forked from rpms/glibc
144f612406
Downstream only and disabled by default.
210 lines
7.5 KiB
Diff
210 lines
7.5 KiB
Diff
From 2db487201909cf8fc1216e0b41e5bdd0d6677460 Mon Sep 17 00:00:00 2001
|
|
From: "H.J. Lu" <hjl.tools@gmail.com>
|
|
Date: Tue, 21 Mar 2023 12:53:24 -0700
|
|
Subject: [PATCH v2 04/15] x86/cet: Check legacy shadow stack applications
|
|
|
|
Add tests to verify that legacy shadow stack applications run properly
|
|
when shadow stack is enabled in Linux kernel.
|
|
---
|
|
sysdeps/x86/Makefile | 23 ++++++++++++++
|
|
sysdeps/x86/tst-shstk-legacy-1-extra.S | 35 ++++++++++++++++++++++
|
|
sysdeps/x86/tst-shstk-legacy-1a-static.c | 1 +
|
|
sysdeps/x86/tst-shstk-legacy-1a.c | 32 ++++++++++++++++++++
|
|
sysdeps/x86/tst-shstk-legacy-1b-static.c | 1 +
|
|
sysdeps/x86/tst-shstk-legacy-1b.c | 38 ++++++++++++++++++++++++
|
|
6 files changed, 130 insertions(+)
|
|
create mode 100644 sysdeps/x86/tst-shstk-legacy-1-extra.S
|
|
create mode 100644 sysdeps/x86/tst-shstk-legacy-1a-static.c
|
|
create mode 100644 sysdeps/x86/tst-shstk-legacy-1a.c
|
|
create mode 100644 sysdeps/x86/tst-shstk-legacy-1b-static.c
|
|
create mode 100644 sysdeps/x86/tst-shstk-legacy-1b.c
|
|
|
|
diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
|
|
index ea45aad34c..dea14e343c 100644
|
|
--- a/sysdeps/x86/Makefile
|
|
+++ b/sysdeps/x86/Makefile
|
|
@@ -129,6 +129,21 @@ tests += tst-cet-legacy-1 tst-cet-legacy-1a tst-cet-legacy-2 \
|
|
tst-cet-legacy-10 tst-cet-legacy-10-static
|
|
tests-static += tst-cet-legacy-9-static tst-cet-legacy-10-static
|
|
tst-cet-legacy-1a-ARGS = -- $(host-test-program-cmd)
|
|
+
|
|
+tests += \
|
|
+ tst-shstk-legacy-1a \
|
|
+ tst-shstk-legacy-1a-static \
|
|
+ tst-shstk-legacy-1b \
|
|
+ tst-shstk-legacy-1b-static \
|
|
+# tests
|
|
+tests-static += \
|
|
+ tst-shstk-legacy-1a-static \
|
|
+ tst-shstk-legacy-1b-static \
|
|
+# tests-static
|
|
+extra-objs += \
|
|
+ tst-shstk-legacy-1-extra.o \
|
|
+# extra-objs
|
|
+
|
|
tests += tst-cet-legacy-4a tst-cet-legacy-4b tst-cet-legacy-4c \
|
|
tst-cet-legacy-5b tst-cet-legacy-6b
|
|
modules-names += tst-cet-legacy-mod-1 tst-cet-legacy-mod-2 \
|
|
@@ -168,6 +183,9 @@ CFLAGS-tst-cet-legacy-7.c += -fcf-protection=none
|
|
CFLAGS-tst-cet-legacy-10.c += -mshstk
|
|
CFLAGS-tst-cet-legacy-10-static.c += -mshstk
|
|
|
|
+CFLAGS-tst-shstk-legacy-1a.c += -fcf-protection=none
|
|
+CFLAGS-tst-shstk-legacy-1a-static.c += -fcf-protection=none
|
|
+
|
|
$(objpfx)tst-cet-legacy-1: $(objpfx)tst-cet-legacy-mod-1.so \
|
|
$(objpfx)tst-cet-legacy-mod-2.so
|
|
$(objpfx)tst-cet-legacy-1a: $(objpfx)tst-cet-legacy-mod-1.so \
|
|
