From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from simark.ca by simark.ca with LMTP id +UcfExVcUWhd8hEAWB0awg (envelope-from ) for ; Tue, 17 Jun 2025 08:14:13 -0400 Authentication-Results: simark.ca; dkim=pass (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=fMlq5hXn; dkim-atps=neutral Received: by simark.ca (Postfix, from userid 112) id 3AF791E11C; Tue, 17 Jun 2025 08:14:13 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on simark.ca X-Spam-Level: X-Spam-Status: No, score=-10.1 required=5.0 tests=ARC_SIGNED,ARC_VALID, BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED, RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE autolearn=ham autolearn_force=no version=4.0.1 Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by simark.ca (Postfix) with ESMTPS id BADCC1E089 for ; Tue, 17 Jun 2025 08:14:11 -0400 (EDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 3B2B03A3992A for ; Tue, 17 Jun 2025 12:14:11 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3B2B03A3992A Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=fMlq5hXn Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by sourceware.org (Postfix) with ESMTPS id 2208B3875DA5 for ; Tue, 17 Jun 2025 12:12:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 2208B3875DA5 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=intel.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 2208B3875DA5 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750162342; cv=none; b=B2Zr03QDu7IiMZyKRwCXuUNHBmX3WgW830/0fNE5ht9q2mH4p8lrubLgiDkDGIEdtRoXWD1qqMvEySXG0qfRxLj9/Tw+qGHUHMsh4qN4rPTI7UaVb3DCI3hnORNDQnWO+BFygaLtdlTCm7R/OhVdOjQeVptxgZgDdiBD1ZAJQB4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750162342; c=relaxed/simple; bh=pMqkg5Z7U/ybbAqzOAXDLi6LvcGmvwQ43P0KPUINQVk=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=qf+iGrsye503PnjBN+uFRi26YbTG6DVtv+zNEl2w9iLJg/1ncKbwoy4NTtXJfv7fE8lE9NL9P7srba2IqXnVysmr1UwM5SmP7bIfgORaT7FxCBb+/wuB5r2W5lB1VkA419hlZ9FnP09AM9la0JLlYs8+3YrnLtuWT3arHbothbA= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2208B3875DA5 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1750162342; x=1781698342; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=pMqkg5Z7U/ybbAqzOAXDLi6LvcGmvwQ43P0KPUINQVk=; b=fMlq5hXnqwlOzIg9NLjtjk/q7ofi6r7C5NEOy9wfLWyYwcbWsvy0jBnf o6f++zDY/2AzjdBu7Srv9b5jfverhbFABXpD1W9JP87OZO66P/AnJo9Yb XqYKyuKUZN/KHLsaRCALl3sWjTMgOjLV4EMyOySUvPZyIy40WNeT+hyxR QbbMshgPzqKMvqz1g2AXjrYr6CsFPaFNzAolmL7UCRDhS3M6xJ7qdHlX9 I4uqp5CKVeC1v7+r8YqZ947DgIsKc75/WHP0S0UmqkwDmuvk2dwZwU+nJ 8S/gaOHsw+aUKIZnbXURpxeVfFnz/eP6dGNiGyroo0XTOVW/+d1D0zszD w==; X-CSE-ConnectionGUID: y1kDNiyfSuCEHRPaLeM3bA== X-CSE-MsgGUID: lU4Ofy8tRLqnz25J0KUxSA== X-IronPort-AV: E=McAfee;i="6800,10657,11467"; a="52429402" X-IronPort-AV: E=Sophos;i="6.16,243,1744095600"; d="scan'208";a="52429402" Received: from orviesa009.jf.intel.com ([10.64.159.149]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jun 2025 05:12:17 -0700 X-CSE-ConnectionGUID: R0Ed1KADQkSP2kjKpWEdaQ== X-CSE-MsgGUID: lpiSfEhaTRikV15v+m0Nfw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.16,243,1744095600"; d="scan'208";a="148748602" Received: from gkldtt-dev-004.igk.intel.com (HELO localhost) ([10.123.221.202]) by orviesa009-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jun 2025 05:12:16 -0700 From: Christina Schimpe To: gdb-patches@sourceware.org Cc: thiago.bauermann@linaro.org, eliz@gnu.org Subject: [PATCH v4 00/11] Add CET shadow stack support Date: Tue, 17 Jun 2025 12:11:36 +0000 Message-Id: <20250617121147.1956686-1-christina.schimpe@intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org Hi all, this is my v4 of the series to add amd64 shadow stack support to GDB on linux. It addresses feedback of Thiago and Eli. Also I added a NEWS part and a fixup for the test of patch #11. So it would be great if Eli could do a quick review of the docs part again. v3 can be found here: https://sourceware.org/pipermail/gdb-patches/2025-May/217731.html