[Bug gold/22915] New: Gold doesn't support Intel CET

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gold/22915] New: Gold doesn't support Intel CET

From:	hjl.tools at gmail dot com
Subject:	[Bug gold/22915] New: Gold doesn't support Intel CET
Date:	Fri, 02 Mar 2018 16:41:57 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=22915

            Bug ID: 22915
           Summary: Gold doesn't support Intel CET
           Product: binutils
           Version: 2.31 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gold
          Assignee: ccoutant at gmail dot com
          Reporter: hjl.tools at gmail dot com
                CC: ian at airs dot com
  Target Milestone: ---
            Target: x86

Intel CET psABI extension:

https://github.com/hjl-tools/x86-psABI/wiki/x86-64-psABI-cet.pdf

adds GNU_PROPERTY_X86_FEATURE_1_IBT and GNU_PROPERTY_X86_FEATURE_1_SHSTK
to GNU program property with .note.gnu.property section and
NT_GNU_PROPERTY_TYPE_0 are specified in Linux Extensions to gABI:

https://github.com/hjl-tools/linux-abi/wiki/linux-abi-draft.pdf

GNU_PROPERTY_X86_FEATURE_1_IBT is added to GNU program property to
indicate that all executable sections are compatible with IBT when
ENDBR instruction starts each valid target where an indirect branch
instruction can land.  Linker sets GNU_PROPERTY_X86_FEATURE_1_IBT on
output only if it is set on all relocatable inputs.
The followings changes are made to the Procedure Linkage Table (PLT):

1. For 64-bit x86-64,  PLT is changed to

PLT0:  push       GOT[1]
       bnd jmp    *GOT[2]
       nop
...
PLTn:  endbr64
       push       namen_reloc_index
       bnd jmp    PLT0

together with the second PLT section:

PLTn:  endbr64
       bnd jmp   *GOT[namen_index]
       nop

BND prefix is also added so that IBT-enabled PLT is compatible with MPX.

2. For 32-bit x86-64 (x32) and i386,  PLT is changed to

PLT0:  push       GOT[1]
       jmp        *GOT[2]
       nop
...
PLTn:  endbr64                                 # endbr32 for i386.
       push       namen_reloc_index
       jmp        PLT0

together with the second PLT section:

PLTn:  endbr64                                 # endbr32 for i386.
       jmp       *GOT[namen_index]
       nop

BND prefix isn't used since MPX isn't supported on x32 and BND registers
aren't used in parameter passing on i386.

GNU_PROPERTY_X86_FEATURE_1_SHSTK is added to GNU program property to
indicate that all executable sections are compatible with SHSTK where
return address popped from shadow stack always matches return address
popped from normal stack.  Linker sets GNU_PROPERTY_X86_FEATURE_1_SHSTK
on output only if it is set on all relocatable inputs.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug gold/22915] New: Gold doesn't support Intel CET, hjl.tools at gmail dot com <=

Prev by Date: [Bug gold/22914] New: Gold doesn't support .note.gnu.property section (NT_GNU_PROPERTY_TYPE_0)
Next by Date: [Bug binutils/22911] Huge slowdown in objdump -d caused by scanning the dynamic relocs
Previous by thread: [Bug gold/22914] New: Gold doesn't support .note.gnu.property section (NT_GNU_PROPERTY_TYPE_0)
Next by thread: [Bug ld/21900] [MIPS] linking shared library with -z defs --warn-unresolved-symbols emits null relocation
Index(es):
- Date
- Thread