211 lines
5.1 KiB
Diff
211 lines
5.1 KiB
Diff
|
diff --git a/asm.m4 b/asm.m4
|
||
|
index 8da47201..59d64098 100644
|
||
|
--- a/asm.m4
|
||
|
+++ b/asm.m4
|
||
|
@@ -32,7 +32,7 @@ define(<GMP_NUMB_BITS>,<>)dnl
|
||
|
define(<PROLOGUE>,
|
||
|
<.globl C_NAME($1)
|
||
|
DECLARE_FUNC(C_NAME($1))
|
||
|
-C_NAME($1):>)
|
||
|
+C_NAME($1): ASM_X86_ENDBR>)
|
||
|
|
||
|
define(<EPILOGUE>,
|
||
|
<ifelse(ELF_STYLE,yes,
|
||
|
--- a/config.m4.in 2018-12-04 21:56:06.000000000 +0100
|
||
|
+++ b/config.m4.in 2020-05-15 11:25:42.350465132 +0200
|
||
|
@@ -7,6 +7,9 @@
|
||
|
define(<ALIGN_LOG>, <@ASM_ALIGN_LOG@>)dnl
|
||
|
define(<W64_ABI>, <@W64_ABI@>)dnl
|
||
|
define(<RODATA>, <@ASM_RODATA@>)dnl
|
||
|
+define(<ASM_X86_ENDBR>,<@ASM_X86_ENDBR@>)dnl
|
||
|
+define(<ASM_X86_MARK_CET_ALIGN>,<@ASM_X86_MARK_CET_ALIGN@>)dnl
|
||
|
divert(1)
|
||
|
+@ASM_X86_MARK_CET@
|
||
|
@ASM_MARK_NOEXEC_STACK@
|
||
|
divert
|
||
|
--- a/configure.ac 2018-12-04 21:56:06.000000000 +0100
|
||
|
+++ b/configure.ac 2020-05-15 11:46:39.152373137 +0200
|
||
|
@@ -787,6 +787,68 @@
|
||
|
ASM_ALIGN_LOG="$nettle_cv_asm_align_log"
|
||
|
fi
|
||
|
|
||
|
+dnl Define
|
||
|
+dnl 1. ASM_X86_ENDBR for endbr32/endbr64.
|
||
|
+dnl 2. ASM_X86_MARK_CET to add a .note.gnu.property section to mark
|
||
|
+dnl Intel CET support if needed.
|
||
|
+dnl 3. ASM_X86_MARK_CET_ALIGN to align ASM_X86_MARK_CET.
|
||
|
+AC_CACHE_CHECK([if Intel CET is enabled],
|
||
|
+ [nettle_cv_asm_x86_intel_cet],
|
||
|
+ [AC_TRY_COMPILE([
|
||
|
+#ifndef __CET__
|
||
|
+#error Intel CET is not enabled
|
||
|
+#endif
|
||
|
+ ], [],
|
||
|
+ [nettle_cv_asm_x86_intel_cet=yes],
|
||
|
+ [nettle_cv_asm_x86_intel_cet=no])])
|
||
|
+if test "$nettle_cv_asm_x86_intel_cet" = yes; then
|
||
|
+ case $ABI in
|
||
|
+ 32|standard)
|
||
|
+ ASM_X86_ENDBR=endbr32
|
||
|
+ ASM_X86_MARK_CET_ALIGN=2
|
||
|
+ ;;
|
||
|
+ 64)
|
||
|
+ ASM_X86_ENDBR=endbr64
|
||
|
+ ASM_X86_MARK_CET_ALIGN=3
|
||
|
+ ;;
|
||
|
+ x32)
|
||
|
+ ASM_X86_ENDBR=endbr64
|
||
|
+ ASM_X86_MARK_CET_ALIGN=2
|
||
|
+ ;;
|
||
|
+ esac
|
||
|
+ AC_CACHE_CHECK([if .note.gnu.property section is needed],
|
||
|
+ [nettle_cv_asm_x86_gnu_property],
|
||
|
+ [AC_TRY_COMPILE([
|
||
|
+#if !defined __ELF__ || !defined __CET__
|
||
|
+#error GNU property is not needed
|
||
|
+#endif
|
||
|
+ ], [],
|
||
|
+ [nettle_cv_asm_x86_gnu_property=yes],
|
||
|
+ [nettle_cv_asm_x86_gnu_property=no])])
|
||
|
+else
|
||
|
+ nettle_cv_asm_x86_gnu_property=no
|
||
|
+fi
|
||
|
+if test "$nettle_cv_asm_x86_gnu_property" = yes; then
|
||
|
+ ASM_X86_MARK_CET='
|
||
|
+ .pushsection ".note.gnu.property", "a"
|
||
|
+ .p2align ASM_X86_MARK_CET_ALIGN
|
||
|
+ .long 1f - 0f
|
||
|
+ .long 4f - 1f
|
||
|
+ .long 5
|
||
|
+0:
|
||
|
+ .asciz "GNU"
|
||
|
+1:
|
||
|
+ .p2align ASM_X86_MARK_CET_ALIGN
|
||
|
+ .long 0xc0000002
|
||
|
+ .long 3f - 2f
|
||
|
+2:
|
||
|
+ .long 3
|
||
|
+3:
|
||
|
+ .p2align ASM_X86_MARK_CET_ALIGN
|
||
|
+4:
|
||
|
+ .popsection'
|
||
|
+fi
|
||
|
+
|
||
|
AC_SUBST(ASM_SYMBOL_PREFIX)
|
||
|
AC_SUBST(ASM_ELF_STYLE)
|
||
|
AC_SUBST(ASM_COFF_STYLE)
|
||
|
@@ -796,6 +858,9 @@
|
||
|
AC_SUBST(ASM_ALIGN_LOG)
|
||
|
AC_SUBST(W64_ABI)
|
||
|
AC_SUBST(EMULATOR)
|
||
|
+AC_SUBST(ASM_X86_ENDBR)
|
||
|
+AC_SUBST(ASM_X86_MARK_CET)
