Packit Service 82fcde
Packit Service 82fcde 
	  i = m->l_searchlist.r_nlist;
Packit Service 82fcde 
	  while (i-- > 0)
Packit Service 82fcde 
	    {
Packit Service 82fcde 
	      /* Check each shared object to see if IBT and SHSTK are
Packit Service 82fcde 
		 enabled.  */
Packit Service 82fcde 
	      l = m->l_initfini[i];
Packit Service 82fcde
Packit Service 82fcde 
	      if (l->l_init_called)
Packit Service 82fcde 
		continue;
Packit Service 82fcde
Packit Service 82fcde 
#ifdef SHARED
Packit Service 82fcde 
	      /* Skip CET check for ld.so since ld.so is CET-enabled.
Packit Service 82fcde 
		 CET will be disabled later if CET isn't enabled in
Packit Service 82fcde 
		 executable.  */
Packit Service 82fcde 
	      if (l == &GL(dl_rtld_map)
Packit Service 82fcde 
		  ||  l->l_real == &GL(dl_rtld_map)
Packit Service 82fcde 
		  || (program && l == m))
Packit Service 82fcde 
		continue;
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
	      if (enable_ibt
Packit Service 82fcde 
		  && enable_ibt_type != CET_ALWAYS_ON
Packit Service 82fcde 
		  && !(l->l_cet & lc_ibt))
Packit Service 82fcde 
		{
Packit Service 82fcde 
		  /* Remember the first and last legacy objects.  */
Packit Service 82fcde 
		  if (!need_legacy_bitmap)
Packit Service 82fcde 
		    last_legacy = i;
Packit Service 82fcde 
		  first_legacy = i;
Packit Service 82fcde 
		  need_legacy_bitmap = true;
Packit Service 82fcde 
		}
Packit Service 82fcde
Packit Service 82fcde 
	      /* SHSTK is enabled only if it is enabled in executable as
Packit Service 82fcde 
		 well as all shared objects.  */
Packit Service 82fcde 
	      enable_shstk &= (enable_shstk_type == CET_ALWAYS_ON
Packit Service 82fcde 
			       || (l->l_cet & lc_shstk) != 0);
Packit Service 82fcde 
	    }
Packit Service 82fcde
Packit Service 82fcde 
	  if (need_legacy_bitmap)
Packit Service 82fcde 
	    {
Packit Service 82fcde 
	      if (GL(dl_x86_legacy_bitmap)[0])
Packit Service 82fcde 
		{
Packit Service 82fcde 
		  /* Change legacy bitmap to writable.  */
Packit Service 82fcde 
		  if (__mprotect ((void *) GL(dl_x86_legacy_bitmap)[0],
Packit Service 82fcde 
				  GL(dl_x86_legacy_bitmap)[1],
Packit Service 82fcde 
				  PROT_READ | PROT_WRITE) < 0)
Packit Service 82fcde 
		    {
Packit Service 82fcde 
mprotect_failure:
Packit Service 82fcde 
		      if (program)
Packit Service 82fcde 
			_dl_fatal_printf ("%s: mprotect legacy bitmap failed\n",
Packit Service 82fcde 
					  l->l_name);
Packit Service 82fcde 
		      else
Packit Service 82fcde 
			_dl_signal_error (EINVAL, l->l_name, "dlopen",
Packit Service 82fcde 
					  N_("mprotect legacy bitmap failed"));
Packit Service 82fcde 
		    }
Packit Service 82fcde 
		}
Packit Service 82fcde 
	      else
Packit Service 82fcde 
		{
Packit Service 82fcde 
		  /* Allocate legacy bitmap.  */
Packit Service 82fcde 
		  int res = dl_cet_allocate_legacy_bitmap
Packit Service 82fcde 
		    (GL(dl_x86_legacy_bitmap));
Packit Service 82fcde 
		  if (res != 0)
Packit Service 82fcde 
		    {
Packit Service 82fcde 
		      if (program)
Packit Service 82fcde 
			_dl_fatal_printf ("%s: legacy bitmap isn't available\n",
Packit Service 82fcde 
					  l->l_name);
