[05/12] x86: Rename __glibc_reserved2 to ssp_base in tcbhead_t

Message ID 20180721142035.21059-6-hjl.tools@gmail.com
State New
Headers show
Series
  • x86/CET: The last 12 patches to enable Intel CET
Related show

Commit Message

H.J. Lu July 21, 2018, 2:20 p.m.
This will be used to implement shadow stack switching by getcontext,
makecontext, setcontext and swapcontext.

	* sysdeps/i386/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
	* sysdeps/i386/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
	with ssp_base.
	* sysdeps/x86_64/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
	* sysdeps/x86_64/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
	with ssp_base.
---
 sysdeps/i386/nptl/tcb-offsets.sym   |  1 +
 sysdeps/i386/nptl/tls.h             |  3 ++-
 sysdeps/x86_64/nptl/tcb-offsets.sym |  1 +
 sysdeps/x86_64/nptl/tls.h           | 10 +++++++++-
 4 files changed, 13 insertions(+), 2 deletions(-)

-- 
2.17.1

Comments

Carlos O'Donell July 24, 2018, 8:49 p.m. | #1
On 07/21/2018 10:20 AM, H.J. Lu wrote:
> This will be used to implement shadow stack switching by getcontext,

> makecontext, setcontext and swapcontext.

> 

> 	* sysdeps/i386/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.

> 	* sysdeps/i386/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2

> 	with ssp_base.

> 	* sysdeps/x86_64/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.

> 	* sysdeps/x86_64/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2

> 	with ssp_base.


Looks good to me.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>


> ---

>  sysdeps/i386/nptl/tcb-offsets.sym   |  1 +

>  sysdeps/i386/nptl/tls.h             |  3 ++-

>  sysdeps/x86_64/nptl/tcb-offsets.sym |  1 +

>  sysdeps/x86_64/nptl/tls.h           | 10 +++++++++-

>  4 files changed, 13 insertions(+), 2 deletions(-)

> 

> diff --git a/sysdeps/i386/nptl/tcb-offsets.sym b/sysdeps/i386/nptl/tcb-offsets.sym

> index fbac241c45..2ec9e787c1 100644

> --- a/sysdeps/i386/nptl/tcb-offsets.sym

> +++ b/sysdeps/i386/nptl/tcb-offsets.sym

> @@ -13,3 +13,4 @@ CLEANUP_PREV		offsetof (struct _pthread_cleanup_buffer, __prev)

>  MUTEX_FUTEX		offsetof (pthread_mutex_t, __data.__lock)

>  POINTER_GUARD		offsetof (tcbhead_t, pointer_guard)

>  FEATURE_1_OFFSET	offsetof (tcbhead_t, feature_1)

> +SSP_BASE_OFFSET		offsetof (tcbhead_t, ssp_base)


OK.

> diff --git a/sysdeps/i386/nptl/tls.h b/sysdeps/i386/nptl/tls.h

> index 21e23cd809..12285d3217 100644

> --- a/sysdeps/i386/nptl/tls.h

> +++ b/sysdeps/i386/nptl/tls.h

> @@ -49,7 +49,8 @@ typedef struct

>    void *__private_tm[3];

>    /* GCC split stack support.  */

>    void *__private_ss;

> -  void *__glibc_reserved2;

> +  /* The lowest address of shadow stack,  */

> +  unsigned long ssp_base;


OK.

>  } tcbhead_t;

>  

>  /* morestack.S in libgcc uses offset 0x30 to access __private_ss,   */

> diff --git a/sysdeps/x86_64/nptl/tcb-offsets.sym b/sysdeps/x86_64/nptl/tcb-offsets.sym

> index 387621e88c..ae8034743b 100644

> --- a/sysdeps/x86_64/nptl/tcb-offsets.sym

> +++ b/sysdeps/x86_64/nptl/tcb-offsets.sym

> @@ -13,6 +13,7 @@ MULTIPLE_THREADS_OFFSET	offsetof (tcbhead_t, multiple_threads)

>  POINTER_GUARD		offsetof (tcbhead_t, pointer_guard)

>  VGETCPU_CACHE_OFFSET	offsetof (tcbhead_t, vgetcpu_cache)

>  FEATURE_1_OFFSET	offsetof (tcbhead_t, feature_1)

> +SSP_BASE_OFFSET		offsetof (tcbhead_t, ssp_base)


OK.

>  

>  -- Not strictly offsets, but these values are also used in the TCB.

>  TCB_CANCELSTATE_BITMASK	 CANCELSTATE_BITMASK

> diff --git a/sysdeps/x86_64/nptl/tls.h b/sysdeps/x86_64/nptl/tls.h

> index f042a0250a..e88561c934 100644

> --- a/sysdeps/x86_64/nptl/tls.h

> +++ b/sysdeps/x86_64/nptl/tls.h

> @@ -60,7 +60,8 @@ typedef struct

>    void *__private_tm[4];

>    /* GCC split stack support.  */

>    void *__private_ss;

> -  long int __glibc_reserved2;

> +  /* The lowest address of shadow stack,  */

> +  unsigned long long int ssp_base;


OK.

