[PATCH v8 05/14] x86/cet/ibt: ELF header parsing for IBT

[PATCH v8 00/14] Control-flow Enforcement: Branch Tracking, PTRACE · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 01/14] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 02/14] x86/cet/ibt: User-mode indirect branch tracking support · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 10/14] x86/vsyscall/64: Add ENDBR64 to vsyscall entry points · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 09/14] x86/vdso/32: Add ENDBR32 to __kernel_vsyscall entry point · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 14/14] Introduce arch_prctl(ARCH_X86_CET_MARK_LEGACY_CODE) · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 08/14] x86/vdso: Insert endbr32/endbr64 to vDSO · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 04/14] mm/mmap: Add IBT bitmap size to address space limit check · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 12/14] x86/cet: Add PTRACE interface for CET · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 11/14] x86/vsyscall/64: Fixup shadow stack and branch tracking for vsyscall · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 13/14] x86: Discard .note.gnu.property sections · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 07/14] x86/cet/ibt: Add ENDBR to op-code-map · Yu-cheng Yu <hidden> · 2019-08-13
Re: [PATCH v8 07/14] x86/cet/ibt: Add ENDBR to op-code-map · Adrian Hunter <adrian.hunter@intel.com> · 2019-11-08
[PATCH v8 06/14] x86/cet/ibt: Add arch_prctl functions for IBT · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 05/14] x86/cet/ibt: ELF header parsing for IBT · Yu-cheng Yu <hidden> · 2019-08-13
[PATCH v8 03/14] x86/cet/ibt: Handle signals for end branch · Yu-cheng Yu <hidden> · 2019-08-13

From: Yu-cheng Yu <hidden>
Date: 2019-08-13 21:04:39
Also in: linux-arch, linux-doc, linux-mm, lkml
Subsystem: the rest, x86 architecture (32-bit and 64-bit) · Maintainers: Linus Torvalds, Thomas Gleixner, Ingo Molnar, Borislav Petkov, Dave Hansen

Look in .note.gnu.property of an ELF file and check if Indirect
Branch Tracking needs to be enabled for the task.

Signed-off-by: Yu-cheng Yu <redacted>
---
 arch/x86/Kconfig             | 1 +
 arch/x86/kernel/process_64.c | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 666dc66a382e..7edb544cef00 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig

@@ -1971,6 +1971,7 @@ config X86_INTEL_BRANCH_TRACKING_USER
 	select X86_INTEL_CET
 	select ARCH_HAS_AS_LIMIT
 	select ARCH_USE_GNU_PROPERTY
+	select ARCH_BINFMT_ELF_STATE
 	---help---
 	  Indirect Branch Tracking provides hardware protection against return-/jmp-
 	  oriented programming attacks.

diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c
index 7ec60b14e96d..a051cfc5242f 100644
--- a/arch/x86/kernel/process_64.c
+++ b/arch/x86/kernel/process_64.c

@@ -856,6 +856,11 @@ int arch_setup_property(struct arch_elf_state *state)
 			return r;
 	}
 
+	if (cpu_feature_enabled(X86_FEATURE_IBT)) {
+		if (state->gnu_property & GNU_PROPERTY_X86_FEATURE_1_IBT)
+			r = cet_setup_ibt();
+	}
+
 	return r;
 }
 #endif

-- 
2.17.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help