diff options
| author | H.J. Lu <hjl.tools@gmail.com> | 2020-04-27 15:44:07 -0700 |
|---|---|---|
| committer | H.J. Lu <hjl.tools@gmail.com> | 2020-05-18 08:38:53 -0700 |
| commit | 9e38f455a6c602be86b7b5a8d6523cbdcd7ec051 (patch) | |
| tree | 3fa62a570dd9ae651db62b21231a63358bd66edf /sysdeps/x86/configure.ac | |
| parent | ce12fc711387375d0248ab3ff9084fb958c43bc6 (diff) | |
| download | glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.zip glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.tar.gz glibc-9e38f455a6c602be86b7b5a8d6523cbdcd7ec051.tar.bz2 | |
x86: Add --enable-cet=permissive
When CET is enabled, it is an error to dlopen a non CET enabled shared
library in CET enabled application. It may be desirable to make CET
permissive, that is disable CET when dlopening a non CET enabled shared
library. With the new --enable-cet=permissive configure option, CET is
disabled when dlopening a non CET enabled shared library.
Add DEFAULT_DL_X86_CET_CONTROL to config.h.in:
/* The default value of x86 CET control. */
#define DEFAULT_DL_X86_CET_CONTROL cet_elf_property
which enables CET features based on ELF property note.
--enable-cet=permissive it to
/* The default value of x86 CET control. */
#define DEFAULT_DL_X86_CET_CONTROL cet_permissive
which enables CET features permissively.
Update tst-cet-legacy-5a, tst-cet-legacy-5b, tst-cet-legacy-6a and
tst-cet-legacy-6b to check --enable-cet and --enable-cet=permissive.
Diffstat (limited to 'sysdeps/x86/configure.ac')
| -rw-r--r-- | sysdeps/x86/configure.ac | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac index a909b07..8f3e119 100644 --- a/sysdeps/x86/configure.ac +++ b/sysdeps/x86/configure.ac @@ -1,7 +1,7 @@ GLIBC_PROVIDES dnl See aclocal.m4 in the top level source directory. # Local configure fragment for sysdeps/x86. -if test x"$enable_cet" = xyes; then +if test $enable_cet != no; then # Check if CET can be enabled. AC_CACHE_CHECK(whether CET can be enabled, libc_cv_x86_cet_available, [dnl @@ -16,17 +16,11 @@ EOF libc_cv_x86_cet_available=no fi rm -rf conftest*]) - if test $libc_cv_x86_cet_available = yes; then - enable_cet=yes - else - if test x"$enable_cet" = xdefault; then - enable_cet=no - else - AC_MSG_ERROR([$CC doesn't support CET]) - fi + if test $libc_cv_x86_cet_available != yes; then + AC_MSG_ERROR([$CC doesn't support CET]) fi fi -if test $enable_cet = yes; then +if test $enable_cet != no; then # Check if assembler supports CET. AC_CACHE_CHECK(whether $AS supports CET, libc_cv_x86_cet_as, [dnl @@ -43,4 +37,9 @@ EOF AC_MSG_ERROR([$AS doesn't support CET]) fi fi +if test $enable_cet = yes; then + AC_DEFINE(DEFAULT_DL_X86_CET_CONTROL, cet_elf_property) +elif test $enable_cet = permissive; then + AC_DEFINE(DEFAULT_DL_X86_CET_CONTROL, cet_permissive) +fi LIBC_CONFIG_VAR([enable-cet], [$enable_cet]) |