niansa-misc/glibc
1
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-03-06 20:58:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

x86/cet: Check legacy shadow stack code in .init_array section

Browse source 
Verify that legacy shadow stack code in .init_array section in application
and shared library, which are marked as shadow stack enabled, will trigger
segfault.
This commit is contained in:
H.J. Lu 2023-03-22 13:34:55 -07:00
parent 9424ce80c2
commit 28bd6f832d
11 changed files with 330 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
sysdeps/x86/Makefile
View file

@ -173,11 +173,22 @@ tests += \
tst-shstk-legacy-1b-static \ tst-shstk-legacy-1b-static \
tst-shstk-legacy-1c \ tst-shstk-legacy-1c \
tst-shstk-legacy-1c-static \ tst-shstk-legacy-1c-static \
tst-shstk-legacy-1d \
tst-shstk-legacy-1d-static \
tst-shstk-legacy-1e \
tst-shstk-legacy-1e-static \
tst-shstk-legacy-1f \
tst-shstk-legacy-1g \
# tests # tests
modules-names += \
tst-shstk-legacy-mod-1 \
# modules-names
tests-static += \ tests-static += \
tst-shstk-legacy-1a-static \ tst-shstk-legacy-1a-static \
tst-shstk-legacy-1b-static \ tst-shstk-legacy-1b-static \
tst-shstk-legacy-1c-static \ tst-shstk-legacy-1c-static \
tst-shstk-legacy-1d-static \
tst-shstk-legacy-1e-static \
# tests-static # tests-static
extra-objs += \ extra-objs += \
tst-shstk-legacy-1-extra.o \ tst-shstk-legacy-1-extra.o \
@ -237,6 +248,9 @@ CFLAGS-tst-cet-legacy-10a-static.c += -fcf-protection=none
CFLAGS-tst-shstk-legacy-1a.c += -fcf-protection=none CFLAGS-tst-shstk-legacy-1a.c += -fcf-protection=none
CFLAGS-tst-shstk-legacy-1a-static.c += -fcf-protection=none CFLAGS-tst-shstk-legacy-1a-static.c += -fcf-protection=none
CFLAGS-tst-shstk-legacy-1d.c += -fcf-protection=none
CFLAGS-tst-shstk-legacy-1d-static.c += -fcf-protection=none
CFLAGS-tst-shstk-legacy-1f.c += -fcf-protection=none
$(objpfx)tst-cet-legacy-1: $(objpfx)tst-cet-legacy-mod-1.so \ $(objpfx)tst-cet-legacy-1: $(objpfx)tst-cet-legacy-mod-1.so \
$(objpfx)tst-cet-legacy-mod-2.so $(objpfx)tst-cet-legacy-mod-2.so
@ -279,6 +293,28 @@ tst-shstk-legacy-1c-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-SHSTK
tst-shstk-legacy-1c-static-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-SHSTK tst-shstk-legacy-1c-static-ENV = GLIBC_TUNABLES=glibc.cpu.hwcaps=-SHSTK
$(objpfx)tst-shstk-legacy-1c: $(objpfx)tst-shstk-legacy-1-extra.o $(objpfx)tst-shstk-legacy-1c: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1c-static: $(objpfx)tst-shstk-legacy-1-extra.o $(objpfx)tst-shstk-legacy-1c-static: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1d: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1d-static: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1e: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1e-static: $(objpfx)tst-shstk-legacy-1-extra.o
$(objpfx)tst-shstk-legacy-1e.out: \
$(..)/sysdeps/x86/tst-shstk-legacy-1e.sh $(objpfx)tst-shstk-legacy-1e
$(SHELL) $< $(common-objpfx) '$(test-program-prefix)' 2> $@; \
$(evaluate-test)
$(objpfx)tst-shstk-legacy-1e-static.out: \
$(..)/sysdeps/x86/tst-shstk-legacy-1e-static.sh \
$(objpfx)tst-shstk-legacy-1e-static
$(SHELL) $< $(common-objpfx) 2> $@; \
$(evaluate-test)
$(objpfx)tst-shstk-legacy-1f: $(objpfx)tst-shstk-legacy-mod-1.so
$(objpfx)tst-shstk-legacy-mod-1.so: \
$(objpfx)tst-shstk-legacy-mod-1.os \
$(objpfx)tst-shstk-legacy-1-extra.os
$(objpfx)tst-shstk-legacy-1g: $(objpfx)tst-shstk-legacy-mod-1.so
$(objpfx)tst-shstk-legacy-1g.out: \
$(..)/sysdeps/x86/tst-shstk-legacy-1g.sh $(objpfx)tst-shstk-legacy-1g
$(SHELL) $< $(common-objpfx) '$(test-program-prefix)' 2> $@; \
$(evaluate-test)
endif endif
# Add -fcf-protection to CFLAGS when CET is enabled. # Add -fcf-protection to CFLAGS when CET is enabled.

