x86/cet: Don't assume that SHSTK implies IBT

Since shadow stack (SHSTK) is enabled in the Linux kernel without enabling indirect branch tracking (IBT), don't assume that SHSTK implies IBT. Use "CPU_FEATURE_ACTIVE (IBT)" to check if IBT is active and "CPU_FEATURE_ACTIVE (SHSTK)" to check if SHSTK is active.
2025-03-06 20:58:33 +01:00 · 2023-12-16 08:53:12 -08:00 · 2023-12-16 08:53:12 -08:00 · 442983319b
commit 442983319b
parent 12ab77e893
3 changed files with 11 additions and 11 deletions
--- a/sysdeps/x86/Makefile
+++ b/sysdeps/x86/Makefile
@ -209,7 +209,6 @@ CFLAGS-tst-cet-legacy-mod-6a.c += -fcf-protection=branch
 CFLAGS-tst-cet-legacy-mod-6b.c += -fcf-protection
 CFLAGS-tst-cet-legacy-mod-6c.c += -fcf-protection
 CFLAGS-tst-cet-legacy-7.c += -fcf-protection=none
-CFLAGS-tst-cet-legacy-8.c += -mshstk
 CFLAGS-tst-cet-legacy-10.c += -mshstk
 CFLAGS-tst-cet-legacy-10-static.c += -mshstk

--- a/sysdeps/x86/tst-cet-legacy-10.c
+++ b/sysdeps/x86/tst-cet-legacy-10.c
@ -21,19 +21,19 @@
 #include <support/test-driver.h>
 #include <support/xunistd.h>

-/* Check that CPU_FEATURE_ACTIVE on IBT and SHSTK matches _get_ssp.  */
+/* Check that CPU_FEATURE_ACTIVE on SHSTK matches _get_ssp.  */

 static int
 do_test (void)
 {
  if (_get_ssp () != 0)
    {
-      if (CPU_FEATURE_ACTIVE (IBT) && CPU_FEATURE_ACTIVE (SHSTK))
+      if (CPU_FEATURE_ACTIVE (SHSTK))
 	return EXIT_SUCCESS;
    }
  else
    {
-      if (!CPU_FEATURE_ACTIVE (IBT) && !CPU_FEATURE_ACTIVE (SHSTK))
+      if (!CPU_FEATURE_ACTIVE (SHSTK))
 	return EXIT_SUCCESS;
    }

--- a/sysdeps/x86/tst-cet-legacy-8.c
+++ b/sysdeps/x86/tst-cet-legacy-8.c
@ -18,7 +18,7 @@

 #include <stdio.h>
 #include <stdlib.h>
-#include <x86intrin.h>
+#include <sys/platform/x86.h>
 #include <sys/mman.h>
 #include <support/test-driver.h>
 #include <support/xsignal.h>
@ -29,11 +29,6 @@
 static int
 do_test (void)
 {
-  /* NB: This test should trigger SIGSEGV on CET platforms.  If SHSTK
-     is disabled, assuming IBT is also disabled.  */
-  if (_get_ssp () == 0)
-    return EXIT_UNSUPPORTED;
-
  void (*funcp) (void);
  funcp = xmmap (NULL, 0x1000, PROT_EXEC | PROT_READ | PROT_WRITE,
 		 MAP_ANONYMOUS | MAP_PRIVATE, -1);
@ -41,8 +36,14 @@ do_test (void)
  /* Write RET instruction.  */
  *(char *) funcp = 0xc3;
  funcp ();
+
+  /* NB: This test should trigger SIGSEGV when IBT is active.  We should
+     reach here if IBT isn't active.  */
+  if (!CPU_FEATURE_ACTIVE (IBT))
+    return EXIT_UNSUPPORTED;
+
  return EXIT_FAILURE;
 }

-#define EXPECTED_SIGNAL (_get_ssp () == 0 ? 0 : SIGSEGV)
+#define EXPECTED_SIGNAL (CPU_FEATURE_ACTIVE (IBT) ? SIGSEGV : 0)
 #include <support/test-driver.c>