From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id 2BsBF/YspGf81SUAWB0awg
	(envelope-from <gdb-patches-bounces~public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Wed, 05 Feb 2025 22:31:02 -0500
Authentication-Results: simark.ca;
	dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=acsyBmE0;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 48BCD1E105; Wed,  5 Feb 2025 22:31:02 -0500 (EST)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on simark.ca
X-Spam-Level: 
X-Spam-Status: No, score=-5.4 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED autolearn=ham autolearn_force=no version=4.0.0
Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id 233461E05C
	for <public-inbox@simark.ca>; Wed,  5 Feb 2025 22:31:01 -0500 (EST)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id AC9ED385842D
	for <public-inbox@simark.ca>; Thu,  6 Feb 2025 03:31:00 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org AC9ED385842D
Authentication-Results: sourceware.org;
	dkim=pass (2048-bit key, unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=acsyBmE0
Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com
 [IPv6:2607:f8b0:4864:20::62e])
 by sourceware.org (Postfix) with ESMTPS id 456F93858C51
 for <gdb-patches@sourceware.org>; Thu,  6 Feb 2025 03:30:27 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 456F93858C51
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 456F93858C51
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::62e
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1738812627; cv=none;
 b=tZ0JWFUCuhOdZWoZ/mpqKgECr1sIsVlmaMTCv+3aVGTElhvwhgIkgfE9MDzSzOxCJx5bZZPT++93V7cxV0D+rmyuCfKlY9Q9JepTID410wNwbzYerqviX3GDAWbhzQPBcU58ivmHAl7KYHlSTqX26JulM4vj7x6G6/6wOhOJNL8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1738812627; c=relaxed/simple;
 bh=Xj5fwq2rVN+kdbcX+shaiH6kO4utb9dvonHaUNxNp+I=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=IMDRwPHLhsMcHkD56q7YcCGMXekDZbjR4+lT8aA/ETRB3mw4Lh/prlyLI+HP+vsu/RUQb3kacEgUyP07wYXbaPwerqMGveYLAzIVQFqw5qJtmK8NRsrHelz8I/F/iDp53lTqtt4Uwkd4l77nCrVLetrnNlzJBKh6Gpd0Z6zCygo=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 456F93858C51
Received: by mail-pl1-x62e.google.com with SMTP id
 d9443c01a7336-219f8263ae0so9861175ad.0
 for <gdb-patches@sourceware.org>; Wed, 05 Feb 2025 19:30:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1738812626; x=1739417426; darn=sourceware.org;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=gEg0nUjb/Ah7QoklKBi8J4LphghlJ6dYP72uACeorsg=;
 b=acsyBmE0kg4uTs+C8ss+KrN0egFUxEnkj5jopoZkP5kQ1nqVeMT1fC5zFtGDcGix+j
 NlyWr52y5kmeigZpkqkqp20XegT9wNWXUBnZXfQ+Zk8V8nDOixWgTDQ/vhPL3Bqzm28u
 qWVvGaA7d+gW8MVOqq2ro+flEXUpRlJKH71a5P6DThjIIKqSZLDuLibKXBHDdftzHX12
 YNATXXkePL+0glvFvbR5O3laqWrybxOmWeqJ4eRSbjafGh33kWuSA1kkdGvfBmVYGYjx
 zhQwXIgffDq9uMtB94+eWwMqR9eNYuiItgKWH+XdnFEt2XiTBPsLlHdhD+4QlTzAxynw
 KmJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1738812626; x=1739417426;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=gEg0nUjb/Ah7QoklKBi8J4LphghlJ6dYP72uACeorsg=;
 b=lJm5MdkSltux/m9UESDwNhDFZMhd4U92gESdfwq8D3eX8xhALgCjBF2ZAmxCiQsfw1
 O1LkCdTevDhFUcrFfdXtRREknOiJ7f8ubaYZV5bsNOBofEGSZg4BE1MCmPQ+A8Pc2Vj1
 Prnq2KYlMwpsqGlHEQ7m7iaLa8yPBGJQIMYn7LctuK3zLhVwlEZtyWvuEww8BYds8BKP
 N3PhM17cr+zr0z7Stts50D2vMSbswi2mjj7JUNdfHm79IReOKmVhRdXj16aR/hzh5bJ5
 gRQiH+TEcsrSsnfgDi7AGl5Id12ewklFOLtlOc0dVFeWfQcYCKMxYAzv7Z1J8PHbipVE
 aYow==
X-Gm-Message-State: AOJu0YwVq/R6PdTtSDntqh60B7a37fcv14VHvvkS02bhdEgYgBNNm76u
 TzbaFt3WhMhnvA7C/7ooodhdPYEGT/buamlrG0AEdJZioKl7NsX9MupwXuLj5Hs=
X-Gm-Gg: ASbGnctv/iPqGTv/2574A4CdrU8sDbuNvnyGwg8xsQZBqtP0iTRUf1d3/J059yelY/A
 55GaHFVE+tOyij9258FEbQMnPu6ldmSACUlkP0wOQzmWPbzJqY1D83Euzd2HzuEHQdJLm7ALU/u
 NuBDNjw+/ZTXvZ6HTV/C7gdaKN5UihZcTf60GzlAuHXst4YhaWVSpTO8Ov2MMVm3674LYpOnnNF
 BwuqPdUw/jnL1t+2nnKIjRq6esszu83Zi/xpvWIcr8pj/6ySlci3EMBlr39k16IoOWM6JY+63+e
 zZeXT9Az1DFi2Edvg2nlG24=
X-Google-Smtp-Source: AGHT+IFuV99MgmYFavRUHFGMBkg8ZTIedCN+lQcqug6a+3VFaPgLuTSxNCf9ryHNprpANgrm1XODtg==
X-Received: by 2002:a05:6a20:2d07:b0:1ed:a524:4829 with SMTP id
 adf61e73a8af0-1ede8834e64mr8751972637.11.1738812626208; 
 Wed, 05 Feb 2025 19:30:26 -0800 (PST)
Received: from localhost ([2804:14d:7e39:8470:7e5:16be:a0c6:ff7])
 by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-73048bf144dsm223763b3a.85.2025.02.05.19.30.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Feb 2025 19:30:25 -0800 (PST)
From: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
To: "Schimpe, Christina" <christina.schimpe@intel.com>
Cc: gdb-patches@sourceware.org
Subject: Re: [PATCH 08/12] gdb: Handle shadow stack pointer register
 unwinding for amd64 linux.
In-Reply-To: <20241220200501.324191-9-christina.schimpe@intel.com> (Christina
 Schimpe's message of "Fri, 20 Dec 2024 20:04:57 +0000")
References: <20241220200501.324191-1-christina.schimpe@intel.com>
 <20241220200501.324191-9-christina.schimpe@intel.com>
User-Agent: mu4e 1.12.8; emacs 29.4
Date: Thu, 06 Feb 2025 00:30:22 -0300
Message-ID: <87y0yjhhrl.fsf@linaro.org>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
Errors-To: gdb-patches-bounces~public-inbox=simark.ca@sourceware.org


