x86: Rename __glibc_reserved2 to ssp_base in tcbhead_t

This will be used to record the current shadow stack base for shadow
stack switching by getcontext, makecontext, setcontext and swapcontext.
If the target shadow stack base is the same as the current shadow stack
base, we unwind the shadow stack.  Otherwise it is a stack switch and
we look for a restore token to restore the target shadow stack.

	* sysdeps/i386/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
	* sysdeps/i386/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
	with ssp_base.
	* sysdeps/x86_64/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
	* sysdeps/x86_64/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
	with ssp_base.

diff --git a/ChangeLog b/ChangeLog
index 11632507c080917a090251ddda25a52141a45f19..fb4a45bacc2c4c1a84226df3cf07fa66ab13d8ac 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2018-07-25  H.J. Lu  <hongjiu.lu@intel.com>
+
+       * sysdeps/i386/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
+       * sysdeps/i386/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
+       with ssp_base.
+       * sysdeps/x86_64/nptl/tcb-offsets.sym (SSP_BASE_OFFSET): New.
+       * sysdeps/x86_64/nptl/tls.h (tcbhead_t): Replace __glibc_reserved2
+       with ssp_base.
+
 2018-07-25  Andreas Schwab  <schwab@suse.de>
 
        [BZ #23442]

diff --git a/sysdeps/i386/nptl/tcb-offsets.sym b/sysdeps/i386/nptl/tcb-offsets.sym
index fbac241c45781b736b0a3a67f10cb7b14d34c86f..2ec9e787c1fa376ed2282c7a3a8a93061177f52b 100644 (file)
--- a/sysdeps/i386/nptl/tcb-offsets.sym
+++ b/sysdeps/i386/nptl/tcb-offsets.sym
@@ -13,3 +13,4 @@ CLEANUP_PREV          offsetof (struct _pthread_cleanup_buffer, __prev)
 MUTEX_FUTEX            offsetof (pthread_mutex_t, __data.__lock)
 POINTER_GUARD          offsetof (tcbhead_t, pointer_guard)
 FEATURE_1_OFFSET       offsetof (tcbhead_t, feature_1)
+SSP_BASE_OFFSET                offsetof (tcbhead_t, ssp_base)

diff --git a/sysdeps/i386/nptl/tls.h b/sysdeps/i386/nptl/tls.h
index 21e23cd8095b4d1c1d6bb0b25562a8d43ccc2df6..12285d32178bc609db8062078576f7e0374b34b7 100644 (file)
--- a/sysdeps/i386/nptl/tls.h
+++ b/sysdeps/i386/nptl/tls.h
@@ -49,7 +49,8 @@ typedef struct
   void *__private_tm[3];
   /* GCC split stack support.  */
   void *__private_ss;
-  void *__glibc_reserved2;
+  /* The lowest address of shadow stack,  */
+  unsigned long ssp_base;
 } tcbhead_t;
 
 /* morestack.S in libgcc uses offset 0x30 to access __private_ss,   */

diff --git a/sysdeps/x86_64/nptl/tcb-offsets.sym b/sysdeps/x86_64/nptl/tcb-offsets.sym
index 387621e88cdacef4ddc950e2b6d42b82fa83c774..ae8034743b4da2a1572546a3364aaf7dec2d4480 100644 (file)
--- a/sysdeps/x86_64/nptl/tcb-offsets.sym
+++ b/sysdeps/x86_64/nptl/tcb-offsets.sym
@@ -13,6 +13,7 @@ MULTIPLE_THREADS_OFFSET       offsetof (tcbhead_t, multiple_threads)
 POINTER_GUARD          offsetof (tcbhead_t, pointer_guard)
 VGETCPU_CACHE_OFFSET   offsetof (tcbhead_t, vgetcpu_cache)
 FEATURE_1_OFFSET       offsetof (tcbhead_t, feature_1)
+SSP_BASE_OFFSET                offsetof (tcbhead_t, ssp_base)
 
 -- Not strictly offsets, but these values are also used in the TCB.
 TCB_CANCELSTATE_BITMASK         CANCELSTATE_BITMASK

diff --git a/sysdeps/x86_64/nptl/tls.h b/sysdeps/x86_64/nptl/tls.h
index f042a0250aebc3f0d423826e149f6defbe390bd2..e88561c93412489e532af8e388a8eeb1f879b771 100644 (file)
--- a/sysdeps/x86_64/nptl/tls.h
+++ b/sysdeps/x86_64/nptl/tls.h
@@ -60,7 +60,8 @@ typedef struct
   void *__private_tm[4];
   /* GCC split stack support.  */
   void *__private_ss;
-  long int __glibc_reserved2;
+  /* The lowest address of shadow stack,  */
+  unsigned long long int ssp_base;
   /* Must be kept even if it is no longer used by glibc since programs,
      like AddressSanitizer, depend on the size of tcbhead_t.  */
   __128bits __glibc_unused2[8][4] __attribute__ ((aligned (32)));
@@ -72,10 +73,17 @@ typedef struct
 /* morestack.S in libgcc uses offset 0x40 to access __private_ss,   */
 _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x40,
                "offset of __private_ss != 0x40");
+/* NB: ssp_base used to be "long int __glibc_reserved2", which was
+   changed from 32 bits to 64 bits.  Make sure that the offset of the
+   next field, __glibc_unused2, is unchanged.  */
+_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x60,
+               "offset of __glibc_unused2 != 0x60");
 # else
 /* morestack.S in libgcc uses offset 0x70 to access __private_ss,   */
 _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x70,
                "offset of __private_ss != 0x70");
+_Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x80,
+               "offset of __glibc_unused2 != 0x80");
 # endif
 
 #else /* __ASSEMBLER__ */