From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id OLc9GQ5dUWhd8hEAWB0awg
	(envelope-from <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Tue, 17 Jun 2025 08:18:22 -0400
Authentication-Results: simark.ca;
	dkim=pass (2048-bit key; unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=AFVQmzi4;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 5D4EA1E11E; Tue, 17 Jun 2025 08:18:22 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on simark.ca
X-Spam-Level: 
X-Spam-Status: No, score=-10.1 required=5.0 tests=ARC_SIGNED,ARC_VALID,
	BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED,
	RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE autolearn=ham
	autolearn_force=no version=4.0.1
Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id 135131E102
	for <public-inbox@simark.ca>; Tue, 17 Jun 2025 08:18:21 -0400 (EDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id B509E3A4976D
	for <public-inbox@simark.ca>; Tue, 17 Jun 2025 12:18:20 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B509E3A4976D
Authentication-Results: sourceware.org;
	dkim=pass (2048-bit key, unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256 header.s=Intel header.b=AFVQmzi4
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.19])
 by sourceware.org (Postfix) with ESMTPS id D80A2399516C
 for <gdb-patches@sourceware.org>; Tue, 17 Jun 2025 12:13:06 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D80A2399516C
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=intel.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=intel.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org D80A2399516C
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=198.175.65.19
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750162387; cv=none;
 b=LGK1w6UMUgeioz6ajLTT//s1bcsdNo9Gn7yQuquMpTX8rqmcZNp+7SpMETnpGd/7lfiKaebAMF2NWOF2u5+syRwSm0QSHFpghoAJLgabkPx5ftutqsRgSEZ+IADRmZ15jKtR4bmw4kRCI746v1RI0FI4ZeSIUbnjGAELG0U3Ags=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1750162387; c=relaxed/simple;
 bh=uzDbK5WmELkzBHn5niBOJ4gpUCe8dQfWFrLuHVU90HA=;
 h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version;
 b=Wnxveev9w2ONQgBLEvM1OszIrXLWl78FLMkaeX8cRKUmqDX7PGdMozxl+AzMCykCgIF3yYCu9U81spH/t3Gp3P/5wi1J+QBwWx9qeK0GrcgLIAh5iFUI24B3R0wrjXQTdx6Bijb9NzZyQzOtD/hcu/iUwJPc9mC/Zn6Daz+SSz8=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D80A2399516C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1750162387; x=1781698387;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=uzDbK5WmELkzBHn5niBOJ4gpUCe8dQfWFrLuHVU90HA=;
 b=AFVQmzi4SxAwpk9mcvXd6pu4woa/n3AIET396orLWiCCgKC3obqXQ+8r
 0Y6XwJLZp43yJoUCWAp9zW4iux/LDCK7vUONquXqM+25J/1TTfm7MoK56
 8MWLymX9Ls/knB9yvYXaHN6a9k9uNO9Y872MpOE4MdKRrElCdnz4yQ3bF
 mGrlhW0dbVdhReSYr9l15gWoHB1kdC/d6fkcJM5VE0lbqY4hEA2AQTxsh
 bvNEQ/r9VpO2WyHpyfQrUZDQlhkeZxU+E8PNZyI3WZRYS7wJKerqJ+M73
 3lJRuEv9o1mtEUIyHC+3ntFuJyDeFGDh7CNSLlKYWt6/AW2gpGv/E9D7i A==;
X-CSE-ConnectionGUID: kE5oRq2PQJqzFBcS2m5QgA==
X-CSE-MsgGUID: vDiTJgHMS7WE7C5icSAYgA==
X-IronPort-AV: E=McAfee;i="6800,10657,11467"; a="52206003"
X-IronPort-AV: E=Sophos;i="6.16,243,1744095600"; d="scan'208";a="52206003"
Received: from orviesa003.jf.intel.com ([10.64.159.143])
 by orvoesa111.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 17 Jun 2025 05:13:06 -0700
X-CSE-ConnectionGUID: a5635OiKQoGQGXI+Tfj04w==
X-CSE-MsgGUID: n2Sf+k2fTPy8kzodTXCftg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.16,243,1744095600"; d="scan'208";a="153527483"
Received: from gkldtt-dev-004.igk.intel.com (HELO localhost) ([10.123.221.202])
 by ORVIESA003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 17 Jun 2025 05:13:05 -0700
From: Christina Schimpe <christina.schimpe@intel.com>
To: gdb-patches@sourceware.org
Cc: thiago.bauermann@linaro.org,
	eliz@gnu.org
Subject: [PATCH v4 06/11] gdb: amd64 linux coredump support with shadow stack.
Date: Tue, 17 Jun 2025 12:11:42 +0000
Message-Id: <20250617121147.1956686-7-christina.schimpe@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20250617121147.1956686-1-christina.schimpe@intel.com>
References: <20250617121147.1956686-1-christina.schimpe@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org

From: Felix Willgerodt <felix.willgerodt@intel.com>

Intel's Control-Flow Enforcement Technology (CET) provides the shadow
stack feature for the x86 architecture.

This commit adds support to write and read the shadow-stack node in
corefiles.  This helps debugging return address violations post-mortem.
The format is synced with the linux kernel commit "x86: Add PTRACE
interface for shadow stack".  As the linux kernel restricts shadow
stack support to 64-bit, apply the fix for amd64 only.

