From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id AJJeD3TOZWe4ZyUAWB0awg
	(envelope-from <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Fri, 20 Dec 2024 15:07:16 -0500
Authentication-Results: simark.ca;
	dkim=pass (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=grJv6APJ;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 3BBAA1E097; Fri, 20 Dec 2024 15:07:16 -0500 (EST)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on simark.ca
X-Spam-Level: 
X-Spam-Status: No, score=-6.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED autolearn=unavailable autolearn_force=no
	version=4.0.0
Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id 9DB7D1E091
	for <public-inbox@simark.ca>; Fri, 20 Dec 2024 15:07:15 -0500 (EST)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 4CF40385840F
	for <public-inbox@simark.ca>; Fri, 20 Dec 2024 20:07:15 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4CF40385840F
Authentication-Results: sourceware.org;
	dkim=pass (2048-bit key, unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=grJv6APJ
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.21])
 by sourceware.org (Postfix) with ESMTPS id DC8DB3858D26
 for <gdb-patches@sourceware.org>; Fri, 20 Dec 2024 20:05:27 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org DC8DB3858D26
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=intel.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=intel.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org DC8DB3858D26
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=198.175.65.21
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1734725128; cv=none;
 b=Yjb6sLfKF04rdMmiDrbd7+HjZJmIWxONApNUj9IN9WDDOgp3bEyk1Caw/jA950gC09QrpS5qS7rwxUaseZulOoZcYCGLQxiDgZPqMIBNSyYkxZpYYj5S2AbUwpkfmygdJdpZGmHx4hY1NjfrZuCmyxDuVpUE03ght2+d3E29AAU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1734725128; c=relaxed/simple;
 bh=rhJJHe2KGlLWe8T7GKCD90fb1WzboO/2s+GdFm5dHxM=;
 h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version;
 b=vT+pX3+Rpz6wiKzc9WPtt4YxrAdoDgVugdyewntPU/DNefKBbrz+yUjbKsaFjJyO44qFkmX2PzvesuUrUSgG+3zEAPscEZo67x4lPeKDymjFX2l7NNGlH4QuJyZx2ALFNfV/D2I5p3j1h+vL+wniu0WsZeK+j4aVvSck7t8UfvQ=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DC8DB3858D26
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1734725128; x=1766261128;
 h=from:to:subject:date:message-id:mime-version:
 content-transfer-encoding;
 bh=rhJJHe2KGlLWe8T7GKCD90fb1WzboO/2s+GdFm5dHxM=;
 b=grJv6APJP8LflNu0/HTFAZColpeeQ8ARzQ8QQ0n+j4ETEsRbC+QXV66G
 dSCxyJlOQaPFBXvIGxjYYEGBkm8h/hD9X5oycEcXJiSBszlJKYU+pLXK3
 HPfVqp/mehZdqDKkCZtjet28FKTSe2S5XEMkz4bI6vcvhPlSxrDlmpsmH
 7GQJ9sI07HCVdIOjOehNT6U2tdICKjUdoPgCpWqERbza7KbN0/Z1P5us0
 xFuDWpMQWOOUXEvALuNF1juox3UMgSqWA6CwQDCldmTXPShHdL4odP2d4
 7h394/+k9xjUdTBQWthsXysG4b8mTRIslH2U3OxxFuH7hRW/giuBe5fvH w==;
X-CSE-ConnectionGUID: QZbyvNLHRM+Yki8qP4qg/w==
X-CSE-MsgGUID: MEulxPKPS8KjjAHKxbKeCA==
X-IronPort-AV: E=McAfee;i="6700,10204,11292"; a="35174234"
X-IronPort-AV: E=Sophos;i="6.12,251,1728975600"; d="scan'208";a="35174234"
Received: from fmviesa002.fm.intel.com ([10.60.135.142])
 by orvoesa113.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 20 Dec 2024 12:05:27 -0800
X-CSE-ConnectionGUID: +BHQDp4RSS+bwOs3fkc67g==
X-CSE-MsgGUID: S7IPhNL6RomTLkG98m2+9Q==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.12,224,1728975600"; d="scan'208";a="121877476"
Received: from gkldtt-dev-004.igk.intel.com (HELO localhost) ([10.123.221.202])
 by fmviesa002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 20 Dec 2024 12:05:26 -0800
From: "Schimpe, Christina" <christina.schimpe@intel.com>
To: gdb-patches@sourceware.org
Subject: [PATCH 00/12] Add CET shadow stack support
Date: Fri, 20 Dec 2024 20:04:49 +0000
Message-Id: <20241220200501.324191-1-christina.schimpe@intel.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org

Hi all,

this is a series to add amd64 shadow stack support to GDB on linux.  
Shadow stack is part of the Control-flow Enforcement Technology (CET) by
Intel.

Intel's CET  provides the two capabilities to defend against ROP/COP/JOP
style control-flow subversion attacks: shadow stack and indirect branch
tracking (IBT).

While there is linux kernel support for CET shadow stack in userspace,
there is no linux kernel support available for userspace IBT, yet.
This series therefore focuses on CET shadow stack only.

I am looking forward to your feedback!

Regards,
Christina


Felix Willgerodt (1):
  gdb, bfd: amd64 linux coredump support with shadow stack.