1
sysdeps/x86/tst-shstk-legacy-1d-static.c Normal file
View file

@ -0,0 +1 @@
#include "tst-shstk-legacy-1d.c"

47
sysdeps/x86/tst-shstk-legacy-1d.c Normal file
View file

@ -0,0 +1,47 @@
/* Check that legacy shadow stack code in init_array won't trigger
segfault.
Copyright (C) 2023 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <support/test-driver.h>
/* Check that legacy shadow stack code in init_array won't trigger
segfault. */
extern void legacy (void);
int done;
void
legacy_1 (void)
{
legacy ();
done = 1;
}
void (*init_array []) (void)
__attribute__ ((section (".init_array"), aligned (sizeof (void *)))) =
{
&legacy_1
};
static int
do_test (void)
{
return EXIT_SUCCESS;
}
#include <support/test-driver.c>

1
sysdeps/x86/tst-shstk-legacy-1e-static.c Normal file
View file

@ -0,0 +1 @@
#include "tst-shstk-legacy-1e.c"

32
sysdeps/x86/tst-shstk-legacy-1e-static.sh Executable file
View file

@ -0,0 +1,32 @@
#!/bin/sh
# Check that legacy shadow stack code in init_array will trigger
# segfault.
# Copyright (C) 2023 Free Software Foundation, Inc.
# This file is part of the GNU C Library.
# The GNU C Library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
# The GNU C Library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
# License along with the GNU C Library; if not, see
# <https://www.gnu.org/licenses/>.
common_objpfx=$1; shift
${common_objpfx}elf/tst-shstk-legacy-1e-static
# The exit status should only be unsupported (77) or segfault (139).
status=$?
if test $status -eq 77; then
exit 77
elif test $status == 139; then
exit 0
else
exit 1
fi

53
sysdeps/x86/tst-shstk-legacy-1e.c Normal file
View file

@ -0,0 +1,53 @@
/* Check that legacy shadow stack code in init_array will trigger
segfault.
Copyright (C) 2023 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <sys/platform/x86.h>
#include <support/test-driver.h>
#include <support/xsignal.h>
/* Check that legacy shadow stack code in init_array will trigger
segfault. */
extern void legacy (void);
int done;
void
legacy_1 (void)
{
legacy ();
done = 1;
}
void (*init_array []) (void)
__attribute__ ((section (".init_array"), aligned (sizeof (void *)))) =
{
&legacy_1
};
static int
do_test (void)
{
if (!CPU_FEATURE_ACTIVE (SHSTK))
return EXIT_UNSUPPORTED;
return EXIT_FAILURE;
}
#define EXPECTED_SIGNAL (CPU_FEATURE_ACTIVE (SHSTK) ? SIGSEGV : 0)
#include <support/test-driver.c>

34
sysdeps/x86/tst-shstk-legacy-1e.sh Executable file
View file

@ -0,0 +1,34 @@
#!/bin/sh
# Check that legacy shadow stack code in init_array will trigger
# segfault.
# Copyright (C) 2023 Free Software Foundation, Inc.
# This file is part of the GNU C Library.
# The GNU C Library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
# The GNU C Library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
# License along with the GNU C Library; if not, see
# <https://www.gnu.org/licenses/>.
common_objpfx=$1; shift
test_program_prefix=$1; shift
${test_program_prefix} \
${common_objpfx}elf/tst-shstk-legacy-1e
# The exit status should only be unsupported (77) or segfault (139).
status=$?
if test $status -eq 77; then
exit 77
elif test $status == 139; then
exit 0
else
exit 1
fi

29
sysdeps/x86/tst-shstk-legacy-1f.c Normal file
View file

@ -0,0 +1,29 @@
/* Check that legacy shadow stack code in init_array won't trigger
segfault.
Copyright (C) 2023 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <support/test-driver.h>
static int
do_test (void)
{
return EXIT_SUCCESS;
}
#include <support/test-driver.c>

35
sysdeps/x86/tst-shstk-legacy-1g.c Normal file
View file

@ -0,0 +1,35 @@
/* Check that legacy shadow stack code in init_array will trigger
segfault.
Copyright (C) 2023 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <stdlib.h>
#include <sys/platform/x86.h>
#include <support/test-driver.h>
#include <support/xsignal.h>
static int
do_test (void)
{
if (!CPU_FEATURE_ACTIVE (SHSTK))
return EXIT_UNSUPPORTED;
return EXIT_FAILURE;
}
#define EXPECTED_SIGNAL (CPU_FEATURE_ACTIVE (SHSTK) ? SIGSEGV : 0)
#include <support/test-driver.c>

34
sysdeps/x86/tst-shstk-legacy-1g.sh Executable file
View file

@ -0,0 +1,34 @@
#!/bin/sh
# Check that legacy shadow stack code in init_array will trigger
# segfault.
# Copyright (C) 2023 Free Software Foundation, Inc.
# This file is part of the GNU C Library.
# The GNU C Library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
# The GNU C Library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
# License along with the GNU C Library; if not, see
# <https://www.gnu.org/licenses/>.
common_objpfx=$1; shift
test_program_prefix=$1; shift
${test_program_prefix} \
${common_objpfx}elf/tst-shstk-legacy-1g
# The exit status should only be unsupported (77) or segfault (139).
status=$?
if test $status -eq 77; then
exit 77
elif test $status == 139; then
exit 0
else
exit 1
fi

28
sysdeps/x86/tst-shstk-legacy-mod-1.c Normal file
View file

@ -0,0 +1,28 @@
/* Check legacy shadow stack code in init_array.
Copyright (C) 2023 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <stdlib.h>
/* Check legacy shadow stack code in init_array. */
extern void legacy (void) __attribute__ ((visibility ("hidden")));
void (*init_array []) (void)
__attribute__ ((section (".init_array"), aligned (sizeof (void *)))) =
{
&legacy
};