x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]

Update dl_cet_check() to set header.feature_1 in TCB when both IBT and SHSTK are always on. (cherry picked from commit 2ef23b5205)
2021-01-12 19:00:13 -08:00 · 2021-01-12 19:00:13 -08:00 · 36eb01dd85
parent 8b7be87aa2
commit 36eb01dd85
4 changed files with 13 additions and 1 deletions
--- a/1
+++ b/1
@ -36,6 +36,7 @@ The following bugs are resolved with this release:
  [26923] Assertion failure in iconv when converting invalid UCS4 (CVE-2020-29562)
  [26932] libc: sh: Multiple floating point functions defined as stubs only
  [27130] "rep movsb" performance issue
+  [27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't work

 Security related changes:

--- a/sysdeps/x86/Makefile
+++ b/sysdeps/x86/Makefile
@ -12,6 +12,12 @@ endif
 ifeq ($(subdir),setjmp)
 gen-as-const-headers += jmp_buf-ssp.sym
 sysdep_routines += __longjmp_cancel
+ifneq ($(enable-cet),no)
+ifneq ($(have-tunables),no)
+tests += tst-setjmp-cet
+tst-setjmp-cet-ENV = GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on
+endif
+endif
 endif

 ifeq ($(enable-cet),yes)
--- a/sysdeps/x86/dl-cet.c
+++ b/sysdeps/x86/dl-cet.c
@ -105,7 +105,11 @@ dl_cet_check (struct link_map *m, const char *program)
  /* No legacy object check if both IBT and SHSTK are always on.  */
  if (enable_ibt_type == CET_ALWAYS_ON
      && enable_shstk_type == CET_ALWAYS_ON)
-    return;
+    {
+      THREAD_SETMEM (THREAD_SELF, header.feature_1,
+		     GL(dl_x86_feature_1)[0]);
+      return;
+    }

  /* Check if IBT is enabled by kernel.  */
  bool ibt_enabled
--- a/sysdeps/x86/tst-setjmp-cet.c
+++ b/sysdeps/x86/tst-setjmp-cet.c
@ -0,0 +1 @@
+#include <setjmp/tst-setjmp.c>