Packit Service 82fcde 
		      else
Packit Service 82fcde 
			_dl_signal_error (EINVAL, l->l_name, "dlopen",
Packit Service 82fcde 
					  N_("legacy bitmap isn't available"));
Packit Service 82fcde 
		    }
Packit Service 82fcde 
		}
Packit Service 82fcde
Packit Service 82fcde 
	      /* Put legacy shared objects in legacy bitmap.  */
Packit Service 82fcde 
	      for (i = first_legacy; i <= last_legacy; i++)
Packit Service 82fcde 
		{
Packit Service 82fcde 
		  l = m->l_initfini[i];
Packit Service 82fcde
Packit Service 82fcde 
		  if (l->l_init_called || (l->l_cet & lc_ibt))
Packit Service 82fcde 
		    continue;
Packit Service 82fcde
Packit Service 82fcde 
#ifdef SHARED
Packit Service 82fcde 
		  if (l == &GL(dl_rtld_map)
Packit Service 82fcde 
		      ||  l->l_real == &GL(dl_rtld_map)
Packit Service 82fcde 
		      || (program && l == m))
Packit Service 82fcde 
		    continue;
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
		  /* If IBT is enabled in executable and IBT isn't enabled
Packit Service 82fcde 
		     in this shard object, mark PT_LOAD segments with PF_X
Packit Service 82fcde 
		     in legacy code page bitmap.  */
Packit Service 82fcde 
		  res = dl_cet_mark_legacy_region (l);
Packit Service 82fcde 
		  if (res != 0)
Packit Service 82fcde 
		    {
Packit Service 82fcde 
		      if (program)
Packit Service 82fcde 
			_dl_fatal_printf ("%s: failed to mark legacy code region\n",
Packit Service 82fcde 
					  l->l_name);
Packit Service 82fcde 
		      else
Packit Service 82fcde 
			_dl_signal_error (-res, l->l_name, "dlopen",
Packit Service 82fcde 
					  N_("failed to mark legacy code region"));
Packit Service 82fcde 
		    }
Packit Service 82fcde 
		}
Packit Service 82fcde
Packit Service 82fcde 
	      /* Change legacy bitmap to read-only.  */
Packit Service 82fcde 
	      if (__mprotect ((void *) GL(dl_x86_legacy_bitmap)[0],
Packit Service 82fcde 
			      GL(dl_x86_legacy_bitmap)[1], PROT_READ) < 0)
Packit Service 82fcde 
		goto mprotect_failure;
Packit Service 82fcde 
	    }
Packit Service 82fcde 
	}
Packit Service 82fcde
Packit Service 82fcde 
      bool cet_feature_changed = false;
Packit Service 82fcde
Packit Service 82fcde 
      if (enable_ibt != ibt_enabled || enable_shstk != shstk_enabled)
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  if (!program
Packit Service 82fcde 
	      && enable_shstk_type != CET_PERMISSIVE)
Packit Service 82fcde 
	    {
Packit Service 82fcde 
	      /* When SHSTK is enabled, we can't dlopening a shared
Packit Service 82fcde 
		 object without SHSTK.  */
Packit Service 82fcde 
	      if (enable_shstk != shstk_enabled)
Packit Service 82fcde 
		_dl_signal_error (EINVAL, l->l_name, "dlopen",
Packit Service 82fcde 
				  N_("shadow stack isn't enabled"));
Packit Service 82fcde 
	      return;
Packit Service 82fcde 
	    }
Packit Service 82fcde
Packit Service 82fcde 
	  /* Disable IBT and/or SHSTK if they are enabled by kernel, but
Packit Service 82fcde 
	     disabled in executable or shared objects.  */
Packit Service 82fcde 
	  unsigned int cet_feature = 0;
Packit Service 82fcde
Packit Service 82fcde 
	  /* Disable IBT only during program startup.  */
Packit Service 82fcde 
