diff options
| author | Sudakshina Das <sudi.das@arm.com> | 2020-06-22 10:57:20 +0100 |
|---|---|---|
| committer | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2020-07-08 15:02:37 +0100 |
| commit | 605338745ba15930e9acac46c32ce6cada12a52b (patch) | |
| tree | d622e5001ef1c8918fd9cff340237e53a7b7c25c /sysdeps/unix/sysv/linux | |
| parent | 5f846c8b0dea05554a48ec5ad13874cc757a886f (diff) | |
| download | glibc-605338745ba15930e9acac46c32ce6cada12a52b.tar.gz glibc-605338745ba15930e9acac46c32ce6cada12a52b.tar.xz glibc-605338745ba15930e9acac46c32ce6cada12a52b.zip | |
aarch64: enable BTI at runtime
Binaries can opt-in to using BTI via an ELF object file marking. The dynamic linker has to then mprotect the executable segments with PROT_BTI. In case of static linked executables or in case of the dynamic linker itself, PROT_BTI protection is done by the operating system. On AArch64 glibc uses PT_GNU_PROPERTY instead of PT_NOTE to check the properties of a binary because PT_NOTE can be unreliable with old linkers (old linkers just append the notes of input objects together and add them to the output without checking them for consistency which means multiple incompatible GNU property notes can be present in PT_NOTE). BTI property is handled in the loader even if glibc is not built with BTI support, so in theory user code can be BTI protected independently of glibc. In practice though user binaries are not marked with the BTI property if glibc has no support because the static linked libc objects (crt files, libc_nonshared.a) are unmarked. This patch relies on Linux userspace API that is not yet in a linux release but in v5.8-rc1 so scheduled to be in Linux 5.8. Co-authored-by: Szabolcs Nagy <szabolcs.nagy@arm.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Diffstat (limited to 'sysdeps/unix/sysv/linux')
| -rw-r--r-- | sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h | 1 | ||||
| -rw-r--r-- | sysdeps/unix/sysv/linux/aarch64/bits/mman.h | 31 | ||||
| -rw-r--r-- | sysdeps/unix/sysv/linux/aarch64/cpu-features.c | 3 | ||||
| -rw-r--r-- | sysdeps/unix/sysv/linux/aarch64/cpu-features.h | 2 |
4 files changed, 37 insertions, 0 deletions
diff --git a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h index 4ee14b4208..af90d8a626 100644 --- a/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h +++ b/sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h @@ -72,3 +72,4 @@ #define HWCAP2_BF16 (1 << 14) #define HWCAP2_DGH (1 << 15) #define HWCAP2_RNG (1 << 16) +#define HWCAP2_BTI (1 << 17) diff --git a/sysdeps/unix/sysv/linux/aarch64/bits/mman.h b/sysdeps/unix/sysv/linux/aarch64/bits/mman.h new file mode 100644 index 0000000000..ecae046344 --- /dev/null +++ b/sysdeps/unix/sysv/linux/aarch64/bits/mman.h @@ -0,0 +1,31 @@ +/* Definitions for POSIX memory map interface. Linux/AArch64 version. + Copyright (C) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +#ifndef _SYS_MMAN_H +# error "Never use <bits/mman.h> directly; include <sys/mman.h> instead." +#endif + +/* AArch64 specific definitions, should be in sync with + arch/arm64/include/uapi/asm/mman.h. */ + +#define PROT_BTI 0x10 + +#include <bits/mman-map-flags-generic.h> + +/* Include generic Linux declarations. */ +#include <bits/mman-linux.h> diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c index 896c588fee..b9ab827aca 100644 --- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.c +++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.c @@ -83,4 +83,7 @@ init_cpu_features (struct cpu_features *cpu_features) if ((dczid & DCZID_DZP_MASK) == 0) cpu_features->zva_size = 4 << (dczid & DCZID_BS_MASK); + + /* Check if BTI is supported. */ + cpu_features->bti = GLRO (dl_hwcap2) & HWCAP2_BTI; } diff --git a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h index 1389cea1b3..a81f186ec2 100644 --- a/sysdeps/unix/sysv/linux/aarch64/cpu-features.h +++ b/sysdeps/unix/sysv/linux/aarch64/cpu-features.h @@ -20,6 +20,7 @@ #define _CPU_FEATURES_AARCH64_H #include <stdint.h> +#include <stdbool.h> #define MIDR_PARTNUM_SHIFT 4 #define MIDR_PARTNUM_MASK (0xfff << MIDR_PARTNUM_SHIFT) @@ -64,6 +65,7 @@ struct cpu_features { uint64_t midr_el1; unsigned zva_size; + bool bti; }; #endif /* _CPU_FEATURES_AARCH64_H */ |