diff options
| author | H.J. Lu <hjl.tools@gmail.com> | 2023-12-29 08:43:53 -0800 |
|---|---|---|
| committer | H.J. Lu <hjl.tools@gmail.com> | 2025-08-19 15:39:23 -0700 |
| commit | 0d1abcab552707e8fc069dbc8658ae7ff7295022 (patch) | |
| tree | 3d1e50f5cafe30dc85ad95662c10f9b6865483fc | |
| parent | 027b3218116180c25521421d01889b3e7394deb6 (diff) | |
x86/cet: Don't set CET active by default
Not all CET enabled applications and libraries have been properly tested
in CET enabled environments. Some CET enabled applications or libraries
will crash or misbehave when CET is enabled. Don't set CET active by
default so that all applications and libraries will run normally regardless
of whether CET is active or not. Shadow stack can be enabled by
$ export GLIBC_TUNABLES=glibc.cpu.hwcaps=SHSTK
at run-time if shadow stack can be enabled by kernel.
NB: This commit can be reverted if it is OK to enable CET by default for
all applications and libraries.
(cherry picked from commit 55d63e731253de82e96ed4ddca2e294076cd0bc5)
| -rw-r--r-- | sysdeps/x86/cpu-features.c | 2 | ||||
| -rw-r--r-- | sysdeps/x86/cpu-tunables.c | 16 |
2 files changed, 16 insertions, 2 deletions
diff --git a/sysdeps/x86/cpu-features.c b/sysdeps/x86/cpu-features.c index c9132dbe2d..87845e9fe8 100644 --- a/sysdeps/x86/cpu-features.c +++ b/sysdeps/x86/cpu-features.c @@ -110,7 +110,7 @@ update_active (struct cpu_features *cpu_features) if (!CPU_FEATURES_CPU_P (cpu_features, RTM_ALWAYS_ABORT)) CPU_FEATURE_SET_ACTIVE (cpu_features, RTM); -#if CET_ENABLED +#if CET_ENABLED && 0 CPU_FEATURE_SET_ACTIVE (cpu_features, IBT); CPU_FEATURE_SET_ACTIVE (cpu_features, SHSTK); #endif diff --git a/sysdeps/x86/cpu-tunables.c b/sysdeps/x86/cpu-tunables.c index 0d4f328585..c144124142 100644 --- a/sysdeps/x86/cpu-tunables.c +++ b/sysdeps/x86/cpu-tunables.c @@ -47,6 +47,17 @@ extern __typeof (memcmp) DEFAULT_MEMCMP; break; \ } +#define CHECK_GLIBC_IFUNC_CPU_BOTH(f, cpu_features, name, disable, len) \ + _Static_assert (sizeof (#name) - 1 == len, #name " != " #len); \ + if (!DEFAULT_MEMCMP (f, #name, len)) \ + { \ + if (disable) \ + CPU_FEATURE_UNSET (cpu_features, name) \ + else \ + CPU_FEATURE_SET_ACTIVE (cpu_features, name) \ + break; \ + } + /* Disable a preferred feature NAME. We don't enable a preferred feature which isn't available. */ #define CHECK_GLIBC_IFUNC_PREFERRED_OFF(f, cpu_features, name, len) \ @@ -162,11 +173,14 @@ TUNABLE_CALLBACK (set_hwcaps) (tunable_val_t *valp) } break; case 5: + { + CHECK_GLIBC_IFUNC_CPU_BOTH (n, cpu_features, SHSTK, disable, + 5); + } if (disable) { CHECK_GLIBC_IFUNC_CPU_OFF (n, cpu_features, LZCNT, 5); CHECK_GLIBC_IFUNC_CPU_OFF (n, cpu_features, MOVBE, 5); - CHECK_GLIBC_IFUNC_CPU_OFF (n, cpu_features, SHSTK, 5); CHECK_GLIBC_IFUNC_CPU_OFF (n, cpu_features, SSSE3, 5); CHECK_GLIBC_IFUNC_CPU_OFF (n, cpu_features, XSAVE, 5); } |