binutils-gdb/ld/testsuite/ld-x86-64/ibt-plt-3a.d

44 lines
1.5 KiB
D
Raw Normal View History

x86: Support Intel IBT with IBT property and IBT-enable PLT To support IBT in Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf #define GNU_PROPERTY_X86_FEATURE_1_AND 0xc0000002 #define GNU_PROPERTY_X86_FEATURE_1_IBT (1U << 0) are added to GNU program properties to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. GNU_PROPERTY_X86_FEATURE_1_IBT is set on output only if it is set on all relocatable inputs. The followings changes are made to the Procedure Linkage Table (PLT): 1. For 64-bit x86-64, PLT is changed to PLT0: push GOT[1] bnd jmp *GOT[2] nop ... PLTn: endbr64 push namen_reloc_index bnd jmp PLT0 together with the second PLT section: PLTn: endbr64 bnd jmp *GOT[namen_index] nop BND prefix is also added so that IBT-enabled PLT is compatible with MPX. 2. For 32-bit x86-64 (x32) and i386, PLT is changed to PLT0: push GOT[1] jmp *GOT[2] nop ... PLTn: endbr64 # endbr32 for i386. push namen_reloc_index jmp PLT0 together with the second PLT section: PLTn: endbr64 # endbr32 for i386. jmp *GOT[namen_index] nop BND prefix isn't used since MPX isn't supported on x32 and BND registers aren't used in parameter passing on i386. GOT is an array of addresses. Initially, GOT[namen_index] is filled with the address of the ENDBR instruction of the corresponding entry in the first PLT section. The function, namen, is called via the ENDBR instruction in the second PLT entry. GOT[namen_index] is updated to the actual address of the function, namen, at run-time. 2 linker command line options are added: 1. -z ibtplt: Generate IBT-enabled PLT. 2. -z ibt: Generate GNU_PROPERTY_X86_FEATURE_1_IBT in GNU program properties as well as IBT-enabled PLT. bfd/ * elf32-i386.c (elf_i386_lazy_ibt_plt0_entry): New. (elf_i386_lazy_ibt_plt_entry): Likewise. (elf_i386_pic_lazy_ibt_plt0_entry): Likewise. (elf_i386_non_lazy_ibt_plt_entry): Likewise. (elf_i386_pic_non_lazy_ibt_plt_entry): Likewise. (elf_i386_eh_frame_lazy_ibt_plt): Likewise. (elf_i386_lazy_plt_layout): Likewise. (elf_i386_non_lazy_plt_layout): Likewise. (elf_i386_link_hash_entry): Add plt_second. (elf_i386_link_hash_table): Add plt_second and plt_second_eh_frame. (elf_i386_allocate_dynrelocs): Use the second PLT if needed. (elf_i386_size_dynamic_sections): Use .plt.got unwind info for the second PLT. Check the second PLT. (elf_i386_relocate_section): Use the second PLT to resolve PLT reference if needed. (elf_i386_finish_dynamic_symbol): Fill and use the second PLT if needed. (elf_i386_finish_dynamic_sections): Set sh_entsize on the second PLT. Generate unwind info for the second PLT. (elf_i386_plt_type): Add plt_second. (elf_i386_get_synthetic_symtab): Support the second PLT. (elf_i386_parse_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. (elf_i386_merge_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT (elf_i386_link_setup_gnu_properties): If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT. Use IBT-enabled PLT for info->ibtplt, info->ibt or GNU_PROPERTY_X86_FEATURE_1_IBT is set on all relocatable inputs. * elf64-x86-64.c (elf_x86_64_lazy_ibt_plt_entry): New. (elf_x32_lazy_ibt_plt_entry): Likewise. (elf_x86_64_non_lazy_ibt_plt_entry): Likewise. (elf_x32_non_lazy_ibt_plt_entry): Likewise. (elf_x86_64_eh_frame_lazy_ibt_plt): Likewise. (elf_x32_eh_frame_lazy_ibt_plt): Likewise. (elf_x86_64_lazy_ibt_plt): Likewise. (elf_x32_lazy_ibt_plt): Likewise. (elf_x86_64_non_lazy_ibt_plt): Likewise. (elf_x32_non_lazy_ibt_plt): Likewise. (elf_x86_64_get_synthetic_symtab): Support the second PLT. (elf_x86_64_parse_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. (elf_x86_64_merge_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT (elf_x86_64_link_setup_gnu_properties): If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT. Use IBT-enabled PLT for info->ibtplt, info->ibt or GNU_PROPERTY_X86_FEATURE_1_IBT is set on all relocatable inputs. binutils/ * readelf.c (decode_x86_feature): New. (print_gnu_property_note): Call decode_x86_feature on GNU_PROPERTY_X86_FEATURE_1_AND. * testsuite/binutils-all/i386/empty.d: New file. * testsuite/binutils-all/i386/empty.s: Likewise. * testsuite/binutils-all/i386/ibt.d: Likewise. * testsuite/binutils-all/i386/ibt.s: Likewise. * testsuite/binutils-all/x86-64/empty-x32.d: Likewise. * testsuite/binutils-all/x86-64/empty.d: Likewise. * testsuite/binutils-all/x86-64/empty.s: Likewise. * testsuite/binutils-all/x86-64/ibt-x32.d: Likewise. * testsuite/binutils-all/x86-64/ibt.d: Likewise. * testsuite/binutils-all/x86-64/ibt.s: Likewise. include/ * bfdlink.h (bfd_link_info): Add ibtplt and ibt. * elf/common.h (GNU_PROPERTY_X86_FEATURE_1_AND): New. (GNU_PROPERTY_X86_FEATURE_1_IBT): Likewise. ld/ * Makefile.am (ELF_X86_DEPS): Add $(srcdir)/emulparams/cet.sh. * Makefile.in: Regenerated. * NEWS: Mention GNU_PROPERTY_X86_FEATURE_1_IBT, -z ibtplt and -z ibt. * emulparams/cet.sh: New file. * testsuite/ld-i386/ibt-plt-1.d: Likewise. * testsuite/ld-i386/ibt-plt-1.s: Likewise. * testsuite/ld-i386/ibt-plt-2.s: Likewise. * testsuite/ld-i386/ibt-plt-2a.d: Likewise. * testsuite/ld-i386/ibt-plt-2b.d: Likewise. * testsuite/ld-i386/ibt-plt-2c.d: Likewise. * testsuite/ld-i386/ibt-plt-2d.d: Likewise. * testsuite/ld-i386/ibt-plt-3.s: Likewise. * testsuite/ld-i386/ibt-plt-3a.d: Likewise. * testsuite/ld-i386/ibt-plt-3b.d: Likewise. * testsuite/ld-i386/ibt-plt-3c.d: Likewise. * testsuite/ld-i386/ibt-plt-3d.d: Likewise. * testsuite/ld-i386/plt-main-ibt.dd: Likewise. * testsuite/ld-i386/plt-pie-ibt.dd: Likewise. * testsuite/ld-i386/property-x86-empty.s: Likewise. * testsuite/ld-i386/property-x86-ibt.s: Likewise. * testsuite/ld-i386/property-x86-ibt1a.d: Likewise. * testsuite/ld-i386/property-x86-ibt1b.d: Likewise. * testsuite/ld-i386/property-x86-ibt2.d: Likewise. * testsuite/ld-i386/property-x86-ibt3a.d: Likewise. * testsuite/ld-i386/property-x86-ibt3b.d: Likewise. * testsuite/ld-i386/property-x86-ibt4.d: Likewise. * testsuite/ld-i386/property-x86-ibt5.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1.s: Likewise. * testsuite/ld-x86-64/ibt-plt-2.s: Likewise. * testsuite/ld-x86-64/ibt-plt-2a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2b-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2b.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2d-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2d.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3.s: Likewise. * testsuite/ld-x86-64/ibt-plt-3a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3b-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3b.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3d-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3d.d: Likewise. * testsuite/ld-x86-64/plt-main-ibt-now.rd: Likewise. * testsuite/ld-x86-64/plt-main-ibt-x32.dd: Likewise. * testsuite/ld-x86-64/plt-main-ibt.dd: Likewise. * testsuite/ld-x86-64/property-x86-empty.s: Likewise. * testsuite/ld-x86-64/property-x86-ibt.s: Likewise. * testsuite/ld-x86-64/property-x86-ibt1a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1a.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1b.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt2-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt2.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3a.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3b.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt4-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt4.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt5-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt5.d: Likewise. * emulparams/elf32_x86_64.sh: Source emulparams/cet.sh. (TINY_READONLY_SECTION): Add .plt.sec. * emulparams/elf_i386.sh: Likewise. * emulparams/elf_x86_64.sh: Source emulparams/cet.sh. * ld.texinfo: Document -z ibtplt and -z ibt. * testsuite/ld-i386/i386.exp: Run IBT and IBT PLT tests. * testsuite/ld-x86-64/x86-64.exp: Likewise. * testsuite/ld-x86-64/pr21481b.S (check): Updated for x32.
2017-06-22 20:44:37 +08:00
#source: ibt-plt-3.s
#as: --64 -defsym __64_bit__=1
Support different ld --hash-style in the ld testsuite When ld is running with something other than --hash-style=sysv by default, numerous tests need tweaking. Most of the changes just add --hash-style=sysv. I didn't want to make --hash-style=sysv global as that means --hash-style=gnu isn't well tested. * testsuite/ld-alpha/alpha.exp: Add --hash-style=sysv to various test's ld options. * testsuite/ld-arm/arm-elf.exp: Likewise. * testsuite/ld-elf/elf.exp: Likewise. * testsuite/ld-elf/readelf.exp: Likewise. * testsuite/ld-elfvsb/elfvsb.exp: Likewise. * testsuite/ld-i386/i386.exp: Likewise. * testsuite/ld-ia64/ia64.exp: Likewise. * testsuite/ld-m68k/m68k.exp: Likewise. * testsuite/ld-metag/metag.exp: Likewise. * testsuite/ld-powerpc/powerpc.exp: Likewise. * testsuite/ld-s390/s390.exp: Likewise. * testsuite/ld-sh/sh-vxworks.exp: Likewise. * testsuite/ld-shared/shared.exp: Likewise. * testsuite/ld-sparc/sparc.exp: Likewise. * testsuite/ld-tic6x/tic6x.exp: Likewise. * testsuite/ld-vax-elf/vax-elf.exp: Likewise. * testsuite/ld-x86-64/mpx.exp: Likewise. * testsuite/ld-x86-64/x86-64.exp: Likewise. * testsuite/ld-xtensa/xtensa.exp: Likewise. * testsuite/ld-elf/comm-data2.ld: Add .gnu.hash output section. * testsuite/ld-elf/pr20828-v.ld: Likewise. * testsuite/ld-elf/pr20828.ld: Likewise. * testsuite/ld-elf/pr21233.ld: Likewise. * testsuite/ld-elf/pr21384.ld: Likewise. * testsuite/ld-elf/provide-hidden-1.ld: Likewise. * testsuite/ld-elf/provide-hidden-2.ld: Likewise. * testsuite/ld-elf/provide-hidden-s.ld: Likewise. * testsuite/ld-scripts/cross1.t: Likewise. * testsuite/ld-elf/stab.d: Adjust allowed section indices. * testsuite/ld-i386/pie1.d: Don't match addresses. * testsuite/ld-i386/plt-pic2.dd: Likewise. * testsuite/ld-i386/pr19636-1d.d: Likewise. * testsuite/ld-i386/pr19636-2c.d: Likewise. * testsuite/ld-powerpc/elfv2so.d: Likewise. * testsuite/ld-powerpc/tlsopt5.d: Likewise. * testsuite/ld-powerpc/tlsopt5.wf: Likewise. * testsuite/ld-powerpc/tlsopt5_32.d: Likewise. * testsuite/ld-i386/pr19636-2b.d: Don't match _start. * testsuite/ld-powerpc/ambiguousv1.d: Relax symbol count, index and address match. * testsuite/ld-powerpc/ambiguousv1b.d: Likewise. * testsuite/ld-powerpc/ambiguousv2.d: Likewise. * testsuite/ld-powerpc/ambiguousv2b.d: Likewise. * testsuite/ld-aarch64/gc-plt-relocs.d: Run ld with --hash-style=sysv. * testsuite/ld-aarch64/ifunc-1.d: Likewise. * testsuite/ld-aarch64/ifunc-2.d: Likewise. * testsuite/ld-aarch64/ifunc-21.d: Likewise. * testsuite/ld-aarch64/relasz.d: Likewise. * testsuite/ld-aarch64/tls-small-ld.d: Likewise. * testsuite/ld-aarch64/tls-tiny-ld.d: Likewise. * testsuite/ld-arc/tls_gd-01.d: Likewise. * testsuite/ld-cris/libdso-10.d: Likewise. * testsuite/ld-cris/libdso-2.d: Likewise. * testsuite/ld-cris/pic-gc-72.d: Likewise. * testsuite/ld-cris/pic-gc-73.d: Likewise. * testsuite/ld-cris/tls-gd-1.d: Likewise. * testsuite/ld-cris/tls-gd-1h.d: Likewise. * testsuite/ld-cris/tls-gd-2.d: Likewise. * testsuite/ld-cris/tls-gd-2h.d: Likewise. * testsuite/ld-cris/tls-ie-10.d: Likewise. * testsuite/ld-cris/tls-ie-11.d: Likewise. * testsuite/ld-cris/tls-ie-8.d: Likewise. * testsuite/ld-cris/tls-ie-9.d: Likewise. * testsuite/ld-cris/tls-ld-4.d: Likewise. * testsuite/ld-cris/tls-ld-5.d: Likewise. * testsuite/ld-cris/tls-ld-6.d: Likewise. * testsuite/ld-cris/tls-ld-7.d: Likewise. * testsuite/ld-cris/tls-ldgd-14.d: Likewise. * testsuite/ld-cris/tls-ldgd-15.d: Likewise. * testsuite/ld-cris/tls-ldgdx-14.d: Likewise. * testsuite/ld-cris/tls-ldgdx-15.d: Likewise. * testsuite/ld-cris/tls-local-54.d: Likewise. * testsuite/ld-cris/tls-local-60.d: Likewise. * testsuite/ld-cris/tls-local-61.d: Likewise. * testsuite/ld-cris/weakhiddso.d: Likewise. * testsuite/ld-elf/linkinfo1a.d: Likewise. * testsuite/ld-elf/linkinfo1b.d: Likewise. * testsuite/ld-elf/pr19617a.d: Likewise. * testsuite/ld-elfvsb/hidden2.d: Likewise. * testsuite/ld-frv/fdpic-pie-6.d: Likewise. * testsuite/ld-frv/fdpic-shared-2.d: Likewise. * testsuite/ld-frv/fdpic-shared-5.d: Likewise. * testsuite/ld-frv/fdpic-shared-6.d: Likewise. * testsuite/ld-frv/fdpic-shared-8.d: Likewise. * testsuite/ld-frv/fdpic-shared-local-2.d: Likewise. * testsuite/ld-frv/fdpic-shared-local-8.d: Likewise. * testsuite/ld-frv/tls-dynamic-2.d: Likewise. * testsuite/ld-i386/ibt-plt-1.d: Likewise. * testsuite/ld-i386/ibt-plt-2a.d: Likewise. * testsuite/ld-i386/ibt-plt-2c.d: Likewise. * testsuite/ld-i386/ibt-plt-3a.d: Likewise. * testsuite/ld-i386/ibt-plt-3c.d: Likewise. * testsuite/ld-i386/pr20830.d: Likewise. * testsuite/ld-ia64/merge1.d: Likewise. * testsuite/ld-ia64/merge2.d: Likewise. * testsuite/ld-ia64/merge3.d: Likewise. * testsuite/ld-ia64/merge4.d: Likewise. * testsuite/ld-ia64/merge5.d: Likewise. * testsuite/ld-ifunc/ifunc-1-local-x86.d: Likewise. * testsuite/ld-ifunc/ifunc-1-x86.d: Likewise. * testsuite/ld-ifunc/ifunc-2-i386-now.d: Likewise. * testsuite/ld-ifunc/ifunc-2-local-i386-now.d: Likewise. * testsuite/ld-ifunc/ifunc-2-local-x86-64-now.d: Likewise. * testsuite/ld-ifunc/ifunc-2-local-x86-64.d: Likewise. * testsuite/ld-ifunc/ifunc-2-x86-64-now.d: Likewise. * testsuite/ld-ifunc/ifunc-2-x86-64.d: Likewise. * testsuite/ld-ifunc/ifunc-3a-x86.d: Likewise. * testsuite/ld-ifunc/pr17154-i386-now.d: Likewise. * testsuite/ld-ifunc/pr17154-i386.d: Likewise. * testsuite/ld-ifunc/pr17154-x86-64-now.d: Likewise. * testsuite/ld-ifunc/pr17154-x86-64.d: Likewise. * testsuite/ld-m68k/got-1.d: Likewise. * testsuite/ld-m68k/got-multigot-12-13-14-34-35-ok.d: Likewise. * testsuite/ld-m68k/got-multigot-14-ok.d: Likewise. * testsuite/ld-m68k/got-multigot-15-er.d: Likewise. * testsuite/ld-m68k/got-negative-12-13-14-34-ok.d: Likewise. * testsuite/ld-m68k/got-negative-12-13-14-35-er.d: Likewise. * testsuite/ld-m68k/got-negative-14-ok.d: Likewise. * testsuite/ld-m68k/got-negative-15-er.d: Likewise. * testsuite/ld-m68k/got-single-12-ok.d: Likewise. * testsuite/ld-m68k/got-single-13-er.d: Likewise. * testsuite/ld-m68k/got-xgot-12-13-14-15-34-35-ok.d: Likewise. * testsuite/ld-m68k/got-xgot-15-ok.d: Likewise. * testsuite/ld-m68k/tls-gd-1.d: Likewise. * testsuite/ld-m68k/tls-gd-2.d: Likewise. * testsuite/ld-m68k/tls-gd-ie-1.d: Likewise. * testsuite/ld-m68k/tls-ie-1.d: Likewise. * testsuite/ld-m68k/tls-ld-1.d: Likewise. * testsuite/ld-m68k/tls-ld-2.d: Likewise. * testsuite/ld-sh/shared-2.d: Likewise. * testsuite/ld-sh/tlsbin-2.d: Likewise. * testsuite/ld-sh/tlspic-2.d: Likewise. * testsuite/ld-x86-64/bnd-branch-1-now.d: Likewise. * testsuite/ld-x86-64/bnd-ifunc-1-now.d: Likewise. * testsuite/ld-x86-64/bnd-ifunc-1.d: Likewise. * testsuite/ld-x86-64/bnd-ifunc-2-now.d: Likewise. * testsuite/ld-x86-64/bnd-ifunc-2.d: Likewise. * testsuite/ld-x86-64/bnd-plt-1-now.d: Likewise. * testsuite/ld-x86-64/bnd-plt-1.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c.d: Likewise. * testsuite/ld-x86-64/ilp32-4-nacl.d: Likewise. * testsuite/ld-x86-64/ilp32-4.d: Likewise. * testsuite/ld-x86-64/load1c-nacl.d: Likewise. * testsuite/ld-x86-64/load1c.d: Likewise. * testsuite/ld-x86-64/load1d-nacl.d: Likewise. * testsuite/ld-x86-64/load1d.d: Likewise. * testsuite/ld-x86-64/pie3-nacl.d: Likewise. * testsuite/ld-x86-64/pie3.d: Likewise. * testsuite/ld-x86-64/pr14207.d: Likewise. * testsuite/ld-x86-64/pr19162.d: Likewise. * testsuite/ld-x86-64/pr19636-2d-nacl.d: Likewise. * testsuite/ld-x86-64/pr19636-2d.d: Likewise. * testsuite/ld-x86-64/pr20253-1d.d: Likewise. * testsuite/ld-x86-64/pr20253-1f.d: Likewise. * testsuite/ld-x86-64/pr20253-1j.d: Likewise. * testsuite/ld-x86-64/pr20253-1l.d: Likewise. * testsuite/ld-x86-64/pr20830a-now.d: Likewise. * testsuite/ld-x86-64/pr20830a.d: Likewise. * testsuite/ld-x86-64/pr20830b-now.d: Likewise. * testsuite/ld-x86-64/pr20830b.d: Likewise. * testsuite/ld-x86-64/pr21038a-now.d: Likewise. * testsuite/ld-x86-64/pr21038a.d: Likewise. * testsuite/ld-x86-64/pr21038b-now.d: Likewise. * testsuite/ld-x86-64/pr21038b.d: Likewise. * testsuite/ld-x86-64/pr21038c-now.d: Likewise. * testsuite/ld-x86-64/pr21038c.d: Likewise.
2017-08-06 20:34:25 +08:00
#ld: -shared -m elf_x86_64 -z ibtplt --hash-style=sysv
x86: Support Intel IBT with IBT property and IBT-enable PLT To support IBT in Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf #define GNU_PROPERTY_X86_FEATURE_1_AND 0xc0000002 #define GNU_PROPERTY_X86_FEATURE_1_IBT (1U << 0) are added to GNU program properties to indicate that all executable sections are compatible with IBT when ENDBR instruction starts each valid target where an indirect branch instruction can land. GNU_PROPERTY_X86_FEATURE_1_IBT is set on output only if it is set on all relocatable inputs. The followings changes are made to the Procedure Linkage Table (PLT): 1. For 64-bit x86-64, PLT is changed to PLT0: push GOT[1] bnd jmp *GOT[2] nop ... PLTn: endbr64 push namen_reloc_index bnd jmp PLT0 together with the second PLT section: PLTn: endbr64 bnd jmp *GOT[namen_index] nop BND prefix is also added so that IBT-enabled PLT is compatible with MPX. 2. For 32-bit x86-64 (x32) and i386, PLT is changed to PLT0: push GOT[1] jmp *GOT[2] nop ... PLTn: endbr64 # endbr32 for i386. push namen_reloc_index jmp PLT0 together with the second PLT section: PLTn: endbr64 # endbr32 for i386. jmp *GOT[namen_index] nop BND prefix isn't used since MPX isn't supported on x32 and BND registers aren't used in parameter passing on i386. GOT is an array of addresses. Initially, GOT[namen_index] is filled with the address of the ENDBR instruction of the corresponding entry in the first PLT section. The function, namen, is called via the ENDBR instruction in the second PLT entry. GOT[namen_index] is updated to the actual address of the function, namen, at run-time. 2 linker command line options are added: 1. -z ibtplt: Generate IBT-enabled PLT. 2. -z ibt: Generate GNU_PROPERTY_X86_FEATURE_1_IBT in GNU program properties as well as IBT-enabled PLT. bfd/ * elf32-i386.c (elf_i386_lazy_ibt_plt0_entry): New. (elf_i386_lazy_ibt_plt_entry): Likewise. (elf_i386_pic_lazy_ibt_plt0_entry): Likewise. (elf_i386_non_lazy_ibt_plt_entry): Likewise. (elf_i386_pic_non_lazy_ibt_plt_entry): Likewise. (elf_i386_eh_frame_lazy_ibt_plt): Likewise. (elf_i386_lazy_plt_layout): Likewise. (elf_i386_non_lazy_plt_layout): Likewise. (elf_i386_link_hash_entry): Add plt_second. (elf_i386_link_hash_table): Add plt_second and plt_second_eh_frame. (elf_i386_allocate_dynrelocs): Use the second PLT if needed. (elf_i386_size_dynamic_sections): Use .plt.got unwind info for the second PLT. Check the second PLT. (elf_i386_relocate_section): Use the second PLT to resolve PLT reference if needed. (elf_i386_finish_dynamic_symbol): Fill and use the second PLT if needed. (elf_i386_finish_dynamic_sections): Set sh_entsize on the second PLT. Generate unwind info for the second PLT. (elf_i386_plt_type): Add plt_second. (elf_i386_get_synthetic_symtab): Support the second PLT. (elf_i386_parse_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. (elf_i386_merge_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT (elf_i386_link_setup_gnu_properties): If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT. Use IBT-enabled PLT for info->ibtplt, info->ibt or GNU_PROPERTY_X86_FEATURE_1_IBT is set on all relocatable inputs. * elf64-x86-64.c (elf_x86_64_lazy_ibt_plt_entry): New. (elf_x32_lazy_ibt_plt_entry): Likewise. (elf_x86_64_non_lazy_ibt_plt_entry): Likewise. (elf_x32_non_lazy_ibt_plt_entry): Likewise. (elf_x86_64_eh_frame_lazy_ibt_plt): Likewise. (elf_x32_eh_frame_lazy_ibt_plt): Likewise. (elf_x86_64_lazy_ibt_plt): Likewise. (elf_x32_lazy_ibt_plt): Likewise. (elf_x86_64_non_lazy_ibt_plt): Likewise. (elf_x32_non_lazy_ibt_plt): Likewise. (elf_x86_64_get_synthetic_symtab): Support the second PLT. (elf_x86_64_parse_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. (elf_x86_64_merge_gnu_properties): Support GNU_PROPERTY_X86_FEATURE_1_AND. If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT (elf_x86_64_link_setup_gnu_properties): If info->ibt is set, turn on GNU_PROPERTY_X86_FEATURE_1_IBT. Use IBT-enabled PLT for info->ibtplt, info->ibt or GNU_PROPERTY_X86_FEATURE_1_IBT is set on all relocatable inputs. binutils/ * readelf.c (decode_x86_feature): New. (print_gnu_property_note): Call decode_x86_feature on GNU_PROPERTY_X86_FEATURE_1_AND. * testsuite/binutils-all/i386/empty.d: New file. * testsuite/binutils-all/i386/empty.s: Likewise. * testsuite/binutils-all/i386/ibt.d: Likewise. * testsuite/binutils-all/i386/ibt.s: Likewise. * testsuite/binutils-all/x86-64/empty-x32.d: Likewise. * testsuite/binutils-all/x86-64/empty.d: Likewise. * testsuite/binutils-all/x86-64/empty.s: Likewise. * testsuite/binutils-all/x86-64/ibt-x32.d: Likewise. * testsuite/binutils-all/x86-64/ibt.d: Likewise. * testsuite/binutils-all/x86-64/ibt.s: Likewise. include/ * bfdlink.h (bfd_link_info): Add ibtplt and ibt. * elf/common.h (GNU_PROPERTY_X86_FEATURE_1_AND): New. (GNU_PROPERTY_X86_FEATURE_1_IBT): Likewise. ld/ * Makefile.am (ELF_X86_DEPS): Add $(srcdir)/emulparams/cet.sh. * Makefile.in: Regenerated. * NEWS: Mention GNU_PROPERTY_X86_FEATURE_1_IBT, -z ibtplt and -z ibt. * emulparams/cet.sh: New file. * testsuite/ld-i386/ibt-plt-1.d: Likewise. * testsuite/ld-i386/ibt-plt-1.s: Likewise. * testsuite/ld-i386/ibt-plt-2.s: Likewise. * testsuite/ld-i386/ibt-plt-2a.d: Likewise. * testsuite/ld-i386/ibt-plt-2b.d: Likewise. * testsuite/ld-i386/ibt-plt-2c.d: Likewise. * testsuite/ld-i386/ibt-plt-2d.d: Likewise. * testsuite/ld-i386/ibt-plt-3.s: Likewise. * testsuite/ld-i386/ibt-plt-3a.d: Likewise. * testsuite/ld-i386/ibt-plt-3b.d: Likewise. * testsuite/ld-i386/ibt-plt-3c.d: Likewise. * testsuite/ld-i386/ibt-plt-3d.d: Likewise. * testsuite/ld-i386/plt-main-ibt.dd: Likewise. * testsuite/ld-i386/plt-pie-ibt.dd: Likewise. * testsuite/ld-i386/property-x86-empty.s: Likewise. * testsuite/ld-i386/property-x86-ibt.s: Likewise. * testsuite/ld-i386/property-x86-ibt1a.d: Likewise. * testsuite/ld-i386/property-x86-ibt1b.d: Likewise. * testsuite/ld-i386/property-x86-ibt2.d: Likewise. * testsuite/ld-i386/property-x86-ibt3a.d: Likewise. * testsuite/ld-i386/property-x86-ibt3b.d: Likewise. * testsuite/ld-i386/property-x86-ibt4.d: Likewise. * testsuite/ld-i386/property-x86-ibt5.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1.d: Likewise. * testsuite/ld-x86-64/ibt-plt-1.s: Likewise. * testsuite/ld-x86-64/ibt-plt-2.s: Likewise. * testsuite/ld-x86-64/ibt-plt-2a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2b-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2b.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2c.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2d-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-2d.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3.s: Likewise. * testsuite/ld-x86-64/ibt-plt-3a-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3a.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3b-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3b.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3c.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3d-x32.d: Likewise. * testsuite/ld-x86-64/ibt-plt-3d.d: Likewise. * testsuite/ld-x86-64/plt-main-ibt-now.rd: Likewise. * testsuite/ld-x86-64/plt-main-ibt-x32.dd: Likewise. * testsuite/ld-x86-64/plt-main-ibt.dd: Likewise. * testsuite/ld-x86-64/property-x86-empty.s: Likewise. * testsuite/ld-x86-64/property-x86-ibt.s: Likewise. * testsuite/ld-x86-64/property-x86-ibt1a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1a.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt1b.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt2-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt2.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3a.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt3b.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt4-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt4.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt5-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-ibt5.d: Likewise. * emulparams/elf32_x86_64.sh: Source emulparams/cet.sh. (TINY_READONLY_SECTION): Add .plt.sec. * emulparams/elf_i386.sh: Likewise. * emulparams/elf_x86_64.sh: Source emulparams/cet.sh. * ld.texinfo: Document -z ibtplt and -z ibt. * testsuite/ld-i386/i386.exp: Run IBT and IBT PLT tests. * testsuite/ld-x86-64/x86-64.exp: Likewise. * testsuite/ld-x86-64/pr21481b.S (check): Updated for x32.
2017-06-22 20:44:37 +08:00
#objdump: -dw
.*: +file format .*
Disassembly of section .plt:
0+250 <.plt>:
+[a-f0-9]+: ff 35 ca 01 20 00 pushq 0x2001ca\(%rip\) # 200420 <_GLOBAL_OFFSET_TABLE_\+0x8>
+[a-f0-9]+: f2 ff 25 cb 01 20 00 bnd jmpq \*0x2001cb\(%rip\) # 200428 <_GLOBAL_OFFSET_TABLE_\+0x10>
+[a-f0-9]+: 0f 1f 00 nopl \(%rax\)
+[a-f0-9]+: f3 0f 1e fa endbr64
+[a-f0-9]+: 68 00 00 00 00 pushq \$0x0
+[a-f0-9]+: f2 e9 e1 ff ff ff bnd jmpq 250 <.plt>
+[a-f0-9]+: 90 nop
+[a-f0-9]+: f3 0f 1e fa endbr64
+[a-f0-9]+: 68 01 00 00 00 pushq \$0x1
+[a-f0-9]+: f2 e9 d1 ff ff ff bnd jmpq 250 <.plt>
+[a-f0-9]+: 90 nop
Disassembly of section .plt.sec:
0+280 <bar1@plt>:
+[a-f0-9]+: f3 0f 1e fa endbr64
+[a-f0-9]+: f2 ff 25 a5 01 20 00 bnd jmpq \*0x2001a5\(%rip\) # 200430 <bar1>
+[a-f0-9]+: 0f 1f 44 00 00 nopl 0x0\(%rax,%rax,1\)
0+290 <bar2@plt>:
+[a-f0-9]+: f3 0f 1e fa endbr64
+[a-f0-9]+: f2 ff 25 9d 01 20 00 bnd jmpq \*0x20019d\(%rip\) # 200438 <bar2>
+[a-f0-9]+: 0f 1f 44 00 00 nopl 0x0\(%rax,%rax,1\)
Disassembly of section .text:
0+2a0 <foo>:
+[a-f0-9]+: 48 83 ec 08 sub \$0x8,%rsp
+[a-f0-9]+: e8 e7 ff ff ff callq 290 <bar2@plt>
+[a-f0-9]+: 48 83 c4 08 add \$0x8,%rsp
+[a-f0-9]+: e9 ce ff ff ff jmpq 280 <bar1@plt>
#pass