123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477 |
- diff -ruNp a/elf/dl-load.c b/elf/dl-load.c
- --- a/elf/dl-load.c
- +++ b/elf/dl-load.c
- @@ -46,6 +46,7 @@
- #include <dl-machine-reject-phdr.h>
- #include <dl-sysdep-open.h>
-
- +#include <glibc-version.h>
-
- #include <endian.h>
- #if BYTE_ORDER == BIG_ENDIAN
- @@ -1318,6 +1319,9 @@ cannot enable executable stack as shared
- DL_AFTER_LOAD (l);
- #endif
-
- + /* register the library to SHIM */
- + register_library(l->l_name, l->l_addr);
- +
- /* Now that the object is fully initialized add it to the object list. */
- _dl_add_to_namespace_list (l, nsid);
-
- diff -ruNp a/elf/Makefile b/elf/Makefile
- --- a/elf/Makefile
- +++ b/elf/Makefile
- @@ -21,7 +21,7 @@ subdir := elf
-
- include ../Makeconfig
-
- -headers = elf.h bits/elfclass.h link.h bits/link.h
- +headers = elf.h bits/elfclass.h link.h bits/link.h syscalldb.h
- routines = $(all-dl-routines) dl-support dl-iteratephdr \
- dl-addr dl-addr-obj enbl-secure dl-profstub \
- dl-origin dl-libc dl-sym dl-sysdep dl-error \
- @@ -33,7 +33,8 @@ dl-routines = $(addprefix dl-,load looku
- runtime init fini debug misc \
- version profile tls origin scope \
- execstack caller open close trampoline \
- - exception sort-maps)
- + exception sort-maps) \
- + syscalldb syscallas
- ifeq (yes,$(use-ldconfig))
- dl-routines += dl-cache
- endif
- diff -ruNp a/elf/rtld.c b/elf/rtld.c
- --- a/elf/rtld.c
- +++ b/elf/rtld.c
- @@ -439,6 +439,23 @@ _dl_start_final (void *arg, struct dl_st
- return start_addr;
- }
-
- +/* For graphene, check if glibc version match to the compatible SHIM
- + library. If not, tell the user to update glibc. */
- +#include "glibc-version.h"
- +
- +const unsigned int glibc_version __attribute__((weak)) = GLIBC_VERSION;
- +
- +static void __attribute__((noinline,optimize("-O0")))
- +check_glibc_version (void)
- +{
- + if (glibc_version != GLIBC_VERSION)
- + {
- + _dl_fatal_printf ("Warning from Graphene: "
- + "Glibc version is incorrect. Please rebuild Glibc.\n");
- + _exit (1);
- + }
- +}
- +
- static ElfW(Addr) __attribute_used__
- _dl_start (void *arg)
- {
- @@ -510,6 +527,9 @@ _dl_start (void *arg)
- therefore need not test whether we have to allocate the array
- for the relocation results (as done in dl-reloc.c). */
-
- + /* For Graphene, check if the glibc version is correct. */
- + check_glibc_version();
- +
- /* Now life is sane; we can call functions and access global data.
- Set up to use the operating system facilities, and find out from
- the operating system's program loader where to find the program
- diff -ruNp a/elf/Versions b/elf/Versions
- --- a/elf/Versions
- +++ b/elf/Versions
- @@ -79,4 +82,7 @@ ld {
- # Set value of a tunable.
- __tunable_get_val;
- }
- + SHIM {
- + syscalldb; glibc_version; glibc_option; register_library;
- + }
- }
- diff -ruNp a/Makeconfig b/Makeconfig
- --- a/Makeconfig
- +++ b/Makeconfig
- @@ -916,7 +916,8 @@ endif # $(+cflags) == ""
- # current directory.
- +includes = -I$(..)include $(if $(subdir),$(objpfx:%/=-I%)) \
- $(+sysdep-includes) $(includes) \
- - $(patsubst %/,-I%,$(..)) $(libio-include) -I. $(sysincludes)
- + $(patsubst %/,-I%,$(..)) $(libio-include) -I. $(sysincludes) \
- + -I$(common-objpfx)../shim/include
-
- # Since libio has several internal header files, we use a -I instead
- # of many little headers in the include directory.
- diff -ruNp a/Makefile b/Makefile
- --- a/Makefile
- +++ b/Makefile
- @@ -179,6 +179,8 @@ $(inst_includedir)/gnu/stubs.h: $(+force
- install-others-nosubdir: $(installed-stubs)
- endif
-
- +# For Graphene
- +CFLAGS-syscalldb.c = -fPIC
-
- # Since stubs.h is never needed when building the library, we simplify the
- # hairy installation process by producing it in place only as the last part
- diff -ruNp a/sysdeps/unix/sysv/linux/_exit.c b/sysdeps/unix/sysv/linux/_exit.c
- --- a/sysdeps/unix/sysv/linux/_exit.c 2018-02-01 10:17:18.000000000 -0600
- +++ b/sysdeps/unix/sysv/linux/_exit.c 2019-05-27 17:26:39.209526816 -0500
- @@ -28,9 +28,9 @@ _exit (int status)
- while (1)
- {
- #ifdef __NR_exit_group
- - INLINE_SYSCALL (exit_group, 1, status);
- + INLINE_SYSCALL_ASM (exit_group, 1, status);
- #endif
- - INLINE_SYSCALL (exit, 1, status);
- + INLINE_SYSCALL_ASM (exit, 1, status);
-
- #ifdef ABORT_INSTRUCTION
- ABORT_INSTRUCTION;
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/cancellation.S b/sysdeps/unix/sysv/linux/x86_64/cancellation.S
- --- a/sysdeps/unix/sysv/linux/x86_64/cancellation.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/cancellation.S
- @@ -109,7 +109,7 @@ ENTRY(__pthread_disable_asynccancel)
- xorq %r10, %r10
- addq $CANCELHANDLING, %rdi
- LOAD_PRIVATE_FUTEX_WAIT (%esi)
- - syscall
- + SYSCALLDB
- movl %fs:CANCELHANDLING, %eax
- jmp 3b
- END(__pthread_disable_asynccancel)
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/clone.S b/sysdeps/unix/sysv/linux/x86_64/clone.S
- --- a/sysdeps/unix/sysv/linux/x86_64/clone.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/clone.S
- @@ -73,7 +73,7 @@ ENTRY (__clone)
- /* End FDE now, because in the child the unwind info will be
- wrong. */
- cfi_endproc;
- - syscall
- + SYSCALLDB
-
- testq %rax,%rax
- jl SYSCALL_ERROR_LABEL
- @@ -96,7 +96,7 @@ L(thread_start):
- /* Call exit with return value from function call. */
- movq %rax, %rdi
- movl $SYS_ify(exit), %eax
- - syscall
- + SYSCALLDB
- cfi_endproc;
-
- cfi_startproc;
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/getcontext.S b/sysdeps/unix/sysv/linux/x86_64/getcontext.S
- --- a/sysdeps/unix/sysv/linux/x86_64/getcontext.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/getcontext.S
- @@ -75,7 +75,7 @@ ENTRY(__getcontext)
- #endif
- movl $_NSIG8,%r10d
- movl $__NR_rt_sigprocmask, %eax
- - syscall
- + SYSCALLDB
- cmpq $-4095, %rax /* Check %rax for error. */
- jae SYSCALL_ERROR_LABEL /* Jump to error handler if error. */
-
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S b/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
- --- a/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S
- @@ -84,7 +84,7 @@ ENTRY(____longjmp_chk)
- xorl %edi, %edi
- lea -sizeSS(%rsp), %RSI_LP
- movl $__NR_sigaltstack, %eax
- - syscall
- + SYSCALLDB
- /* