diff options
| author | H.J. Lu <hjl.tools@gmail.com> | 2020-04-27 15:44:07 -0700 |
|---|---|---|
| committer | H.J. Lu <hjl.tools@gmail.com> | 2020-05-18 08:38:53 -0700 |
| commit | 9e38f455a6c602be86b7b5a8d6523cbdcd7ec051 (patch) | |
| tree | 3fa62a570dd9ae651db62b21231a63358bd66edf /sysdeps/x86/tst-cet-legacy-5.c | |
| parent | ce12fc711387375d0248ab3ff9084fb958c43bc6 (diff) | |
| download | glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.tar glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.tar.gz glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.tar.bz2 glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.zip | |
x86: Add --enable-cet=permissive
When CET is enabled, it is an error to dlopen a non CET enabled shared
library in CET enabled application. It may be desirable to make CET
permissive, that is disable CET when dlopening a non CET enabled shared
library. With the new --enable-cet=permissive configure option, CET is
disabled when dlopening a non CET enabled shared library.
Add DEFAULT_DL_X86_CET_CONTROL to config.h.in:
/* The default value of x86 CET control. */
#define DEFAULT_DL_X86_CET_CONTROL cet_elf_property
which enables CET features based on ELF property note.
--enable-cet=permissive it to
/* The default value of x86 CET control. */
#define DEFAULT_DL_X86_CET_CONTROL cet_permissive
which enables CET features permissively.
Update tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and
tst-cet-legacy-6b to check --enable-cet and --enable-cet=permissive.
Diffstat (limited to 'sysdeps/x86/tst-cet-legacy-5.c')
| -rw-r--r-- | sysdeps/x86/tst-cet-legacy-5.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/sysdeps/x86/tst-cet-legacy-5.c b/sysdeps/x86/tst-cet-legacy-5.c index e2e95b6749..007b30029b 100644 --- a/sysdeps/x86/tst-cet-legacy-5.c +++ b/sysdeps/x86/tst-cet-legacy-5.c @@ -22,6 +22,14 @@ #include <stdlib.h> #include <stdbool.h> #include <string.h> +#include <x86intrin.h> +#include <support/check.h> + +#if defined CET_IS_PERMISSIVE || defined CET_DISABLED_BY_ENV +# define CET_MAYBE_DISABLED 1 +#else +# define CET_MAYBE_DISABLED 0 +#endif static void do_test_1 (const char *modname, bool fail) @@ -32,24 +40,25 @@ do_test_1 (const char *modname, bool fail) h = dlopen (modname, RTLD_LAZY); if (h == NULL) { + const char *err = dlerror (); if (fail) { - const char *err = dlerror (); if (strstr (err, "rebuild shared object with SHSTK support enabled") == NULL) - { - printf ("incorrect dlopen '%s' error: %s\n", modname, - err); - exit (1); - } + FAIL_EXIT1 ("incorrect dlopen '%s' error: %s\n", modname, err); return; } - printf ("cannot open '%s': %s\n", modname, dlerror ()); - exit (1); + FAIL_EXIT1 ("cannot open '%s': %s\n", modname, err); } + /* NB: dlopen should never fail on non-CET platforms. If SHSTK is + disabled, assuming IBT is also disabled. */ + bool cet_enabled = _get_ssp () != 0 && !CET_MAYBE_DISABLED; + if (fail && cet_enabled) + FAIL_EXIT1 ("dlopen should have failed\n"); + fp = dlsym (h, "test"); if (fp == NULL) { |