+2019-04-11 H.J. Lu <hongjiu.lu@intel.com>
+
+ * elf-linker-x86.h (elf_x86_cet_report): New.
+ (elf_linker_x86_params): Add cet_report.
+ * elfxx-x86.c (_bfd_x86_elf_link_setup_gnu_properties): Report
+ missing IBT and SHSTK properties if needed.
+
2019-04-11 H.J. Lu <hongjiu.lu@intel.com>
PR ld/24436
Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston,
MA 02110-1301, USA. */
+/* Missing IBT and SHSTK property report control. */
+enum elf_x86_cet_report
+{
+ cet_report_none = 0, /* Do nothing. */
+ cet_report_warning = 1 << 0, /* Issue a warning. */
+ cet_report_error = 1 << 1, /* Issue an error. */
+ cet_report_ibt = 1 << 2, /* Report missing IBT property. */
+ cet_report_shstk = 1 << 3 /* Report missing SHSTK property. */
+};
+
/* Used to pass x86-specific linker options from ld to bfd. */
struct elf_linker_x86_params
{
/* TRUE if generate a 1-byte NOP as suffix for x86 call instruction. */
unsigned int call_nop_as_suffix : 1;
+ /* Report missing IBT and SHSTK properties. */
+ enum elf_x86_cet_report cet_report;
+
/* The 1-byte NOP for x86 call instruction. */
char call_nop_byte;
};
features = 0;
if (htab->params->ibt)
- features = GNU_PROPERTY_X86_FEATURE_1_IBT;
+ {
+ features = GNU_PROPERTY_X86_FEATURE_1_IBT;
+ htab->params->cet_report &= ~cet_report_ibt;
+ }
if (htab->params->shstk)
- features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
+ {
+ features |= GNU_PROPERTY_X86_FEATURE_1_SHSTK;
+ htab->params->cet_report &= ~cet_report_shstk;
+ }
+ if (!(htab->params->cet_report & (cet_report_ibt | cet_report_shstk)))
+ htab->params->cet_report = cet_report_none;
if (ebfd != NULL)
{
}
}
+ if (htab->params->cet_report)
+ {
+ /* Report missing IBT and SHSTK properties. */
+ bfd *abfd;
+ const char *msg;
+ elf_property_list *p;
+ bfd_boolean missing_ibt, missing_shstk;
+ bfd_boolean check_ibt
+ = !!(htab->params->cet_report & cet_report_ibt);
+ bfd_boolean check_shstk
+ = !!(htab->params->cet_report & cet_report_shstk);
+
+ if ((htab->params->cet_report & cet_report_warning))
+ msg = _("%P: %pB: warning: missing %s\n");
+ else
+ msg = _("%X%P: %pB: error: missing %s\n");
+
+ for (abfd = info->input_bfds; abfd != NULL; abfd = abfd->link.next)
+ if (!(abfd->flags & (DYNAMIC | BFD_PLUGIN | BFD_LINKER_CREATED))
+ && bfd_get_flavour (abfd) == bfd_target_elf_flavour)
+ {
+ for (p = elf_properties (abfd); p; p = p->next)
+ if (p->property.pr_type == GNU_PROPERTY_X86_FEATURE_1_AND)
+ break;
+
+ missing_ibt = check_ibt;
+ missing_shstk = check_shstk;
+ if (p)
+ {
+ missing_ibt &= !(p->property.u.number
+ & GNU_PROPERTY_X86_FEATURE_1_IBT);
+ missing_shstk &= !(p->property.u.number
+ & GNU_PROPERTY_X86_FEATURE_1_SHSTK);
+ }
+ if (missing_ibt || missing_shstk)
+ {
+ const char *missing;
+ if (missing_ibt && missing_shstk)
+ missing = _("IBT and SHSTK properties");
+ else if (missing_ibt)
+ missing = _("IBT property");
+ else
+ missing = _("SHSTK property");
+ info->callbacks->einfo (msg, abfd, missing);
+ }
+ }
+ }
+
pbfd = _bfd_elf_link_setup_gnu_properties (info);
htab->r_info = init_table->r_info;
+2019-04-11 H.J. Lu <hongjiu.lu@intel.com>
+
+ * ld.texi: Document -z cet-report=[none|warning|error].
+ * emulparams/cet.sh: Add -z cet-report=[none|warning|error].
+ * testsuite/ld-i386/i386.exp: Run -z cet-report=[warning|error]
+ tests.
+ * testsuite/ld-x86-64/x86-64.exp: Likewise.
+ * testsuite/ld-i386/property-x86-cet1.d: New file.
+ * testsuite/ld-i386/property-x86-cet2a.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet2b.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet3a.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet3b.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet4a.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet4b.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet5a.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet5b.d: Likewise.