	  if (program && !enable_ibt)
Packit Service 82fcde 
	    cet_feature |= GNU_PROPERTY_X86_FEATURE_1_IBT;
Packit Service 82fcde 
	  if (!enable_shstk)
Packit Service 82fcde 
	    cet_feature |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
Packit Service 82fcde
Packit Service 82fcde 
	  int res = dl_cet_disable_cet (cet_feature);
Packit Service 82fcde 
	  if (res != 0)
Packit Service 82fcde 
	    {
Packit Service 82fcde 
	      if (program)
Packit Service 82fcde 
		_dl_fatal_printf ("%s: can't disable CET\n", program);
Packit Service 82fcde 
	      else
Packit Service 82fcde 
		_dl_signal_error (-res, l->l_name, "dlopen",
Packit Service 82fcde 
				  N_("can't disable CET"));
Packit Service 82fcde 
	    }
Packit Service 82fcde
Packit Service 82fcde 
	  /* Clear the disabled bits in dl_x86_feature_1.  */
Packit Service 82fcde 
	  GL(dl_x86_feature_1)[0] &= ~cet_feature;
Packit Service 82fcde
Packit Service 82fcde 
	  cet_feature_changed = true;
Packit Service 82fcde 
	}
Packit Service 82fcde
Packit Service 82fcde 
#ifdef SHARED
Packit Service 82fcde 
      if (program
Packit Service 82fcde 
	  && (!shstk_enabled
Packit Service 82fcde 
	      || enable_shstk_type != CET_PERMISSIVE)
Packit Service 82fcde 
	  && (ibt_enabled || shstk_enabled))
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  /* Lock CET if IBT or SHSTK is enabled in executable.  Don't
Packit Service 82fcde 
	     lock CET if SHSTK is enabled permissively.  */
Packit Service 82fcde 
	  int res = dl_cet_lock_cet ();
Packit Service 82fcde 
	  if (res != 0)
Packit Service 82fcde 
	    _dl_fatal_printf ("%s: can't lock CET\n", program);
Packit Service 82fcde
Packit Service 82fcde 
	  cet_feature_changed = true;
Packit Service 82fcde 
	}
Packit Service 82fcde 
#endif
Packit Service 82fcde
Packit Service 82fcde 
      if (cet_feature_changed)
Packit Service 82fcde 
	{
Packit Service 82fcde 
	  unsigned int feature_1 = 0;
Packit Service 82fcde 
	  if (enable_ibt)
Packit Service 82fcde 
	    feature_1 |= GNU_PROPERTY_X86_FEATURE_1_IBT;
Packit Service 82fcde 
	  if (enable_shstk)
Packit Service 82fcde 
	    feature_1 |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
Packit Service 82fcde 
	  struct pthread *self = THREAD_SELF;
Packit Service 82fcde 
	  THREAD_SETMEM (self, header.feature_1, feature_1);
Packit Service 82fcde 
	}
Packit Service 82fcde 
    }
Packit Service 82fcde 
}
Packit Service 82fcde
Packit Service 82fcde 
void
Packit Service 82fcde 
_dl_cet_open_check (struct link_map *l)
Packit Service 82fcde 
{
Packit Service 82fcde 
  dl_cet_check (l, NULL);
Packit Service 82fcde 
}
Packit Service 82fcde
Packit Service 82fcde 
#ifdef SHARED
Packit Service 82fcde
Packit Service 82fcde 
# ifndef LINKAGE
Packit Service 82fcde 
#  define LINKAGE
Packit Service 82fcde 
# endif
Packit Service 82fcde
Packit Service 82fcde 
LINKAGE
Packit Service 82fcde 
void
Packit Service 82fcde 
_dl_cet_check (struct link_map *main_map, const char *program)
Packit Service 82fcde 
{
Packit Service 82fcde 
  dl_cet_check (main_map, program);
Packit Service 82fcde 
}
Packit Service 82fcde 
#endif /* SHARED */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation