From patchwork Fri Mar 14 13:21:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Cupertino Miranda X-Patchwork-Id: 107895 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 7706A385770E for ; Fri, 14 Mar 2025 13:23:20 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7706A385770E Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256 header.s=corp-2023-11-20 header.b=FngJkas4; dkim=pass (1024-bit key, unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com header.b=ToKn4m9D X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by sourceware.org (Postfix) with ESMTPS id 94D3B3857B98 for ; Fri, 14 Mar 2025 13:22:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 94D3B3857B98 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=oracle.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=oracle.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 94D3B3857B98 Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=205.220.177.32 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1741958524; cv=pass; b=kuUlwshlwtWlT+gf7rG4LJuigr3yit6B1Kdg/XoWfigkmN2Xx7eqWeNpXBAMC/DE6xfx+lUu5bV9EfFjfgcrKsE2F37sJ5/9KnOkZqjr0snh0tJlvdRbH7zVl+svgMdVPDbWS0qPVMl2E99ZwgjXzEQAeTP1qAJS9yCeu1GIeFw= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1741958524; c=relaxed/simple; bh=aQTpQJzKxh3+GBHBvzp9sQ4uMmRJwVHAjFYdDAoJyfA=; h=DKIM-Signature:DKIM-Signature:From:To:Subject:Date:Message-Id: MIME-Version; b=D9kDH3O96bMiecKoIzH5h6xZ/rU333m7zHF7NcimfpsqOLfpFOSFq6ZS/APoqyvmZRIeXMglCEeiS5rHYQ6toyF0VhGpXm25QrNZXpBymhWtHB4DSuaqXMbzJS6xWtOvnq7lLMrGrolexjWwktgIRxr3d0g8+Dvwk8gnNr7JmLg= ARC-Authentication-Results: i=2; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 94D3B3857B98 Received: from pps.filterd (m0246632.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 52EBm7A6010541; Fri, 14 Mar 2025 13:22:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s= corp-2023-11-20; bh=kVBLJrGlpmpeuTTfm5eef2+//rpQufF2nayZ4MGiPRs=; b= FngJkas4TKwlOzIavSeAjzUTfqmWytilPoyJTf9yBg4hWzVdh6s6MfsK68KQmFsL zLmbsZ1LIsW1Q+hkd0tXgt0PlprcWezRG4FVz4SGGZ32w5Apem+1G/T0tC/Ho9Tl ZnR+641DuVTm5DR99NZ95dHPwRfV0QqTZpWvqi2jHo8/8Px21n74ggOr9cPj2VSC lSUBp6eJvVYv8e2CwkrX/XZqDYQ/ypPBgMV8INY9286z24+rgSCWAiD6/A26ywr3 XRn6Ucn38qrcOBRzW2nTolcIZn225YAB/+dxt3Jaoy0TeWqi3nKL0VKAhk5qHnB9 PvUnZ/IHkm/GaZB+Nhl1SQ== Received: from iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (iadpaimrmta01.appoci.oracle.com [130.35.100.223]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 45au4h6cxy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 14 Mar 2025 13:22:00 +0000 (GMT) Received: from pps.filterd (iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (8.18.1.2/8.18.1.2) with ESMTP id 52EC0ROK012138; Fri, 14 Mar 2025 13:22:00 GMT Received: from nam10-bn7-obe.outbound.protection.outlook.com (mail-bn7nam10lp2049.outbound.protection.outlook.com [104.47.70.49]) by iadpaimrmta01.imrmtpd1.prodappiadaev1.oraclevcn.com (PPS) with ESMTPS id 45atn423dg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 14 Mar 2025 13:22:00 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cUr8h6uUTtwnvs9PINFI+9BzcNgP5MI9FNvPhYEX047BHj8WbP/w0d028Bly2C6LcftoWmsDx5YvoLRbe4S++dAAHR3/tfQbQL0V3HcYGQMkiHCAjJPgrfWMF2ZZqE9GXA+ndTq1+mzD2+4zZTzgFdQOYNPR8XfAlKTUfpoq2GucS6cCzD07/ZvDPGQkLQF5Q0i+DlVryJO2/tzGgMfCtNLqLW6hrMlxA7V74StNzX1GpTJno6faFuzqKPi3Jl3fuFkVdF/+v6tTYQRxeaUQI7g0mZR5Q5BZ+jl3HfYgung6Cy2ilF213WBiYGQCMLqK6Xnw5skJne/cd2bLNsUfvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kVBLJrGlpmpeuTTfm5eef2+//rpQufF2nayZ4MGiPRs=; b=nXVMSS17PbOHlfXAu8TPN9yvGhn0AxTwGvE82trFXPH/9/JvJGLMj+dwHaIWTI8Pp4DK/Abby4n1588hb496D/Ayim0Oho5BkYurbsiSGsYCJQTX0FrXT3qjvYN6s56duv6E9jf5w6ddqm4zrVphG5wHKtO+8HU/Q6se48NAM9sRXHMmQKZxc4abAJNuSLfsWFSxkcPkdFwqwqxZLeqk38ibo/DgBCLNtUNJ/O9kRhFT0lCJTB1lOMv71brJtntxPZGObNGJS4IHPcGMmsSroZoHdazeTNESqZ3Ru3rGfYxwrOmIrf2ZEZpvHhOIvspWY3uyzMBjKrWy2Dqsq95q4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVBLJrGlpmpeuTTfm5eef2+//rpQufF2nayZ4MGiPRs=; b=ToKn4m9DaioJXz9zfcQ5sdD8IJyZdhYpnQoBkRQJcbgfXNKJWnoEwCmKqn6sQYxOA8RUiP8k2uegN8eM1iZCIq3o5dPidsIJtZFM7iQj1daq5r9Zko6DDxwD9m/x03zUyM+Bjof082hd6TABHVfW40+F/2aN+flzP9N/qg8TnOk= Received: from MN2PR10MB4382.namprd10.prod.outlook.com (2603:10b6:208:1d7::13) by CYYPR10MB7676.namprd10.prod.outlook.com (2603:10b6:930:bd::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8511.27; Fri, 14 Mar 2025 13:21:58 +0000 Received: from MN2PR10MB4382.namprd10.prod.outlook.com ([fe80::5033:84a3:f348:fefb]) by MN2PR10MB4382.namprd10.prod.outlook.com ([fe80::5033:84a3:f348:fefb%4]) with mapi id 15.20.8511.031; Fri, 14 Mar 2025 13:21:58 +0000 From: Cupertino Miranda To: libc-alpha@sourceware.org Cc: jose.marchesi@oracle.com, elena.zannoni@oracle.com, richard.sandiford@arm.com, Cupertino Miranda Subject: [PATCH 1/2] rtld: Enable MTE for stack when specified in .dynamic. Date: Fri, 14 Mar 2025 13:21:41 +0000 Message-Id: <20250314132142.49243-2-cupertino.miranda@oracle.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20250314132142.49243-1-cupertino.miranda@oracle.com> References: <20250314132142.49243-1-cupertino.miranda@oracle.com> X-ClientProxiedBy: LO3P265CA0012.