x86: Add -z cet-report=[none|warning|error]

Add -z cet-report=[none|warning|error] to report the missing Intel Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK) properties in input .note.gnu.property section. -z cet-report=none, which is the default, will make the linker not report missing properties in input files. -z cet-report=warning will make the linker issue a warning for missing properties in input files. -z cet-report=error will make the linker issue an error for missing properties in input files. Note that -z ibt will turn off the missing IBT property report and -z shstk will turn off the missing SHSTK property report. Supported for Linux/i386 and Linux/x86_64. bfd/ * elf-linker-x86.h (elf_x86_cet_report): New. (elf_linker_x86_params): Add cet_report. * elfxx-x86.c (_bfd_x86_elf_link_setup_gnu_properties): Report missing IBT and SHSTK properties if needed. ld/ * ld.texi: Document -z cet-report=[none|warning|error]. * emulparams/cet.sh: Add -z cet-report=[none|warning|error]. * testsuite/ld-i386/i386.exp: Run -z cet-report=[warning|error] tests. * testsuite/ld-x86-64/x86-64.exp: Likewise. * testsuite/ld-i386/property-x86-cet1.d: New file. * testsuite/ld-i386/property-x86-cet2a.d: Likewise. * testsuite/ld-i386/property-x86-cet2b.d: Likewise. * testsuite/ld-i386/property-x86-cet3a.d: Likewise. * testsuite/ld-i386/property-x86-cet3b.d: Likewise. * testsuite/ld-i386/property-x86-cet4a.d: Likewise. * testsuite/ld-i386/property-x86-cet4b.d: Likewise. * testsuite/ld-i386/property-x86-cet5a.d: Likewise. * testsuite/ld-i386/property-x86-cet5b.d: Likewise. * testsuite/ld-i386/property-x86-cet6.d: Likewise. * testsuite/ld-x86-64/property-x86-cet.s: Likewise. * testsuite/ld-x86-64/property-x86-cet1-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet1.d: Likewise. * testsuite/ld-x86-64/property-x86-cet2a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet2a.d: Likewise. * testsuite/ld-x86-64/property-x86-cet2b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet2b.d: Likewise. * testsuite/ld-x86-64/property-x86-cet3a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet3a.d: Likewise. * testsuite/ld-x86-64/property-x86-cet3b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet3b.d: Likewise. * testsuite/ld-x86-64/property-x86-cet4a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet4a.d: Likewise. * testsuite/ld-x86-64/property-x86-cet4b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet4b.d: Likewise. * testsuite/ld-x86-64/property-x86-cet5a-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet5a.d: Likewise. * testsuite/ld-x86-64/property-x86-cet5b-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet5b.d: Likewise. * testsuite/ld-x86-64/property-x86-cet6-x32.d: Likewise. * testsuite/ld-x86-64/property-x86-cet6.d: Likewise.
author: H.J. Lu <hjl.tools@gmail.com> 2019-04-11 08:18:51 -0700
committer: H.J. Lu <hjl.tools@gmail.com> 2019-04-11 08:21:30 -0700
commit: 233a00833b984319d5e94db3f5d5d9a735edc984 (patch)
tree: cde032770e8d7027cb298b7d7a1a489b3da62647 /bfd
parent: ca4e63310228df72ba47e5b29f4c275e62496dcf (diff)
download: gdb-233a00833b984319d5e94db3f5d5d9a735edc984.zip
gdb-233a00833b984319d5e94db3f5d5d9a735edc984.tar.gz
gdb-233a00833b984319d5e94db3f5d5d9a735edc984.tar.bz2
3 files changed, 78 insertions, 2 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 3c1b662..506d54f 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,12 @@
 2019-04-11  H.J. Lu  <hongjiu.lu@intel.com>
 
+	* elf-linker-x86.h (elf_x86_cet_report): New.
+	(elf_linker_x86_params): Add cet_report.
+	* elfxx-x86.c (_bfd_x86_elf_link_setup_gnu_properties): Report
+	missing IBT and SHSTK properties if needed.
+
+2019-04-11  H.J. Lu  <hongjiu.lu@intel.com>
+
 	PR ld/24436
 	* elf-m10300.c (mn10300_elf_check_relocs): Remove BFD_ASSERT of
 	"h != NULL".  Don't check "h != NULL" before calling.
diff --git a/bfd/elf-linker-x86.h b/bfd/elf-linker-x86.h
index bd14b71..5ca65f4 100644
--- a/bfd/elf-linker-x86.h
+++ b/bfd/elf-linker-x86.h
@@ -18,6 +18,16 @@
    Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
    MA 02110-1301, USA.  */
 