Co-Authored-By: Christina Schimpe <christina.schimpe@intel.com>

Reviewed-by: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
---
 gdb/amd64-linux-tdep.c                        | 57 +++++++++++++++++--
 .../gdb.arch/amd64-shadow-stack-corefile.exp  | 50 ++++++++++++++++
 2 files changed, 103 insertions(+), 4 deletions(-)
 create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp

diff --git a/gdb/amd64-linux-tdep.c b/gdb/amd64-linux-tdep.c
index f23db4dce22..d806d3cb1f7 100644
--- a/gdb/amd64-linux-tdep.c
+++ b/gdb/amd64-linux-tdep.c
@@ -46,6 +46,7 @@
 #include "expop.h"
 #include "arch/amd64-linux-tdesc.h"
 #include "inferior.h"
+#include "x86-tdep.h"
 
 /* The syscall's XML filename for i386.  */
 #define XML_SYSCALL_FILENAME_AMD64 "syscalls/amd64-linux.xml"
@@ -1592,6 +1593,14 @@ amd64_linux_record_signal (struct gdbarch *gdbarch,
   return 0;
 }
 
+/* Get shadow stack pointer state from core dump.  */
+
+static bool
+amd64_linux_core_read_ssp_state_p (bfd *abfd)
+{
+  return bfd_get_section_by_name (abfd, ".reg-ssp") != NULL;
+}
+
 /* Get Linux/x86 target description from core dump.  */
 
 static const struct target_desc *
@@ -1601,11 +1610,14 @@ amd64_linux_core_read_description (struct gdbarch *gdbarch,
 {
   /* Linux/x86-64.  */
   x86_xsave_layout layout;
-  uint64_t xcr0 = i386_linux_core_read_xsave_info (abfd, layout);
-  if (xcr0 == 0)
-    xcr0 = X86_XSTATE_SSE_MASK;
+  uint64_t xstate_bv_mask = i386_linux_core_read_xsave_info (abfd, layout);
+  if (xstate_bv_mask == 0)
+    xstate_bv_mask = X86_XSTATE_SSE_MASK;
+
+  if (amd64_linux_core_read_ssp_state_p (abfd))
+    xstate_bv_mask |= X86_XSTATE_CET_U;
 
-  return amd64_linux_read_description (xcr0 & X86_XSTATE_ALL_MASK,
+  return amd64_linux_read_description (xstate_bv_mask & X86_XSTATE_ALL_MASK,
 				       gdbarch_ptr_bit (gdbarch) == 32);
 }
 
@@ -1636,6 +1648,35 @@ static const struct regset amd64_linux_xstateregset =
     amd64_linux_collect_xstateregset
   };
 
+/* Supply shadow stack pointer register from the buffer SSP to the
+   register cache REGCACHE.  */
+
+static void
+amd64_linux_supply_ssp (const regset *regset,
+			regcache *regcache, int regnum,
+			const void *ssp, size_t len)
+{
+  x86_supply_ssp (regcache, *static_cast<const uint64_t *> (ssp));
+}
+
+/* Collect the shadow stack pointer register from the register cache
+   REGCACHE and store it in SSP.  */
+
+static void
+amd64_linux_collect_ssp (const regset *regset,
+			 const regcache *regcache, int regnum,
+			 void *ssp, size_t len)
+{
+  x86_collect_ssp (regcache, *static_cast<uint64_t *> (ssp));
+}
+
+/* Shadow stack pointer register.  */
+
+static const struct regset amd64_linux_ssp_register
+  {
+    NULL, amd64_linux_supply_ssp, amd64_linux_collect_ssp
+  };
+
 /* Iterate over core file register note sections.  */
 
 static void
@@ -1652,6 +1693,14 @@ amd64_linux_iterate_over_regset_sections (struct gdbarch *gdbarch,
     cb (".reg-xstate", tdep->xsave_layout.sizeof_xsave,
 	tdep->xsave_layout.sizeof_xsave, &amd64_linux_xstateregset,
 	"XSAVE extended state", cb_data);
+
+  /* SSP can be unavailable.  Thus, we need to check the register status
+     in case we write a core file (regcache != nullptr).  */
+  if (tdep->ssp_regnum > 0
+      && (regcache == nullptr
+	  || REG_VALID == regcache->get_register_status (tdep->ssp_regnum)))
+    cb (".reg-ssp", 8, 8, &amd64_linux_ssp_register,
+	"shadow stack pointer", cb_data);
 }
 
 /* The instruction sequences used in x86_64 machines for a
diff --git a/gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp b/gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp
new file mode 100644
index 00000000000..25cc1529f0d
--- /dev/null
+++ b/gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp
@@ -0,0 +1,50 @@
+# Copyright 2021-2024 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Test the shadow stack pointer note in core dumps.
+
+require allow_ssp_tests
+
+standard_testfile amd64-shadow-stack.c
+set gcorefile ${binfile}.gcore
+
+save_vars { ::env(GLIBC_TUNABLES) } {
+
+    append_environment GLIBC_TUNABLES "glibc.cpu.hwcaps" "SHSTK"
+
+    if { [prepare_for_testing "failed to prepare" ${testfile} ${srcfile} \
+	  additional_flags="-fcf-protection=return"] } {
+	return -1
+    }
+
+    if { ![runto_main] } {
+	return -1
+    }
+
+    # Save ssp for comparison in the corefile session.
+    set ssp [get_hexadecimal_valueof "\$pl3_ssp" ""]
+
+    if { ![gdb_gcore_cmd $gcorefile "save a corefile"] } {
+	return -1
+    }
+
+    # Now restart gdb and load the corefile.
+    clean_restart ${binfile}
+
+    gdb_test "core ${gcorefile}" \
+	"Core was generated by .*" "re-load generated corefile"
+
+    gdb_test "print /x \$pl3_ssp" "= $ssp"
+}
-- 
2.34.1

Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928