From patchwork Wed Dec 20 14:56:59 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "H.J. Lu" <hjl.tools@gmail.com>
X-Patchwork-Id: 1878564
Return-Path: <libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20230601 header.b=A3pNry4V;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org
 (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org;
 envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org;
 receiver=patchwork.ozlabs.org)
Received: from server2.sourceware.org (server2.sourceware.org
 [IPv6:2620:52:3:1:0:246e:9693:128c])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4SwGqw427Lz20LT
	for <incoming@patchwork.ozlabs.org>; Thu, 21 Dec 2023 01:57:16 +1100 (AEDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 24D423861821
	for <incoming@patchwork.ozlabs.org>; Wed, 20 Dec 2023 14:57:14 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pf1-x429.google.com (mail-pf1-x429.google.com
 [IPv6:2607:f8b0:4864:20::429])
 by sourceware.org (Postfix) with ESMTPS id 4BBE53858D20
 for <libc-alpha@sourceware.org>; Wed, 20 Dec 2023 14:57:04 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4BBE53858D20
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 4BBE53858D20
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::429
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703084225; cv=none;
 b=sZ7nvaU/ql3/4YlQ/dVAz0n0LhRMOYul9wLfg/4siUajv1CJjCud55/3iXcSE0yZjzUSSd/UFo8c5lWftVHrnbB8DL0Q8bVIuCLasGwncrnAbJUDm/fjs2Z1f6P4JJ+GuamlRSJnCcLUxbNjctZ71DA0D4362EI8cWBnYbWUbJ0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1703084225; c=relaxed/simple;
 bh=TbbKXol4dplac/fN2Lhtbgcm6bquwYuTPcEpG6ZOLDk=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=Ms8f4aIQV74NzSq9b54E++Br176falHfPZtwazN96qyWLgwuDZisYRYKTyg7NSnEjAfQF20wQS8tCQbDIVasPn+OBAWliHI8BAB98s8Y+PO7Sj3/qq/ywJU+V8kdfXOuJJs4eGbTdKl/AeHwLnZ/h15arMy8LvPxtTLhd3LjYUU=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pf1-x429.google.com with SMTP id
 d2e1a72fcca58-6d2350636d6so4981785b3a.2
 for <libc-alpha@sourceware.org>; Wed, 20 Dec 2023 06:57:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1703084223; x=1703689023; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=ANRVNjPijP3Z9eM3L0G9RkyDQHQgPqv1CKkr0Ocdpjs=;
 b=A3pNry4Vl1h5EtQtQF99VCGuH6KnRH7B6RPAA3EmW9RdVt93GbMsKV0ahEp9O0q4tO
 LTbfu7fl2bctHaEkFNaWQrkZo5l8umJOhgRY5iT5vSbf5asbbVFiO23bWmNV3wYO5M9I
 p2PYbQzJVKpzPMXxcKVzU+po+OJR+PYkdWinw80A1pCYnkyrSQntTjTipIdVC/cZOgXM
 ty4w49MZ/WtBT5b6FmuwrQLZXRdmrYYBxE0v/14Z0zLqxMGBMFOcnQMotJBE+pEIe473
 SszJZUyMfootdfI+uO5ENMChdCVN/1FNjl6OM2YIAl6NWqyWY/d4rs17bg20/D9y8bNE
 hs1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1703084223; x=1703689023;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=ANRVNjPijP3Z9eM3L0G9RkyDQHQgPqv1CKkr0Ocdpjs=;
 b=OSAPKD3Mt7LDmgd326hKAeq3iPYuuRMCFwaiU8h6h0WhufHXVln5fgL9NazgrCPSGP
 2HY271utprX0lsvWi621Uqcmvji6M+XRiaFV44kP9nwgjjsmnvJYOHTZfaZLjXCYjvyI
 35bXLICXZwNvR048EorKsE77SsBvkxMItBMTdDGvRqOS0N7cY6HErHdpHlqmsmtJp5Va
 tImv1tRVZl6Vo6FWPBbYCfh5Zef8IoK92z+1f2uEI0ubJXsvZoXOsxoqnQm31XNGRvh8
 El+DA0lxwrbi0B9nGnEwXfr43Tyqbra9YwTRxeTmvg6U0Hd8HCAVSgSUOFcHyIFrXLaV
 cwfg==
X-Gm-Message-State: AOJu0Yxl/Vjlk+Tj6QMm49uQ5iIEdAc28qI4TMbSQ2IyQtJOemp4HgKQ
 wabf9UB9yY0B3hHb0xBjal+Hc5GwMkg=
X-Google-Smtp-Source: 
 AGHT+IHLQu8qRD8wyeKYdaqWW5Qf7mV1iQh9yLELWmX/YIuMFBCDlrcniDlzHFU8Q5yblm06y1UcjQ==
X-Received: by 2002:a05:6a00:1245:b0:6d9:6081:600f with SMTP id
 u5-20020a056a00124500b006d96081600fmr708435pfi.35.1703084223169;
 Wed, 20 Dec 2023 06:57:03 -0800 (PST)
Received: from gnu-cfl-3.localdomain ([172.59.129.147])