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:bb::17) To MN2PR10MB4382.namprd10.prod.outlook.com (2603:10b6:208:1d7::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN2PR10MB4382:EE_|CYYPR10MB7676:EE_ X-MS-Office365-Filtering-Correlation-Id: 2030799c-c535-4ff6-0439-08dd62fb32a5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|366016|1800799024|376014|13003099007; X-Microsoft-Antispam-Message-Info: Ur9Wxx0SKQdYwz5n4Eas4v8Xy5T8Iq0YrgTlqwQODSdIV9YmyOs7O4I+LjhiFx0EVw5P1NjyVhE/KfYcWnHv1N+G0qJVXQwoAvR52HgVTvTg9+OWtJAWOZ3IhWMbPuyOOZqpqRffh61m76RDO/t/AEWdEWDb2xtA15nEuzQYkBud515gzgb+UZyBctSNSsR3toC2nRRdc/5pEOsUMck+SOrcglVer1d+H248EMh4uinVBG8TjdhhlqhItoFVfVLXNnfsKzpthu38nIEWgvJnxBe09OrSIGv79R+WuT1s8DJVXpDr7wYXKFj2nbIeXmeAV9MdmwpIX6nIFJdEy0n6hCvI1XP8gBD2Mbj6OiYQybPpEFdIR4BcH/wgju/44zp6ld9G53Tzj+i5R8nAAQOHh4lup1A7CtNjoR/OiU0ObJJhY3uY5Z1zKeVLfeFBdDtfnKNik/2kBEko3PvjFqtZyZVNZE2ATBtBxyObKV5Ctvto0uDiqoH3M6WFTU1LK4cjPk7gBVkLoViwDIQw1hr1JkIyMe7iYqgw+76vFClGKsVA8v2sURu9jThLjJPO/DOeem/cCwTaYQdcjbMAcdF+BUFYtYzfcCNF5q3D0c3LUHVmiGFmTZrWyKd6Tb2XAbzaKYKKLCL+2GbgpAZwhL/HE5puz/cKIltHO/5Z19d6UF1I0r3+EgAKcmeCskZXj3Tz5UWKHOjSVRXGKUq41zIHVR2QzAuWd/7Un/m2AKoCD/9504T+g4hHQfSUKQatXoD2J+gfSglk9ziELiFmmvVdbN9FTc0SziOMguijd0Fo1DradayCgWQPvLD+r9CgW5UPZDeN15az6CBwPbN7ECqCcvDbm8p+MDRYm1ZWJf/AGvoNFqT2GE2SoQ7AvURBusOxRwfk+idfx0r8nbuGZpPbhCwV2oQ51OkRKEo0KR/x9DwogrRyfOie49h/pX9VavtamVpEDhuTXRW6uB162U3+39taj9gbIzzBUNAIJenaAdVj1Qpc6HFv6IbVEqObzTCKsVjYRDnsLJ1sTU33aVbQSblaQYPLdzfhTRhhH70BrCgRSJoinCg/5Fba4Fv+FRZvGe481/pQr//6YF97vFHpSWRXmmAx3+L3+HiA48VCIlHX+aSoI3dtAII/pPOQUmi7FoWn60PNudbSXJsA3E8Vdwz+aCuCyU/YhX83j9Sl0XFh1CJrUI4wT+X2iBCu3hOzyigamoCBRwpvukgU7tSoToQhjOZJQ8zaVN+EzwBg4zsWSfaokNAUp0M6zDGmDrHSu60t92YdP+V2x6X5/P9uMveV9hqYXcVCyyzDWuGydXCMSwncjQD/cfh3f5gZGvbysyqqUnYbwUTB6uBzBzKFz8UyOzwxWnv9iuq4GuVvWdIAcn1cJwh8S8+1A/h9g8ESwETOjgfTqzR04rlDZ0mm0w== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR10MB4382.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230040)(366016)(1800799024)(376014)(13003099007); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Ghdsxb5VxvR7cltKmif5QnqBgqTaikgcXNFtUblVV0cGn7RekVbhbmOqU38Z/gdoplEhZObr+Q8Q6zu1J14wnCstG2kPq4XcBaKsM8l6cDWZQk+96r9B+Ly1Rv6x02YCJBmedseUkYAWAIG3NzgQtUNehDvcjvwFXJkSpIOj+UhC5mIeWs7udDHTySEjZFxZLAdUBqL4MnRmLXvLdm0jS9FO9oqKHWpwqpTUKTz6HVB4Ajd5kYtB7At2D71uHqh8NsY9Uf6qYEX9zVhhRHieL9ZE6zmozmFDF5ZJx17T08S0Lv4hQvzXezeIh89EwsLSK57y+Xr3JPcDBC9nTTLBq3o1DSBoTxEdotwgv1zZqB7yoebAOjzn3MMPqIdFvHySWAuRb3OQJGw7aVmAU4i/nsgn+cp+kh26fd/MNOACcZhlzkptZDb32zZNTm43AYqz/fBo5mFfgPivACEnwwA5sGNBKwXdvbvclSqrF808vWgD5VleM++7VEZ9C1H58t4ndDOZy2+1/hRAUyOmvR2ddMfifstvBgP90xZhB4tzO1Io8OtUjWjFH7Mbs5r30Qfw2VXu7UDHnyaPUZxyHU9Xbm9IZ7WsD0v+JH+6D9J162fZbTiEJPlw9DkMRTZkLcTGvUTFX9w0spPSmc6/jyxv2mmfz5TmdWF69PbfQrD9Y84Boc8HSVEeMYTjga1gEKlWGLatKFdzY2w/Y0wbrQsz/blChkOs6dNlOcavX/n1fSaU8shmfK5tRNfrX/9g/5Z5RN1TU7DCijQ0zTuMsQi82hULizFafT9Sj4FF4Gj8IPYQxD7G6lXOgZ1tQaXsZGIT7WzsMNykJKXXrOUO2uoV9MVoX9aFuAdmMXrBSHcr4c3hv4sqXUGZo7wObJJPe5Zn7SMyP8PhlZBehgl++tl0wkBLJzksJrkO0POsuQge/cDoB6cgUwc1fNL3qxO6+CuEq5aV9VD0afwJEoZ4rJUpc2nTgarxXJFA6CDiSU/VJtUBAPOYJJZOve69BRZ1OuzhzRezQTbcHFpZcVjq7WzmE3pofnIcr3sDeobwKWQBRW1mIhyoQkJ4E39VPRO3YgizxKwNUu8nmJdJHIlZM5zPZwsgP+lCWPmMlhc0sVGjenAjXDglOO0SRajntkPrz3bVv6cAb/L2o9oTmQuQO87amuwqOCYgP+MAmFfwoPgb/zRnSpK+sGM906vAtmqS4C/Ha5RS9yjspNeu+XKs/M1hd4HUZ4YxYBszajAMgvwAXrUSsBBYFuZVpzQkEfPgeHaeG+/1iGLPC/gc3B/QGZwEL4KZB6azyKY7XbM4GtC06A9fDbFI+0O4Yc6lLbfvaVo2PWaoWLptE1APrB1s+YO+KC75V0G6qrRiOiWV7K1Zpnlrm4s4q/SAY2QgdntbbJAsMp9ArDQzOCJjEBkhdxQuhg14f0bniCci2Wvg6nQvoNfy/i0+pEDDX3pB8e4NFiGpoJcZIstxuuPXD6R8S78z59da7vQJqHOcXwMVqefdmuactU7/X2aqIhXLY3v2LxzBr+KkbS22hJKkx8QAfQT8r6Sf4e14Mve7LDeCi+/zFVVzEBG0BX84kfb1TG14E17cq2mhj4MvIa2Lpi7ysAK0Nw== X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: 2/f5yQ4uLf35h0O4N51bS2CohmvyvqRAawgnjCS1v2xv1xfsnukpUJ3nXSNcR50f+tHIBA+V7t6dxeV0POT+rQ6KmwRy767p9uH/zvewY2NMQDpLE0tYovYPf8MDvpJSeNU9i+0yax9YG3ETD+flKBruIGQ48Hk9h1EgVLMwQ+KVBS14Ws3OOJ7IreQIjBcLUZf/qNyraWam85HM1xaVgqRuJCYzKr7lf3I6bMzLGjxwU5Zd5t4QWjj4jZh9Ef8Eci0p2FunVosdjcF+WuiXrCcYhlkTUG4LqDv7KY9uMUxozI0Fb7p167FWn8u8EUgqQ1nsH06fDLpm4oweo6yBs00Z8PK91IZElSviQB/pMvC72IXUGhkfk+jRwYYkDheDvLa/Fatb04K8ToGIaTRp+4EnwTkNViok8hYacEKR/sLsgVglCdMIFMIwGmXkM2wRWgr/wY3FO8ACqK3pydoP+RR6CwoMJStJ0z/oSoQJNlwLrTzuQMSaO38Kzuk7DKmZJ7vJQvxmO34w4dUOtB61jEWkTVQ62lvkhRcL1Vh0zaGSpNuNQWywBQM27BfWSlnIbjhBW4Rr4zaC/StL6EvMP5IJQ8G2xolGgSPQ+O7IvDQ= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2030799c-c535-4ff6-0439-08dd62fb32a5 X-MS-Exchange-CrossTenant-AuthSource: MN2PR10MB4382.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Mar 2025 13:21:58.5524 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rnoojTsVxzzUBuaNj5Atfqmp4rxIx1JSUOAvwTRxMpPO5gWpCRKV4BRUu/YMyA0WPb/9pnhPzqM1bPm1Af1beQVmaFFqpELvbAzzHw+Ib0U= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR10MB7676 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1093,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-03-14_05,2025-03-13_01,2024-11-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 phishscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 malwarescore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2502280000 definitions=main-2503140105 X-Proofpoint-ORIG-GUID: rHuti35GUyWJHnsnvEN-9ZOO6SU0OdJg X-Proofpoint-GUID: rHuti35GUyWJHnsnvEN-9ZOO6SU0OdJg X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org MTE stack tagging enabled executables are flagged by setting the dynamic array tag DT_AARCH64_MEMTAG_STACK as described in section 6 from: https://github.com/ARM-software/abi-aa/blob/main/memtagabielf64/memtagabielf64.rst Also the mode in which MTE would react to MTE faults is set by the tag DT_AARCH64_MEMTAG_MODE. This patch verifies for the presence of those tags in the dynamic array and performs mprotect on the main application stack map with the extra PROT_MTE flag. --- elf/dl-mte-stack.c | 27 +++++++ elf/elf.h | 8 +- sysdeps/aarch64/Makefile | 3 +- sysdeps/aarch64/cpu-features.h | 15 ++++ sysdeps/aarch64/dl-mte.c | 50 +++++++++++++ sysdeps/aarch64/dl-prop.h | 4 + sysdeps/unix/sysv/linux/aarch64/Makefile | 5 ++ .../unix/sysv/linux/aarch64/dl-mte-stack.c | 74 +++++++++++++++++++ 8 files changed, 184 insertions(+), 2 deletions(-) create mode 100644 elf/dl-mte-stack.c create mode 100644 sysdeps/aarch64/dl-mte.c create mode 100644 sysdeps/unix/sysv/linux/aarch64/dl-mte-stack.c diff --git a/elf/dl-mte-stack.c b/elf/dl-mte-stack.c new file mode 100644 index 0000000000..f0063b54a0 --- /dev/null +++ b/elf/dl-mte-stack.c @@ -0,0 +1,27 @@ +/* Stack memory tagging support. Stub version. + Copyright (C) 2003-2025 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include + +void +_dl_mte_stack_protect (void *stack_end) +{ + return ENOSYS; +} +rtld_hidden_def (_dl_mte_stack_protect) diff --git a/elf/elf.h b/elf/elf.h index 96df2eec01..daf0e52b15 100644 --- a/elf/elf.h +++ b/elf/elf.h @@ -1392,6 +1392,7 @@ typedef struct #define GNU_PROPERTY_AARCH64_FEATURE_1_BTI (1U << 0) #define GNU_PROPERTY_AARCH64_FEATURE_1_PAC (1U << 1) #define GNU_PROPERTY_AARCH64_FEATURE_1_GCS (1U << 2) +#define GNU_PROPERTY_AARCH64_FEATURE_1_MTE_STACK (1U << 3) /* The x86 instruction sets indicated by the corresponding bits are used in program. Their support in the hardware is optional. */ @@ -3049,7 +3050,12 @@ enum #define DT_AARCH64_BTI_PLT (DT_LOPROC + 1) #define DT_AARCH64_PAC_PLT (DT_LOPROC + 3) #define DT_AARCH64_VARIANT_PCS (DT_LOPROC + 5) -#define DT_AARCH64_NUM 6 +#define DT_AARCH64_MEMTAG_MODE (DT_LOPROC + 9) +#define DT_AARCH64_MEMTAG_HEAP (DT_LOPROC + 11) +#define DT_AARCH64_MEMTAG_STACK (DT_LOPROC + 12) +#define DT_AARCH64_MEMTAG_GLOBALS (DT_LOPROC + 13) +#define DT_AARCH64_MEMTAG_GLOBALSSZ (DT_LOPROC + 15) +#define DT_AARCH64_NUM 16 /* AArch64 specific values for the st_other field. */ #define STO_AARCH64_VARIANT_PCS 