@@ -200,6 +218,11 @@ $(objpfx)tst-cet-legacy-6b.out: $(objpfx)tst-cet-legacy-mod-6a.so \
|
|
tst-cet-legacy-6b-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
|
|
tst-cet-legacy-9-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
|
|
tst-cet-legacy-9-static-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-IBT,-SHSTK
|
|
+
|
|
+$(objpfx)tst-shstk-legacy-1a: $(objpfx)tst-shstk-legacy-1-extra.o
|
|
+$(objpfx)tst-shstk-legacy-1a-static: $(objpfx)tst-shstk-legacy-1-extra.o
|
|
+$(objpfx)tst-shstk-legacy-1b: $(objpfx)tst-shstk-legacy-1-extra.o
|
|
+$(objpfx)tst-shstk-legacy-1b-static: $(objpfx)tst-shstk-legacy-1-extra.o
|
|
endif
|
|
|
|
# Add -fcf-protection to CFLAGS when CET is enabled.
|
|
diff --git a/sysdeps/x86/tst-shstk-legacy-1-extra.S b/sysdeps/x86/tst-shstk-legacy-1-extra.S
|
|
new file mode 100644
|
|
index 0000000000..f3adb9f639
|
|
--- /dev/null
|
|
+++ b/sysdeps/x86/tst-shstk-legacy-1-extra.S
|
|
@@ -0,0 +1,35 @@
|
|
+/* Legacy shadow stack code.
|
|
+ Copyright (C) 2023 Free Software Foundation, Inc.
|
|
+ This file is part of the GNU C Library.
|
|
+
|
|
+ The GNU C Library is free software; you can redistribute it and/or
|
|
+ modify it under the terms of the GNU Lesser General Public
|
|
+ License as published by the Free Software Foundation; either
|
|
+ version 2.1 of the License, or (at your option) any later version.
|
|
+
|
|
+ The GNU C Library is distributed in the hope that it will be useful,
|
|
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
+ Lesser General Public License for more details.
|
|
+
|
|
+ You should have received a copy of the GNU Lesser General Public
|
|
+ License along with the GNU C Library; if not, see
|
|
+ <https://www.gnu.org/licenses/>. */
|
|
+
|
|
+ .text
|
|
+ .globl legacy
|
|
+ .type legacy, @function
|
|
+legacy:
|
|
+ .cfi_startproc
|
|
+#ifdef __x86_64__
|
|
+ movq (%rsp), %rax
|
|
+ addq $8, %rsp
|
|
+ jmp *%rax
|
|
+#else
|
|
+ movl (%esp), %eax
|
|
+ addl $4, %esp
|
|
+ jmp *%eax
|
|
+#endif
|
|
+ .cfi_endproc
|
|
+ .size legacy, .-legacy
|
|
+ .section .note.GNU-stack,"",@progbits
|
|
diff --git a/sysdeps/x86/tst-shstk-legacy-1a-static.c b/sysdeps/x86/tst-shstk-legacy-1a-static.c
|
|
new file mode 100644
|
|
index 0000000000..dd549890a0
|
|
--- /dev/null
|
|
+++ b/sysdeps/x86/tst-shstk-legacy-1a-static.c
|
|
@@ -0,0 +1 @@
|
|
+#include "tst-shstk-legacy-1a.c"
|
|
diff --git a/sysdeps/x86/tst-shstk-legacy-1a.c b/sysdeps/x86/tst-shstk-legacy-1a.c
|
|
new file mode 100644
|
|
index 0000000000..c6f5810838
|
|
--- /dev/null
|
|
+++ b/sysdeps/x86/tst-shstk-legacy-1a.c
|
|
@@ -0,0 +1,32 @@
|
|
+/* Check that legacy shadow stack code won't trigger segfault.