Changes since v3: - Apply Thiago's feedback for default method and function description of the gdbarch hook get_shadow_stack pointer. - Applied the feedback of Eli for the docs parts as discussed here: https://sourceware.org/pipermail/gdb-patches/2025-May/218163.html - Added NEWS for patch #5 and #11. - Fixed the test of patch #11, which failed for gcc 15 due to changed assembler. - Changed to consistent naming "Intel Control-Flow Enforcement Technology" and commit author from "Schimpe, Christina" to "Christina Schimpe" I am looking forward to your feedback! Regards, Christina Christina Schimpe (10): gdbserver: Add optional runtime register set type. gdbserver: Add assert in x86_linux_read_description. gdb: Sync up x86-gcc-cpuid.h with cpuid.h from gcc 14 branch. gdb, gdbserver: Use xstate_bv for target description creation on x86. gdb, gdbserver: Add support of Intel shadow stack pointer register. gdb: Handle shadow stack pointer register unwinding for amd64 linux. gdb, gdbarch: Enable inferior calls for shadow stack support. gdb: Implement amd64 linux shadow stack support for inferior calls. gdb, gdbarch: Introduce gdbarch method to get the shadow stack pointer. gdb: Enable displaced stepping with shadow stack on amd64 linux. Felix Willgerodt (1): gdb: amd64 linux coredump support with shadow stack. gdb/NEWS | 6 + gdb/amd64-linux-nat.c | 17 ++ gdb/amd64-linux-tdep.c | 218 +++++++++++++++++- gdb/amd64-tdep.c | 35 ++- gdb/amd64-tdep.h | 9 +- gdb/arch-utils.c | 10 + gdb/arch-utils.h | 5 + gdb/arch/amd64-linux-tdesc.c | 33 +-- gdb/arch/amd64-linux-tdesc.h | 7 +- gdb/arch/amd64.c | 25 +- gdb/arch/amd64.h | 10 +- gdb/arch/i386-linux-tdesc.c | 29 +-- gdb/arch/i386-linux-tdesc.h | 5 +- gdb/arch/i386.c | 19 +- gdb/arch/i386.h | 8 +- gdb/arch/x86-linux-tdesc-features.c | 60 ++--- gdb/arch/x86-linux-tdesc-features.h | 25 +- gdb/doc/gdb.texinfo | 42 ++++ gdb/features/Makefile | 2 + gdb/features/i386/32bit-ssp.c | 14 ++ gdb/features/i386/32bit-ssp.xml | 11 + gdb/features/i386/64bit-ssp.c | 14 ++ gdb/features/i386/64bit-ssp.xml | 11 + gdb/gdbarch-gen.c | 54 +++++ gdb/gdbarch-gen.h | 24 ++ gdb/gdbarch_components.py | 31 +++ gdb/i386-tdep.c | 51 +++- gdb/i386-tdep.h | 11 +- gdb/infcall.c | 14 +- gdb/linux-tdep.c | 47 ++++ gdb/linux-tdep.h | 7 + gdb/nat/x86-gcc-cpuid.h | 153 +++++++++--- gdb/nat/x86-linux-tdesc.c | 20 +- gdb/nat/x86-linux-tdesc.h | 7 +- gdb/nat/x86-linux.c | 55 +++++ gdb/nat/x86-linux.h | 4 + .../gdb.arch/amd64-shadow-stack-cmds.exp | 141 +++++++++++ .../gdb.arch/amd64-shadow-stack-corefile.exp | 50 ++++ .../gdb.arch/amd64-shadow-stack-disp-step.exp | 90 ++++++++ gdb/testsuite/gdb.arch/amd64-shadow-stack.c | 35 +++ gdb/testsuite/gdb.arch/amd64-ssp.exp | 50 ++++ .../gdb.base/inline-frame-cycle-unwind.py | 4 + gdb/testsuite/lib/gdb.exp | 70 ++++++ gdb/x86-linux-nat.c | 51 +++- gdb/x86-linux-nat.h | 11 + gdb/x86-tdep.c | 21 ++ gdb/x86-tdep.h | 9 + gdbserver/i387-fp.cc | 40 ++-- gdbserver/linux-amd64-ipa.cc | 10 +- gdbserver/linux-i386-ipa.cc | 6 +- gdbserver/linux-low.cc | 50 ++-- gdbserver/linux-low.h | 7 +- gdbserver/linux-x86-low.cc | 44 +++- gdbsupport/x86-xstate.h | 7 +- 54 files changed, 1574 insertions(+), 215 deletions(-) create mode 100644 gdb/features/i386/32bit-ssp.c create mode 100644 gdb/features/i386/32bit-ssp.xml create mode 100644 gdb/features/i386/64bit-ssp.c create mode 100644 gdb/features/i386/64bit-ssp.xml create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-cmds.exp create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-disp-step.exp create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack.c create mode 100644 gdb/testsuite/gdb.arch/amd64-ssp.exp -- 2.34.1 Intel Deutschland GmbH Registered Address: Am Campeon 10, 85579 Neubiberg, Germany Tel: +49 89 99 8853-0, www.intel.de Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva Chairperson of the Supervisory Board: Nicole Lau Registered Office: Munich Commercial Register: Amtsgericht Muenchen HRB 186928