+ * testsuite/ld-i386/property-x86-cet6.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet.s: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet1-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet1.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet2a-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet2a.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet2b-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet2b.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet3a-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet3a.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet3b-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet3b.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet4a-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet4a.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet4b-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet4b.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet5a-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet5a.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet5b-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet5b.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet6-x32.d: Likewise.
+ * testsuite/ld-x86-64/property-x86-cet6.d: Likewise.
+
2019-04-11 H.J. Lu <hongjiu.lu@intel.com>
* testsuite/config/default.exp (STATIC_PIE_LDFLAGS): New. Set
-z ibt Generate GNU_PROPERTY_X86_FEATURE_1_IBT\n"));
fprintf (file, _("\
-z shstk Generate GNU_PROPERTY_X86_FEATURE_1_SHSTK\n"));
+ fprintf (file, _("\
+ -z cet-report=[none|warning|error] (default: none)\n\
+ Report missing IBT and SHSTK properties\n"));
'
PARSE_AND_LIST_ARGS_CASE_Z_CET='
else if (strcmp (optarg, "ibtplt") == 0)
params.ibt = TRUE;
else if (strcmp (optarg, "shstk") == 0)
params.shstk = TRUE;
+ else if (strncmp (optarg, "cet-report=", 11) == 0)
+ {
+ if (strcmp (optarg + 11, "none") == 0)
+ params.cet_report = cet_report_none;
+ else if (strcmp (optarg + 11, "warning") == 0)
+ params.cet_report = (cet_report_warning
+ | cet_report_ibt
+ | cet_report_shstk);
+ else if (strcmp (optarg + 11, "error") == 0)
+ params.cet_report = (cet_report_error
+ | cet_report_ibt
+ | cet_report_shstk);
+ else
+ einfo (_("%F%P: invalid option for -z cet-report=: %s\n"),
+ optarg + 11);
+ }
'
PARSE_AND_LIST_OPTIONS="$PARSE_AND_LIST_OPTIONS $PARSE_AND_LIST_OPTIONS_CET"
@option{call-nop=suffix-@var{byte}} generates @code{call foo @var{byte}}.
Supported for i386 and x86_64.
+@item cet-report=none
+@itemx cet-report=warning
+@itemx cet-report=error
+Specify how to report the missing GNU_PROPERTY_X86_FEATURE_1_IBT and
+GNU_PROPERTY_X86_FEATURE_1_SHSTK properties in input .note.gnu.property
+section. @option{cet-report=none}, which is the default, will make the
+linker not report missing properties in input files.
+@option{cet-report=warning} will make the linker issue a warning for
+missing properties in input files. @option{cet-report=error} will make
+the linker issue an error for missing properties in input files.
+Note that @option{ibt} will turn off the missing
+GNU_PROPERTY_X86_FEATURE_1_IBT property report and @option{shstk} will
+turn off the missing GNU_PROPERTY_X86_FEATURE_1_SHSTK property report.
+Supported for Linux/i386 and Linux/x86_64.
+
@item combreloc
@itemx nocombreloc
Combine multiple dynamic relocation sections and sort to improve
run_dump_test "property-x86-shstk3b"
run_dump_test "property-x86-shstk4"
run_dump_test "property-x86-shstk5"
+run_dump_test "property-x86-cet1"
+run_dump_test "property-x86-cet2a"
+run_dump_test "property-x86-cet2b"
+run_dump_test "property-x86-cet3a"
+run_dump_test "property-x86-cet3b"
+run_dump_test "property-x86-cet4a"
+run_dump_test "property-x86-cet4b"
+run_dump_test "property-x86-cet5a"
+run_dump_test "property-x86-cet5b"
+run_dump_test "property-x86-cet6"
run_dump_test "pie1"
run_dump_test "pie1-nacl"
run_dump_test "pr21884"
--- /dev/null
+#source: ../ld-x86-64/property-x86-cet.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties.*: warning: missing SHSTK property.*: warning: missing IBT property.*: warning: missing IBT and SHSTK properties
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA needed: SSE, SSE3, SSE4_1, AVX
+ x86 ISA used: CMOV, SSE, SSSE3, SSE4_1
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error
+#error: .*: error: missing IBT and SHSTK properties.*: error: missing SHSTK property.*: error: missing IBT property.*: error: missing IBT and SHSTK properties
--- /dev/null
+#source: property-x86-ibt.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-ibt.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error -z ibt
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error -z shstk
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-empty.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error -z cet-report=none
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000018 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#as: --32 -mx86-used-note=yes