0x80 diff --git a/sysdeps/aarch64/Makefile b/sysdeps/aarch64/Makefile index 4b7f8a5c07..f93ef636ac 100644 --- a/sysdeps/aarch64/Makefile +++ b/sysdeps/aarch64/Makefile @@ -11,7 +11,8 @@ endif ifeq ($(subdir),elf) sysdep-dl-routines += \ dl-bti \ - dl-gcs + dl-gcs \ + dl-mte tests += tst-audit26 \ tst-audit27 diff --git a/sysdeps/aarch64/cpu-features.h b/sysdeps/aarch64/cpu-features.h index ef4e947e8c..0761549718 100644 --- a/sysdeps/aarch64/cpu-features.h +++ b/sysdeps/aarch64/cpu-features.h @@ -66,4 +66,19 @@ struct cpu_features bool mops; }; +#define ARCH_MTE_MODE_SYNC (1 << 1) +#define ARCH_MTE_MODE_ASYNC (1 << 2) +#define AARCH64_CPU_FEATURE_MTE_STATE_STACK (1 << 3) + +#define AARCH64_CPU_FEATURE_MTE_STATE_MODE_MASK (0x3) + +#define AARCH64_CPU_FEATURE_MTE_STATE_MODE_MASK (0x3) +#define AARCH64_CPU_FEATURE_MTE_STATE_MODE_ASYNC (1) +#define AARCH64_CPU_FEATURE_MTE_STATE_MODE_SYNC (1 << 1) + + +#ifndef ARCH_INIT_MEMORY_STACK_TAGGING +#define ARCH_INIT_MEMORY_STACK_TAGGING _dl_mte_stack_protect +#endif + #endif /* _CPU_FEATURES_AARCH64_H */ diff --git a/sysdeps/aarch64/dl-mte.c b/sysdeps/aarch64/dl-mte.c new file mode 100644 index 0000000000..30740d1eca --- /dev/null +++ b/sysdeps/aarch64/dl-mte.c @@ -0,0 +1,50 @@ +/* AArch64 MTE Stack functions. + Copyright (C) 2020-2025 Free Software Foundation, Inc. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +extern void +_dl_mte_stack_protect (void *stack_end); + +void +_dl_mte_stack_check (struct link_map *l, const char *program) +{ + /* TODO: Replace the dynamic info by gnu.property entry. */ + ElfW(Dyn) *d; + for (d = l->l_ld; d->d_tag != DT_NULL; ++d) + { + if (d->d_tag == DT_AARCH64_MEMTAG_STACK) + GLRO(dl_aarch64_cpu_features).mte_state |= AARCH64_CPU_FEATURE_MTE_STATE_STACK; + if (d->d_tag == DT_AARCH64_MEMTAG_MODE) + { + if (d->d_un.d_val == 1) + { + GLRO(dl_aarch64_cpu_features).mte_state &= ~AARCH64_CPU_FEATURE_MTE_STATE_MODE_MASK; + GLRO(dl_aarch64_cpu_features).mte_state |= AARCH64_CPU_FEATURE_MTE_STATE_MODE_ASYNC; + } + else + { + GLRO(dl_aarch64_cpu_features).mte_state &= ~AARCH64_CPU_FEATURE_MTE_STATE_MODE_MASK; + GLRO(dl_aarch64_cpu_features).mte_state |= AARCH64_CPU_FEATURE_MTE_STATE_MODE_ASYNC; + } + } + } + + _dl_mte_stack_protect (__libc_stack_end); +} diff --git a/sysdeps/aarch64/dl-prop.h b/sysdeps/aarch64/dl-prop.h index abca2be7fa..66b05c1b75 100644 --- a/sysdeps/aarch64/dl-prop.h +++ b/sysdeps/aarch64/dl-prop.h @@ -27,11 +27,15 @@ extern void _dl_bti_check (struct link_map *, const char *) extern void _dl_gcs_check (struct link_map *, const char *) attribute_hidden; +extern void _dl_mte_stack_check (struct link_map *, const char *) + attribute_hidden; + static inline void __attribute__ ((always_inline)) _rtld_main_check (struct link_map *m, const char *program) { _dl_bti_check (m, program); _dl_gcs_check (m, program); + _dl_mte_stack_check (m, program); } static inline void __attribute__ ((always_inline)) diff --git a/sysdeps/unix/sysv/linux/aarch64/Makefile b/sysdeps/unix/sysv/linux/aarch64/Makefile index 1fdad67fae..8fb0e65b2a 100644 --- a/sysdeps/unix/sysv/linux/aarch64/Makefile +++ b/sysdeps/unix/sysv/linux/aarch64/Makefile @@ -5,6 +5,11 @@ tests += \ # tests endif +ifeq ($(subdir),elf) +sysdep-dl-routines += \ + dl-mte-stack +endif + ifeq ($(subdir),stdlib) gen-as-const-headers += ucontext_i.sym endif diff --git a/sysdeps/unix/sysv/linux/aarch64/dl-mte-stack.c b/sysdeps/unix/sysv/linux/aarch64/dl-mte-stack.c new file mode 100644 index 0000000000..a4bc82c99b --- /dev/null +++ b/sysdeps/unix/sysv/linux/aarch64/dl-mte-stack.c @@ -0,0 +1,74 @@ +/* Memory tagging handling for GNU dynamic linker. Stub version. + Copyright (C) 2003-2025 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +#define MTE_ALLOWED_TAGS (0xfffe << PR_MTE_TAG_SHIFT) + +static int +_dl_mte_mode (void) +{ + if (GLRO(dl_aarch64_cpu_features).mte_state & AARCH64_CPU_FEATURE_MTE_STATE_MODE_SYNC) + __prctl (PR_SET_TAGGED_ADDR_CTRL, + (PR_TAGGED_ADDR_ENABLE | PR_MTE_TCF_SYNC | MTE_ALLOWED_TAGS), + 0, 0, 0); + else if (GLRO(dl_aarch64_cpu_features).mte_state & AARCH64_CPU_FEATURE_MTE_STATE_MODE_ASYNC) + __prctl (PR_SET_TAGGED_ADDR_CTRL, + (PR_TAGGED_ADDR_ENABLE | PR_MTE_TCF_ASYNC | MTE_ALLOWED_TAGS), + 0, 0, 0); + + return ((GLRO(dl_aarch64_cpu_features).mte_state & AARCH64_CPU_FEATURE_MTE_STATE_MODE_MASK) != 0); +} + +void +_dl_mte_stack_protect (void *stack_end) +{ + if ((GLRO(dl_aarch64_cpu_features).mte_state & AARCH64_CPU_FEATURE_MTE_STATE_STACK) == 0 + || !_dl_mte_mode ()) + return; + + int errval = 0; + uintptr_t page = ((uintptr_t) stack_end + & -(intptr_t) GLRO(dl_pagesize)); + + if (__mprotect ((void *) page, GLRO(dl_pagesize), + PROT_READ | PROT_WRITE | PROT_MTE + | (GL(dl_stack_flags) & PF_X ? PROT_EXEC : 0) +#if _STACK_GROWS_DOWN + | PROT_GROWSDOWN +#elif _STACK_GROWS_UP + | PROT_GROWSUP +#endif + ) != 0) + errval = errno; + + if (errval) + { + const char *errstring = NULL; + errstring = N_("\ +cannot set stack with PROT_MTE"); + const char *name = "MTE Stack"; + struct dl_exception exception; + _dl_exception_create (&exception, name, errstring); + _dl_signal_exception (errval, &exception, NULL); + } +} +