From b81ee54bc90521f10c2ea07f746859377653ec28 Mon Sep 17 00:00:00 2001 From: Szabolcs Nagy Date: Thu, 13 Jul 2023 07:22:44 +0100 Subject: [PATCH] aarch64: Enable GCS in static linked exe Use the ARCH_SETUP_TLS hook to enable GCS in the static linked case. The system call must be inlined and then GCS is enabled on a top level stack frame that does not return and has no exception handlers above it. Reviewed-by: Adhemerval Zanella --- sysdeps/unix/sysv/linux/aarch64/libc-start.h | 48 ++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 sysdeps/unix/sysv/linux/aarch64/libc-start.h diff --git a/sysdeps/unix/sysv/linux/aarch64/libc-start.h b/sysdeps/unix/sysv/linux/aarch64/libc-start.h new file mode 100644 index 0000000000..2ea61bf272 --- /dev/null +++ b/sysdeps/unix/sysv/linux/aarch64/libc-start.h @@ -0,0 +1,48 @@ +/* AArch64 definitions for libc main startup. + Copyright (C) 2024-2025 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#ifndef _LIBC_START_H +#define _LIBC_START_H + +#ifndef SHARED + +# ifndef PR_SET_SHADOW_STACK_STATUS +# define PR_SET_SHADOW_STACK_STATUS 75 +# define PR_SHADOW_STACK_ENABLE (1UL << 0) +# endif + +/* Must be on a top-level stack frame that does not return. */ +static inline void __attribute__((always_inline)) +aarch64_libc_setup_tls (void) +{ + __libc_setup_tls (); + if (GL(dl_aarch64_gcs) != 0) + { + int ret = INLINE_SYSCALL_CALL (prctl, PR_SET_SHADOW_STACK_STATUS, + PR_SHADOW_STACK_ENABLE, 0, 0, 0); + if (ret) + _dl_fatal_printf ("failed to enable GCS: %d\n", -ret); + } +} + +# define ARCH_SETUP_IREL() apply_irel () +# define ARCH_SETUP_TLS() aarch64_libc_setup_tls () +# define ARCH_APPLY_IREL() +#endif /* ! SHARED */ + +#endif /* _LIBC_START_H */