+#ld: -r -m elf_i386 -z cet-report=error -z ibt -z shstk
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: start.s
+#as: --32 -mx86-used-note=no
+#ld: -r -m elf_i386 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties
+#readelf: -n
--- /dev/null
+ .section ".note.gnu.property", "a"
+.ifdef __64_bit__
+ .p2align 3
+.else
+ .p2align 2
+.endif
+ .long 1f - 0f /* name length */
+ .long 5f - 2f /* data length */
+ .long 5 /* note type */
+0: .asciz "GNU" /* vendor name */
+1:
+.ifdef __64_bit__
+ .p2align 3
+.else
+ .p2align 2
+.endif
+2: .long 0xc0000002 /* pr_type. */
+ .long 4f - 3f /* pr_datasz. */
+3:
+ .long 0x3
+4:
+.ifdef __64_bit__
+ .p2align 3
+.else
+ .p2align 2
+.endif
+5:
--- /dev/null
+#source: property-x86-cet.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-cet.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000030 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties.*: warning: missing SHSTK property.*: warning: missing IBT property
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA needed: CMOV, SSE, SSSE3, SSE4_1
+ x86 ISA used: SSE, SSE3, SSE4_1, AVX
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties.*: warning: missing SHSTK property.*: warning: missing IBT property.*: warning: missing IBT and SHSTK properties
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000030 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA needed: CMOV, SSE, SSSE3, SSE4_1
+ x86 ISA used: SSE, SSE3, SSE4_1, AVX
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error
+#error: .*: error: missing IBT and SHSTK properties.*: error: missing SHSTK property.*: error: missing IBT property.*: error: missing IBT and SHSTK properties
--- /dev/null
+#source: property-x86-empty.s
+#source: property-x86-ibt.s
+#source: property-x86-shstk.s
+#source: property-x86-3.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error
+#error: .*: error: missing IBT and SHSTK properties.*: error: missing SHSTK property.*: error: missing IBT property.*: error: missing IBT and SHSTK properties
--- /dev/null
+#source: property-x86-ibt.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-ibt.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-ibt.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error -z ibt
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-ibt.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error -z ibt
+#error: .*: error: missing SHSTK property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error -z shstk
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-shstk.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error -z shstk
+#error: .*: error: missing IBT property
--- /dev/null
+#source: property-x86-empty.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error -z cet-report=none
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000018 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error -z cet-report=none
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000020 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#as: --x32 -mx86-used-note=yes
+#ld: -r -m elf32_x86_64 -z cet-report=error -z ibt -z shstk
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000024 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: property-x86-empty.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=yes
+#ld: -r -melf_x86_64 -z cet-report=error -z ibt -z shstk
+#readelf: -n
+
+Displaying notes found in: .note.gnu.property
+ Owner Data size Description
+ GNU 0x00000030 NT_GNU_PROPERTY_TYPE_0
+ Properties: x86 feature: IBT, SHSTK
+ x86 ISA used: <None>
+ x86 feature used: x86
--- /dev/null
+#source: start.s
+#as: --x32 -mx86-used-note=no
+#ld: -r -m elf32_x86_64 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties
+#readelf: -n
--- /dev/null
+#source: start.s
+#as: --64 -defsym __64_bit__=1 -mx86-used-note=no
+#ld: -r -melf_x86_64 -z cet-report=warning
+#warning: .*: warning: missing IBT and SHSTK properties
+#readelf: -n
run_dump_test "property-x86-shstk4-x32"
run_dump_test "property-x86-shstk5"
run_dump_test "property-x86-shstk5-x32"
+run_dump_test "property-x86-cet1"
+run_dump_test "property-x86-cet1-x32"
+run_dump_test "property-x86-cet2a"
+run_dump_test "property-x86-cet2a-x32"
+run_dump_test "property-x86-cet2b"
+run_dump_test "property-x86-cet2b-x32"
+run_dump_test "property-x86-cet3a"
+run_dump_test "property-x86-cet3a-x32"
+run_dump_test "property-x86-cet3b"
+run_dump_test "property-x86-cet3b-x32"
+run_dump_test "property-x86-cet4a"
+run_dump_test "property-x86-cet4a-x32"
+run_dump_test "property-x86-cet4b"
+run_dump_test "property-x86-cet4b-x32"
+run_dump_test "property-x86-cet5a"
+run_dump_test "property-x86-cet5a-x32"
+run_dump_test "property-x86-cet5b"
+run_dump_test "property-x86-cet5b-x32"
+run_dump_test "property-x86-cet6"
+run_dump_test "property-x86-cet6-x32"
run_dump_test "pr21884"
run_dump_test "pr21884-nacl"
run_dump_test "pr22071"
projects / binutils-gdb.git / commitdiff