git.ipfire.org Git - thirdparty/glibc.git/commit

author	Szabolcs Nagy <szabolcs.nagy@arm.com>
	Mon, 17 Jul 2023 07:31:05 +0000 (08:31 +0100)
committer	Yury Khrustalev <yury.khrustalev@arm.com>
	Mon, 20 Jan 2025 09:31:33 +0000 (09:31 +0000)
commit	9ad3d9267d1e0ddda264e54cd4176fa927e2e0ca
tree	0b416a4cd414fce3f2983f95ed6ba0159286c61a	tree
parent	3ac237fb716b86ba7967edb84eb85d15364aaebc	commit \| diff

aarch64: Add glibc.cpu.aarch64_gcs tunable

This tunable controls Guarded Control Stack (GCS) for the process.

0 = disabled: do not enable GCS
1 = enforced: check markings and fail if any binary is not marked
2 = optional: check markings but keep GCS off if a binary is unmarked
3 = override: enable GCS, markings are ignored

By default it is 0, so GCS is disabled, value 1 will enable GCS.

The status is stored into GL(dl_aarch64_gcs) early and only applied
later, since enabling GCS is tricky: it must happen on a top level
stack frame. Using GL instead of GLRO because it may need updates
depending on loaded libraries that happen after readonly protection
is applied, however library marking based GCS setting is not yet
implemented.

Describe new tunable in the manual.

Co-authored-by: Yury Khrustalev <yury.khrustalev@arm.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

manual/tunables.texi		diff \| blob \| blame \| history
sysdeps/aarch64/dl-tunables.list		diff \| blob \| blame \| history
sysdeps/unix/sysv/linux/aarch64/cpu-features.c		diff \| blob \| blame \| history
sysdeps/unix/sysv/linux/aarch64/dl-procruntime.c	[new file with mode: 0644]	blob