Schimpe, Christina (11):
  gdb, testsuite: Rename set_sanitizer_default to append_environment.
  gdbserver: Add optional runtime register set type.
  gdbserver: Add assert in x86_linux_read_description.
  gdb: Sync up x86-gcc-cpuid.h with cpuid.h from gcc 14 branch.
  gdb, gdbserver: Use xstate_bv for target description creation on x86.
  gdb, gdbserver: Add support of Intel shadow stack pointer register.
  gdb: Handle shadow stack pointer register unwinding for amd64 linux.
  gdb, gdbarch: Enable inferior calls for shadow stack support.
  gdb: Implement amd64 linux shadow stack support for inferior calls.
  gdb, gdbarch: Introduce gdbarch method to get the shadow stack
    pointer.
  gdb: Enable displaced stepping with shadow stack on amd64 linux.

 bfd/elf.c                                     |  24 +++
 gdb/amd64-linux-nat.c                         |  17 ++
 gdb/amd64-linux-tdep.c                        | 197 +++++++++++++++++-
 gdb/amd64-tdep.c                              |  32 ++-
 gdb/amd64-tdep.h                              |   9 +-
 gdb/arch-utils.c                              |   8 +
 gdb/arch-utils.h                              |   5 +
 gdb/arch/amd64-linux-tdesc.c                  |  33 +--
 gdb/arch/amd64-linux-tdesc.h                  |   7 +-
 gdb/arch/amd64.c                              |  25 ++-
 gdb/arch/amd64.h                              |  10 +-
 gdb/arch/i386-linux-tdesc.c                   |  29 +--
 gdb/arch/i386-linux-tdesc.h                   |   5 +-
 gdb/arch/i386.c                               |  19 +-
 gdb/arch/i386.h                               |   8 +-
 gdb/arch/x86-linux-tdesc-features.c           |  56 ++---
 gdb/arch/x86-linux-tdesc-features.h           |  25 ++-
 gdb/doc/gdb.texinfo                           |  42 ++++
 gdb/features/Makefile                         |   2 +
 gdb/features/i386/32bit-ssp.c                 |  14 ++
 gdb/features/i386/32bit-ssp.xml               |  11 +
 gdb/features/i386/64bit-ssp.c                 |  14 ++
 gdb/features/i386/64bit-ssp.xml               |  11 +
 gdb/gdbarch-gen.c                             |  54 +++++
 gdb/gdbarch-gen.h                             |  20 ++
 gdb/gdbarch_components.py                     |  26 +++
 gdb/i386-tdep.c                               |  44 +++-
 gdb/i386-tdep.h                               |  11 +-
 gdb/infcall.c                                 |   6 +
 gdb/linux-tdep.c                              |  47 +++++
 gdb/linux-tdep.h                              |   7 +
 gdb/nat/x86-gcc-cpuid.h                       | 153 +++++++++++---
 gdb/nat/x86-linux-tdesc.c                     |  20 +-
 gdb/nat/x86-linux-tdesc.h                     |   7 +-
 gdb/nat/x86-linux.c                           |  55 +++++
 gdb/nat/x86-linux.h                           |   4 +
 .../gdb.arch/amd64-shadow-stack-cmds.exp      | 141 +++++++++++++
 .../gdb.arch/amd64-shadow-stack-corefile.exp  |  50 +++++
 .../gdb.arch/amd64-shadow-stack-disp-step.exp |  84 ++++++++
 gdb/testsuite/gdb.arch/amd64-shadow-stack.c   |  35 ++++
 gdb/testsuite/gdb.arch/amd64-ssp.exp          |  50 +++++
 .../gdb.base/inline-frame-cycle-unwind.py     |   4 +
 gdb/testsuite/gdb.base/libsegfault.exp        |   2 +-
 .../gdb.threads/attach-slow-waitpid.exp       |   2 +-
 gdb/testsuite/lib/gdb.exp                     |  77 ++++++-
 gdb/x86-linux-nat.c                           |  51 ++++-
 gdb/x86-linux-nat.h                           |  11 +
 gdb/x86-tdep.c                                |  22 ++
 gdb/x86-tdep.h                                |   9 +
 gdbserver/i387-fp.cc                          |  40 ++--
 gdbserver/linux-amd64-ipa.cc                  |  10 +-
 gdbserver/linux-i386-ipa.cc                   |   6 +-
 gdbserver/linux-low.cc                        |  40 ++--
 gdbserver/linux-low.h                         |   7 +-
 gdbserver/linux-x86-low.cc                    |  44 +++-
 gdbsupport/x86-xstate.h                       |   7 +-
 56 files changed, 1537 insertions(+), 212 deletions(-)
 create mode 100644 gdb/features/i386/32bit-ssp.c
 create mode 100644 gdb/features/i386/32bit-ssp.xml
 create mode 100644 gdb/features/i386/64bit-ssp.c
 create mode 100644 gdb/features/i386/64bit-ssp.xml
 create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-cmds.exp
 create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp
 create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-disp-step.exp
 create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack.c
 create mode 100644 gdb/testsuite/gdb.arch/amd64-ssp.exp

-- 
2.34.1

Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928