"Schimpe, Christina" <christina.schimpe@intel.com> writes:

> Unwind the $pl3_ssp register.
> We now have an updated value for the shadow stack pointer when
> moving up or down the frame level.  Note that $pl3_ssp can
> become unavailable when moving to a frame before the shadow
> stack enablement.  In the example below, shadow stack is enabled
> in the function 'call1'.  Thus, when moving to a frame level above
> the function, $pl3_ssp will become unavaiable.
> Following the restriction of the linux kernel, implement the unwinding
> for amd64 linux only.
>
> Before this patch:
> ~~~
> Breakpoint 1, call2 (j=3) at sample.c:44
> 44	  return 42;
> (gdb) p $pl3_ssp
> $1 = (void *) 0x7ffff79ffff8
> (gdb) up
> 55	  call2 (3);
> (gdb) p $pl3_ssp
> $2 = (void *) 0x7ffff79ffff8
> (gdb) up
> 68	  call1 (43);
> (gdb) p $pl3_ssp
> $3 = (void *) 0x7ffff79ffff8
> ~~~
>
> After this patch:
> ~~~
> Breakpoint 1, call2 (j=3) at sample.c:44
> 44	  return 42;
> (gdb) p $pl3_ssp
> $1 = (void *) 0x7ffff79ffff8
> (gdb) up
> 55	  call2 (3);
> (gdb) p $pl3_ssp
> $2 = (void *) 0x7ffff7a00000
> (gdb) up
> 68	  call1 (43i);
> (gdb) p $pl3_ssp
> $3 = <unavailable>
> ~~~
>
> As we now have an updated value for each selected frame, the
> return command is now enabled for shadow stack enabled programs, too.
>
> We therefore add a test for the return command and shadow stack support,
> and for an updated shadow stack pointer after a frame level change.
> ---
>  gdb/amd64-linux-tdep.c                        | 69 +++++++++++++++
>  gdb/linux-tdep.c                              | 47 ++++++++++
>  gdb/linux-tdep.h                              |  7 ++
>  .../gdb.arch/amd64-shadow-stack-cmds.exp      | 88 +++++++++++++++++++
>  gdb/testsuite/gdb.arch/amd64-shadow-stack.c   | 13 +++
>  5 files changed, 224 insertions(+)
>  create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-cmds.exp

Just some minor comments.