+/* Missing IBT and SHSTK property report control.  */
+enum elf_x86_cet_report
+{
+  cet_report_none	= 0,	    /* Do nothing.  */
+  cet_report_warning	= 1 << 0,   /* Issue a warning.  */
+  cet_report_error	= 1 << 1,   /* Issue an error.  */
+  cet_report_ibt	= 1 << 2,   /* Report missing IBT property.  */
+  cet_report_shstk	= 1 << 3    /* Report missing SHSTK property.  */
+};
+
 /* Used to pass x86-specific linker options from ld to bfd.  */
 struct elf_linker_x86_params
 {
@@ -39,6 +49,9 @@ struct elf_linker_x86_params
   /* TRUE if generate a 1-byte NOP as suffix for x86 call instruction.  */
   unsigned int call_nop_as_suffix : 1;
 
+  /* Report missing IBT and SHSTK properties.  */
+  enum elf_x86_cet_report cet_report;
+
   /* The 1-byte NOP for x86 call instruction.  */
   char call_nop_byte;
 };
diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c
index 8d08a69..e661ad3 100644
--- a/bfd/elfxx-x86.c
+++ b/bfd/elfxx-x86.c
@@ -2583,9 +2583,17 @@ _bfd_x86_elf_link_setup_gnu_properties
 
   features = 0;
   if (htab->params->ibt)
-    features = GNU_PROPERTY_X86_FEATURE_1_IBT;
+    {
+      features = GNU_PROPERTY_X86_FEATURE_1_IBT;
+      htab->params->cet_report &= ~cet_report_ibt;
+    }
   if (htab->params->shstk)
-    features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
+    {
+      features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
+      htab->params->cet_report &= ~cet_report_shstk;
+    }
+  if (!(htab->params->cet_report & (cet_report_ibt | cet_report_shstk)))
+    htab->params->cet_report = cet_report_none;
 
   if (ebfd != NULL)
     {
@@ -2626,6 +2634,54 @@ error_alignment:
 	}
     }
 
+  if (htab->params->cet_report)
+    {
+      /* Report missing IBT and SHSTK properties.  */
+      bfd *abfd;
+      const char *msg;
+      elf_property_list *p;
+      bfd_boolean missing_ibt, missing_shstk;
+      bfd_boolean check_ibt
+	= !!(htab->params->cet_report & cet_report_ibt);
+      bfd_boolean check_shstk
+	= !!(htab->params->cet_report & cet_report_shstk);
+
+      if ((htab->params->cet_report & cet_report_warning))
+	msg = _("%P: %pB: warning: missing %s\n");
+      else
+	msg = _("%X%P: %pB: error: missing %s\n");
+
+      for (abfd = info->input_bfds; abfd != NULL; abfd = abfd->link.next)
+	if (!(abfd->flags & (DYNAMIC | BFD_PLUGIN | BFD_LINKER_CREATED))
+	    && bfd_get_flavour (abfd) == bfd_target_elf_flavour)
+	  {
+	    for (p = elf_properties (abfd); p; p = p->next)
+	      if (p->property.pr_type == GNU_PROPERTY_X86_FEATURE_1_AND)
+		break;
+
+	    missing_ibt = check_ibt;
+	    missing_shstk = check_shstk;
+	    if (p)
+	      {
+		missing_ibt &= !(p->property.u.number
+				 & GNU_PROPERTY_X86_FEATURE_1_IBT);
+		missing_shstk &= !(p->property.u.number
+				   & GNU_PROPERTY_X86_FEATURE_1_SHSTK);
+	      }
+	    if (missing_ibt || missing_shstk)
+	      {
+		const char *missing;
+		if (missing_ibt && missing_shstk)
+		  missing = _("IBT and SHSTK properties");
+		else if (missing_ibt)
+		  missing = _("IBT property");
+		else
+		  missing = _("SHSTK property");
+		info->callbacks->einfo (msg, abfd, missing);
+	      }
+	  }
+    }
+
   pbfd = _bfd_elf_link_setup_gnu_properties (info);
 
   htab->r_info = init_table->r_info;
author	H.J. Lu <hjl.tools@gmail.com>	2019-04-11 08:18:51 -0700
committer	H.J. Lu <hjl.tools@gmail.com>	2019-04-11 08:21:30 -0700
commit	233a00833b984319d5e94db3f5d5d9a735edc984 (patch)
tree	cde032770e8d7027cb298b7d7a1a489b3da62647 /bfd
parent	ca4e63310228df72ba47e5b29f4c275e62496dcf (diff)
download	gdb-233a00833b984319d5e94db3f5d5d9a735edc984.zip gdb-233a00833b984319d5e94db3f5d5d9a735edc984.tar.gz gdb-233a00833b984319d5e94db3f5d5d9a735edc984.tar.bz2