>    /* Must be kept even if it is no longer used by glibc since programs,

>       like AddressSanitizer, depend on the size of tcbhead_t.  */

>    __128bits __glibc_unused2[8][4] __attribute__ ((aligned (32)));

> @@ -72,10 +73,17 @@ typedef struct

>  /* morestack.S in libgcc uses offset 0x40 to access __private_ss,   */

>  _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x40,

>  		"offset of __private_ss != 0x40");

> +/* NB: ssp_base used to be "long int __glibc_reserved2", which was

> +   changed from 32 bits to 64 bits.  Make sure that the offset of the

> +   next field, __glibc_unused2, is unchanged.  */

> +_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x60,

> +		"offset of __glibc_unused2 != 0x60");


OK.

>  # else

>  /* morestack.S in libgcc uses offset 0x70 to access __private_ss,   */

>  _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x70,

>  		"offset of __private_ss != 0x70");

> +_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x80,

> +		"offset of __glibc_unused2 != 0x80");


OK.

>  # endif

>  

>  #else /* __ASSEMBLER__ */

>

Patch

diff --git a/sysdeps/i386/nptl/tcb-offsets.sym b/sysdeps/i386/nptl/tcb-offsets.sym
index fbac241c45..2ec9e787c1 100644
--- a/sysdeps/i386/nptl/tcb-offsets.sym
+++ b/sysdeps/i386/nptl/tcb-offsets.sym
@@ -13,3 +13,4 @@  CLEANUP_PREV		offsetof (struct _pthread_cleanup_buffer, __prev)
 MUTEX_FUTEX		offsetof (pthread_mutex_t, __data.__lock)
 POINTER_GUARD		offsetof (tcbhead_t, pointer_guard)
 FEATURE_1_OFFSET	offsetof (tcbhead_t, feature_1)
+SSP_BASE_OFFSET		offsetof (tcbhead_t, ssp_base)
diff --git a/sysdeps/i386/nptl/tls.h b/sysdeps/i386/nptl/tls.h
index 21e23cd809..12285d3217 100644
--- a/sysdeps/i386/nptl/tls.h
+++ b/sysdeps/i386/nptl/tls.h
@@ -49,7 +49,8 @@  typedef struct
   void *__private_tm[3];
   /* GCC split stack support.  */
   void *__private_ss;
-  void *__glibc_reserved2;
+  /* The lowest address of shadow stack,  */
+  unsigned long ssp_base;
 } tcbhead_t;
 
 /* morestack.S in libgcc uses offset 0x30 to access __private_ss,   */
diff --git a/sysdeps/x86_64/nptl/tcb-offsets.sym b/sysdeps/x86_64/nptl/tcb-offsets.sym
index 387621e88c..ae8034743b 100644
--- a/sysdeps/x86_64/nptl/tcb-offsets.sym
+++ b/sysdeps/x86_64/nptl/tcb-offsets.sym
@@ -13,6 +13,7 @@  MULTIPLE_THREADS_OFFSET	offsetof (tcbhead_t, multiple_threads)
 POINTER_GUARD		offsetof (tcbhead_t, pointer_guard)
 VGETCPU_CACHE_OFFSET	offsetof (tcbhead_t, vgetcpu_cache)
 FEATURE_1_OFFSET	offsetof (tcbhead_t, feature_1)
+SSP_BASE_OFFSET		offsetof (tcbhead_t, ssp_base)
 
 -- Not strictly offsets, but these values are also used in the TCB.
 TCB_CANCELSTATE_BITMASK	 CANCELSTATE_BITMASK
diff --git a/sysdeps/x86_64/nptl/tls.h b/sysdeps/x86_64/nptl/tls.h
index f042a0250a..e88561c934 100644
--- a/sysdeps/x86_64/nptl/tls.h
+++ b/sysdeps/x86_64/nptl/tls.h
@@ -60,7 +60,8 @@  typedef struct
   void *__private_tm[4];
   /* GCC split stack support.  */
   void *__private_ss;
-  long int __glibc_reserved2;
+  /* The lowest address of shadow stack,  */
+  unsigned long long int ssp_base;
   /* Must be kept even if it is no longer used by glibc since programs,
      like AddressSanitizer, depend on the size of tcbhead_t.  */
   __128bits __glibc_unused2[8][4] __attribute__ ((aligned (32)));
@@ -72,10 +73,17 @@  typedef struct
 /* morestack.S in libgcc uses offset 0x40 to access __private_ss,   */
 _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x40,
 		"offset of __private_ss != 0x40");
+/* NB: ssp_base used to be "long int __glibc_reserved2", which was
+   changed from 32 bits to 64 bits.  Make sure that the offset of the
+   next field, __glibc_unused2, is unchanged.  */
+_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x60,
+		"offset of __glibc_unused2 != 0x60");
 # else
 /* morestack.S in libgcc uses offset 0x70 to access __private_ss,   */
 _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x70,
 		"offset of __private_ss != 0x70");
+_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x80,
+		"offset of __glibc_unused2 != 0x80");
 # endif
 
 #else /* __ASSEMBLER__ */