|
||
|
+AC_SUBST(ASM_X86_MARK_CET_ALIGN)
|
||
|
|
||
|
AC_SUBST(LIBNETTLE_MAJOR)
|
||
|
AC_SUBST(LIBNETTLE_MINOR)
|
||
|
diff --git a/testsuite/.test-rules.make b/testsuite/.test-rules.make
|
||
|
index 922a2c7f..9de8f412 100644
|
||
|
--- a/testsuite/.test-rules.make
|
||
|
+++ b/testsuite/.test-rules.make
|
||
|
@@ -178,6 +178,9 @@ xts-test$(EXEEXT): xts-test.$(OBJEXT)
|
||
|
pbkdf2-test$(EXEEXT): pbkdf2-test.$(OBJEXT)
|
||
|
$(LINK) pbkdf2-test.$(OBJEXT) $(TEST_OBJS) -o pbkdf2-test$(EXEEXT)
|
||
|
|
||
|
+x86-ibt-test$(EXEEXT): x86-ibt-test.$(OBJEXT)
|
||
|
+ $(LINK) x86-ibt-test.$(OBJEXT) $(TEST_OBJS) -o x86-ibt-test$(EXEEXT)
|
||
|
+
|
||
|
sexp-test$(EXEEXT): sexp-test.$(OBJEXT)
|
||
|
$(LINK) sexp-test.$(OBJEXT) $(TEST_OBJS) -o sexp-test$(EXEEXT)
|
||
|
|
||
|
--- a/testsuite/Makefile.in 2018-12-04 21:56:06.000000000 +0100
|
||
|
+++ b/testsuite/Makefile.in 2020-05-15 11:21:15.673321598 +0200
|
||
|
@@ -31,7 +31,8 @@
|
||
|
hmac-test.c umac-test.c \
|
||
|
meta-hash-test.c meta-cipher-test.c\
|
||
|
meta-aead-test.c meta-armor-test.c \
|
||
|
- buffer-test.c yarrow-test.c pbkdf2-test.c
|
||
|
+ buffer-test.c yarrow-test.c pbkdf2-test.c \
|
||
|
+ x86-ibt-test.c
|
||
|
|
||
|
TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
|
||
|
rsa2sexp-test.c sexp2rsa-test.c \
|
||
|
diff --git a/testsuite/x86-ibt-test.c b/testsuite/x86-ibt-test.c
|
||
|
new file mode 100644
|
||
|
index 00000000..1f3d1d67
|
||
|
--- /dev/null
|
||
|
+++ b/testsuite/x86-ibt-test.c
|
||
|
@@ -0,0 +1,69 @@
|
||
|
+#include "testutils.h"
|
||
|
+#if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) \
|
||
|
+ && defined(__CET__) && defined(__linux__)
|
||
|
+#include <signal.h>
|
||
|
+
|
||
|
+static void
|
||
|
+segfault_handler(int signo)
|
||
|
+{
|
||
|
+ exit(0);
|
||
|
+}
|
||
|
+
|
||
|
+static void
|
||
|
+ibt_violation(void)
|
||
|
+{
|
||
|
+#ifdef __i386__
|
||
|
+ unsigned int reg;
|
||
|
+ asm volatile("lea 1f, %0\n\t"
|
||
|
+ "jmp *%0\n"
|
||
|
+ "1:" : "=r" (reg));
|
||
|
+#else
|
||
|
+ unsigned long long reg;
|
||
|
+ asm volatile("lea 1f(%%rip), %0\n\t"
|
||
|
+ "jmp *%0\n"
|
||
|
+ "1:" : "=r" (reg));
|
||
|
+#endif
|
||
|
+}
|
||
|
+
|
||
|
+#ifdef __i386__
|
||
|
+static unsigned int
|
||
|
+_get_ssp(void)
|
||
|
+{
|
||
|
+ unsigned int ssp;
|
||
|
+ asm volatile("xor %0, %0\n\trdsspd %0" : "=r" (ssp));
|
||
|
+ return ssp;
|
||
|
+}
|
||
|
+#else
|
||
|
+static unsigned long long
|
||
|
+_get_ssp(void)
|
||
|
+{
|
||
|
+ unsigned long long ssp;
|
||
|
+ asm volatile("xor %0, %0\n\trdsspq %0" : "=r" (ssp));
|
||
|
+ return ssp;
|
||
|
+}
|
||
|
+#endif
|
||
|
+
|
||
|
+void
|
||
|
+test_main(void)
|
||
|
+{
|
||
|
+ /* NB: This test should trigger SIGSEGV on CET platforms. _get_ssp
|
||
|
+ returns the address of shadow stack pointer. If the address of
|
||
|
+ shadow stack pointer is 0, SHSTK is disabled and we assume that
|
||
|
+ IBT is also disabled. */
|
||
|
+ if (_get_ssp() == 0)
|
||
|
+ {
|
||
|
+ ibt_violation();
|
||
|
+ SKIP();
|
||
|
+ }
|
||
|
+
|
||
|
+ signal(SIGSEGV, segfault_handler);
|
||
|
+ ibt_violation();
|
||
|
+ FAIL();
|
||
|
+}
|
||
|
+#else
|
||
|
+void
|
||
|
+test_main(void)
|
||
|
+{
|
||
|
+ SKIP();
|
||
|
+}
|
||
|
+#endif
|
||
|
--
|
||
|
2.25.4
|
||
|
|