Reviewed-by: Thiago Jung Bauermann <thiago.bauermann@linaro.org>

> diff --git a/gdb/amd64-linux-tdep.c b/gdb/amd64-linux-tdep.c
> index 95f643b1217..895feac85e8 100644
> --- a/gdb/amd64-linux-tdep.c
> +++ b/gdb/amd64-linux-tdep.c
> @@ -45,6 +45,8 @@
>  #include "arch/amd64-linux-tdesc.h"
>  #include "inferior.h"
>  #include "x86-tdep.h"
> +#include "dwarf2/frame.h"
> +#include "frame-unwind.h"
>
>  /* The syscall's XML filename for i386.  */
>  #define XML_SYSCALL_FILENAME_AMD64 "syscalls/amd64-linux.xml"
> @@ -1873,6 +1875,72 @@ amd64_linux_remove_non_address_bits_watchpoint (gdbarch *gdbarch,
>    return (addr & amd64_linux_lam_untag_mask ());
>  }
>
> +static value *
> +amd64_linux_dwarf2_prev_ssp (const frame_info_ptr &this_frame,
> +			     void **this_cache, int regnum)
> +{

Add documentation comment to this function.

> +  value *v = frame_unwind_got_register (this_frame, regnum, regnum);
> +  gdb_assert (v != nullptr);
> +
> +  gdbarch *gdbarch = get_frame_arch (this_frame);
> +
> +  if (v->entirely_available () && !v->optimized_out ())
> +    {
> +      int size = register_size (gdbarch, regnum);
> +      bfd_endian byte_order = gdbarch_byte_order (gdbarch);
> +      CORE_ADDR ssp = extract_unsigned_integer (v->contents_all ().data (),
> +						size, byte_order);
> +
> +      /* Starting with v6.6., the Linux kernel supports CET shadow stack.
> +	 Using /proc/PID/smaps we can only check if the current shadow
> +	 stack pointer SSP points to shadow stack memory.  Only if this is
> +	 the case a valid previous shadow stack pointer can be
> +	 calculated.  */
> +      std::pair<CORE_ADDR, CORE_ADDR> range;
> +      if (linux_address_in_shadow_stack_mem_range (ssp, &range))
> +	{
> +	  /* The shadow stack grows downwards.  To compute the previous
> +	     shadow stack pointer, we need to increment SSP.
> +	     For x32 the shadow stack elements are still 64-bit aligned.
> +	     Thus, we cannot use gdbarch_addr_bit to compute the new stack
> +	     pointer.  */
> +	  const bfd_arch_info *binfo = gdbarch_bfd_arch_info (gdbarch);
> +	  const int bytes_per_word
> +	    = (binfo->bits_per_word / binfo->bits_per_byte);
> +	  CORE_ADDR new_ssp = ssp + bytes_per_word;

I agree with Guinevere's comment about introducing
amd64_linux_shadow_stack_element_size_aligned in this patch.

> +	  /* If NEW_SSP points to the end of or before (<=) the current
> +	     shadow stack memory range we consider NEW_SSP as valid (but
> +	     empty).  */
> +	  if (new_ssp <= range.second)
> +	    return frame_unwind_got_address (this_frame, regnum, new_ssp);
> +	}
> +    }
> +
> +  /* Return a value which is marked as unavailable in case we could not
> +     calculate a valid previous shadow stack pointer.  */
> +  value *retval
> +    = value::allocate_register (get_next_frame_sentinel_okay (this_frame),
> +				regnum, register_type (gdbarch, regnum));
> +  retval->mark_bytes_unavailable (0, retval->type ()->length ());
> +  return retval;
> +}
> +
> +static void
> +amd64_init_reg (gdbarch *gdbarch, int regnum, dwarf2_frame_state_reg *reg,
> +		const frame_info_ptr &this_frame)
> +{
> +  if (regnum == gdbarch_pc_regnum (gdbarch))
> +    reg->how = DWARF2_FRAME_REG_RA;
> +  else if (regnum == gdbarch_sp_regnum (gdbarch))
> +    reg->how = DWARF2_FRAME_REG_CFA;
> +  else if (regnum == AMD64_PL3_SSP_REGNUM)
> +    {
> +      reg->how = DWARF2_FRAME_REG_FN;
> +      reg->loc.fn = amd64_linux_dwarf2_prev_ssp;
> +    }
> +}

Add documentation comment to this function.

--
Thiago