From patchwork Wed Oct 23 08:39:10 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yury Khrustalev <yury.khrustalev@arm.com>
X-Patchwork-Id: 2000856
Return-Path: <libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org
 (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org;
 envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org;
 receiver=patchwork.ozlabs.org)
Received: from server2.sourceware.org (server2.sourceware.org
 [IPv6:2620:52:3:1:0:246e:9693:128c])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4XYN0L2rlgz1xwy
	for <incoming@patchwork.ozlabs.org>; Wed, 23 Oct 2024 19:45:06 +1100 (AEDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 8F75E3857C78
	for <incoming@patchwork.ozlabs.org>; Wed, 23 Oct 2024 08:45:04 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by sourceware.org (Postfix) with ESMTP id 71CD33858C42
 for <libc-alpha@sourceware.org>; Wed, 23 Oct 2024 08:43:23 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 71CD33858C42
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=arm.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 71CD33858C42
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=217.140.110.172
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1729673014; cv=none;
 b=AqEm3mmjOEp8XP/uw94eS88VcMYlJMZbXZFq1Eimz1jQULUm0p5eHMsdu4X8YbXNcHRlo0s+/9nRnOwrJcJ8KNsDbdMGsn3J5TlShl7ShWVEnN0gtTo8gKCRamcdLgb5/B7qCgZkx+uR386aI0k7pl2aeiCemwB7fzc6SI/XEoQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1729673014; c=relaxed/simple;
 bh=n+Lg1JKA1uD4aWJ+JZKderDl5ueKdZ4/dF4CZhFd1Pk=;
 h=From:To:Subject:Date:Message-Id:MIME-Version;
 b=cFXKP8YRE3vDqQ2aQGBs07U4Ij08C1qnW773j9h9zVixybUAU7o5YmIIA8mO2C4hy+wEp5OjnRH9JxECuFHyZAMjWYvHtI5C5N12jMCqKcVBlmE5EwBAMXYt2x8eiGnZL3egHu8XsoEzUnvPki/B9ssP7CSXgVl8qVzondS43iQ=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E053D1575;
 Wed, 23 Oct 2024 01:43:52 -0700 (PDT)
Received: from udebian.localdomain (unknown [10.1.39.30])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 84A123F528;
 Wed, 23 Oct 2024 01:43:22 -0700 (PDT)
From: Yury Khrustalev <yury.khrustalev@arm.com>
To: libc-alpha@sourceware.org
Cc: fweimer@redhat.com, adhemerval.zanella@linaro.org, codonell@redhat.com,
 nsz@gcc.gnu.org
Subject: [PATCH v3 13/23] aarch64: Enable GCS in dynamic linked exe
Date: Wed, 23 Oct 2024 09:39:10 +0100
Message-Id: <20241023083920.466015-14-yury.khrustalev@arm.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20241023083920.466015-1-yury.khrustalev@arm.com>
References: <20241023083920.466015-1-yury.khrustalev@arm.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-13.4 required=5.0 tests=BAYES_00, GIT_PATCH_0,
 KAM_DMARC_NONE, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, KAM_SHORT,
 SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org

From: Szabolcs Nagy <szabolcs.nagy@arm.com>

Use the dynamic linker start code to enable GCS in the dynamic linked
case after _dl_start returns and before _dl_start_user which marks
the point after which user code may run.