|
|
+ Copyright (C) 2023 Free Software Foundation, Inc.
|
|
+ This file is part of the GNU C Library.
|
|
+
|
|
+ The GNU C Library is free software; you can redistribute it and/or
|
|
+ modify it under the terms of the GNU Lesser General Public
|
|
+ License as published by the Free Software Foundation; either
|
|
+ version 2.1 of the License, or (at your option) any later version.
|
|
+
|
|
+ The GNU C Library is distributed in the hope that it will be useful,
|
|
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
+ Lesser General Public License for more details.
|
|
+
|
|
+ You should have received a copy of the GNU Lesser General Public
|
|
+ License along with the GNU C Library; if not, see
|
|
+ <https://www.gnu.org/licenses/>. */
|
|
+
|
|
+#include <stdlib.h>
|
|
+#include <support/test-driver.h>
|
|
+
|
|
+/* Check that legacy shadow stack code won't trigger segfault. */
|
|
+extern void legacy (void);
|
|
+
|
|
+static int
|
|
+do_test (void)
|
|
+{
|
|
+ legacy ();
|
|
+ return EXIT_SUCCESS;
|
|
+}
|
|
+
|
|
+#include <support/test-driver.c>
|
|
diff --git a/sysdeps/x86/tst-shstk-legacy-1b-static.c b/sysdeps/x86/tst-shstk-legacy-1b-static.c
|
|
new file mode 100644
|
|
index 0000000000..4945344675
|
|
--- /dev/null
|
|
+++ b/sysdeps/x86/tst-shstk-legacy-1b-static.c
|
|
@@ -0,0 +1 @@
|
|
+#include "tst-shstk-legacy-1b.c"
|
|
diff --git a/sysdeps/x86/tst-shstk-legacy-1b.c b/sysdeps/x86/tst-shstk-legacy-1b.c
|
|
new file mode 100644
|
|
index 0000000000..05231e60ae
|
|
--- /dev/null
|
|
+++ b/sysdeps/x86/tst-shstk-legacy-1b.c
|
|
@@ -0,0 +1,38 @@
|
|
+/* Check that legacy shadow stack code will trigger segfault.
|
|
+ Copyright (C) 2023 Free Software Foundation, Inc.
|
|
+ This file is part of the GNU C Library.
|
|
+
|
|
+ The GNU C Library is free software; you can redistribute it and/or
|
|
+ modify it under the terms of the GNU Lesser General Public
|
|
+ License as published by the Free Software Foundation; either
|
|
+ version 2.1 of the License, or (at your option) any later version.
|
|
+
|
|
+ The GNU C Library is distributed in the hope that it will be useful,
|
|
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
+ Lesser General Public License for more details.
|
|
+
|
|
+ You should have received a copy of the GNU Lesser General Public
|
|
+ License along with the GNU C Library; if not, see
|
|
+ <https://www.gnu.org/licenses/>. */
|
|
+
|
|
+#include <stdlib.h>
|
|
+#include <sys/platform/x86.h>
|
|
+#include <support/test-driver.h>
|
|
+#include <support/xsignal.h>
|
|
+
|
|
+/* Check that legacy shadow stack code will trigger segfault. */
|
|
+extern void legacy (void);
|
|
+
|
|
+static int
|
|
+do_test (void)
|
|
+{
|
|
+ if (!CPU_FEATURE_ACTIVE (SHSTK))
|
|
+ return EXIT_UNSUPPORTED;
|
|
+
|
|
+ legacy ();
|
|
+ return EXIT_FAILURE;
|
|
+}
|
|
+
|
|
+#define EXPECTED_SIGNAL (CPU_FEATURE_ACTIVE (SHSTK) ? SIGSEGV : 0)
|
|
+#include <support/test-driver.c>
|
|
--
|
|
2.40.1
|
|
|