 by smtp.gmail.com with ESMTPSA id
 x13-20020aa7918d000000b006d93ca7f8f3sm2703493pfa.150.2023.12.20.06.57.02
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 20 Dec 2023 06:57:02 -0800 (PST)
Received: from gnu-cfl-3.. (localhost [IPv6:::1])
 by gnu-cfl-3.localdomain (Postfix) with ESMTP id 9E7F574063A;
 Wed, 20 Dec 2023 06:57:01 -0800 (PST)
From: "H.J. Lu" <hjl.tools@gmail.com>
To: libc-alpha@sourceware.org
Cc: rick.p.edgecombe@intel.com,
	goldstein.w.n@gmail.com
Subject: [PATCH v4 4/6] x86/cet: Check feature_1 in TCB for active IBT and
 SHSTK
Date: Wed, 20 Dec 2023 06:56:59 -0800
Message-ID: <20231220145701.740912-5-hjl.tools@gmail.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20231220145701.740912-1-hjl.tools@gmail.com>
References: <20231220145701.740912-1-hjl.tools@gmail.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-3024.7 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org

Initially, IBT and SHSTK are marked as active when CPU supports them
and CET are enabled in glibc.  They can be disabled early by tunables
before relocation.  Since after relocation, GLRO(dl_x86_cpu_features)
becomes read-only, we can't update GLRO(dl_x86_cpu_features) to mark
IBT and SHSTK as inactive.  Instead, check the feature_1 field in TCB
to decide if IBT and SHST are active.
---
 sysdeps/x86/bits/platform/x86.h      |  8 ++++++++
 sysdeps/x86/get-cpuid-feature-leaf.c | 11 ++++++++++-
 sysdeps/x86/sys/platform/x86.h       | 17 +++++++++++++++++
 3 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/sysdeps/x86/bits/platform/x86.h b/sysdeps/x86/bits/platform/x86.h
index 1e23d53ba2..1575ae53fb 100644
--- a/sysdeps/x86/bits/platform/x86.h
+++ b/sysdeps/x86/bits/platform/x86.h
@@ -337,3 +337,11 @@ enum
   x86_cpu_AVX10_YMM = x86_cpu_index_24_ecx_0_ebx + 17,
   x86_cpu_AVX10_ZMM = x86_cpu_index_24_ecx_0_ebx + 18,
 };
+
+/* Bits in the feature_1 field in TCB.  */
+
+enum
+{
+  x86_feature_1_ibt		= 1U << 0,
+  x86_feature_1_shstk		= 1U << 1
+};
diff --git a/sysdeps/x86/get-cpuid-feature-leaf.c b/sysdeps/x86/get-cpuid-feature-leaf.c
index 9317a6b494..f69936b31e 100644
--- a/sysdeps/x86/get-cpuid-feature-leaf.c
+++ b/sysdeps/x86/get-cpuid-feature-leaf.c
@@ -15,9 +15,18 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-
+#include <assert.h>
+#include <tcb-offsets.h>
 #include <ldsodefs.h>
 
+#ifdef __x86_64__
+# ifdef __LP64__
+_Static_assert (FEATURE_1_OFFSET == 72, "FEATURE_1_OFFSET != 72");
+# else
+_Static_assert (FEATURE_1_OFFSET == 40, "FEATURE_1_OFFSET != 40");
+# endif
+#endif
+
 const struct cpuid_feature *
 __x86_get_cpuid_feature_leaf (unsigned int leaf)
 {
diff --git a/sysdeps/x86/sys/platform/x86.h b/sysdeps/x86/sys/platform/x86.h
index 1ea2c5fc0b..89b1b16f22 100644
--- a/sysdeps/x86/sys/platform/x86.h
+++ b/sysdeps/x86/sys/platform/x86.h
@@ -45,6 +45,23 @@ x86_cpu_present (unsigned int __index)
 static __inline__ _Bool
 x86_cpu_active (unsigned int __index)
 {
+  if (__index == x86_cpu_IBT || __index == x86_cpu_SHSTK)
+    {
+#ifdef __x86_64__
+      unsigned int __feature_1;
+# ifdef __LP64__
+      __asm__ ("mov %%fs:72, %0" : "=r" (__feature_1));
+# else
+      __asm__ ("mov %%fs:40, %0" : "=r" (__feature_1));
+# endif
+      if (__index == x86_cpu_IBT)
+	return __feature_1 & x86_feature_1_ibt;
+      else
+	return __feature_1 & x86_feature_1_shstk;
+#else
+      return false;
+#endif
+    }
   const struct cpuid_feature *__ptr = __x86_get_cpuid_feature_leaf
     (__index / (8 * sizeof (unsigned int) * 4));
   unsigned int __reg