Like in the static linked case this ensures that GCS is enabled on a
top level stack frame.
---
 sysdeps/aarch64/Makefile                |  4 +++-
 sysdeps/aarch64/dl-start.S              | 23 +++++++++++++++++++++--
 sysdeps/aarch64/rtld-global-offsets.sym |  5 +++++
 3 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/sysdeps/aarch64/Makefile b/sysdeps/aarch64/Makefile
index 141d7d9cc2..ca8b96f550 100644
--- a/sysdeps/aarch64/Makefile
+++ b/sysdeps/aarch64/Makefile
@@ -35,7 +35,9 @@ endif
 ifeq ($(subdir),elf)
 sysdep-rtld-routines += dl-start
 sysdep-dl-routines += tlsdesc dl-tlsdesc
-gen-as-const-headers += dl-link.sym
+gen-as-const-headers += \
+  dl-link.sym \
+  rtld-global-offsets.sym
 
 tests-internal += tst-ifunc-arg-1 tst-ifunc-arg-2
 
diff --git a/sysdeps/aarch64/dl-start.S b/sysdeps/aarch64/dl-start.S
index d645484e79..bca5c408af 100644
--- a/sysdeps/aarch64/dl-start.S
+++ b/sysdeps/aarch64/dl-start.S
@@ -18,6 +18,7 @@
    <https://www.gnu.org/licenses/>.  */
 
 #include <sysdep.h>
+#include <rtld-global-offsets.h>
 
 ENTRY (_start)
 	/* Create an initial frame with 0 LR and FP */
@@ -25,11 +26,30 @@ ENTRY (_start)
 	mov	x29, #0
 	mov	x30, #0
 
+	/* Load and relocate all library dependencies.  */
 	mov	x0, sp
 	PTR_ARG (0)
 	bl	_dl_start
 	/* Returns user entry point in x0.  */
 	mov	PTR_REG (21), PTR_REG (0)
+
+	/* Use GL(dl_aarch64_gcs) to set the shadow stack status.  */
+	adrp	x16, _rtld_local
+	add	PTR_REG (16), PTR_REG (16), :lo12:_rtld_local
+	ldr	x1, [x16, GL_DL_AARCH64_GCS_OFFSET]
+	cbz	x1, L(skip_gcs_enable)
+
+	/* Enable GCS before user code runs.  Note that IFUNC resolvers and
+	   LD_AUDIT hooks may run before, but should not create threads.  */
+#define PR_SET_SHADOW_STACK_STATUS     75
+	mov	x0, PR_SET_SHADOW_STACK_STATUS
+	mov	x2, 0
+	mov	x3, 0
+	mov	x4, 0
+	mov	x8, #SYS_ify(prctl)
+	svc	0x0
+L(skip_gcs_enable):
+
 .globl _dl_start_user
 .type _dl_start_user, %function
 _dl_start_user:
@@ -40,8 +60,7 @@ _dl_start_user:
 	/* Compute envp.  */
 	add	PTR_REG (3), PTR_REG (2), PTR_REG (1), lsl PTR_LOG_SIZE
 	add	PTR_REG (3), PTR_REG (3), PTR_SIZE
-	adrp	x16, _rtld_local
-	add	PTR_REG (16), PTR_REG (16), :lo12:_rtld_local
+	/* Run the init functions of the loaded modules.  */
 	ldr	PTR_REG (0), [x16]
 	bl	_dl_init
 	/* Load the finalizer function.  */
diff --git a/sysdeps/aarch64/rtld-global-offsets.sym b/sysdeps/aarch64/rtld-global-offsets.sym
index 23cdaf7d9e..6c0690bb95 100644
--- a/sysdeps/aarch64/rtld-global-offsets.sym
+++ b/sysdeps/aarch64/rtld-global-offsets.sym
@@ -3,8 +3,13 @@
 #include <ldsodefs.h>
 
 #define GLRO_offsetof(name) offsetof (struct rtld_global_ro, _##name)
+#define GL_offsetof(name) offsetof (struct rtld_global, _##name)
 
 -- Offsets of _rtld_global_ro in libc.so
 
 GLRO_DL_HWCAP_OFFSET	GLRO_offsetof (dl_hwcap)
 GLRO_DL_HWCAP2_OFFSET	GLRO_offsetof (dl_hwcap2)
+
+-- Offsets of _rtld_global in libc.so
+
+GL_DL_AARCH64_GCS_OFFSET	GL_offsetof (dl_aarch64_gcs)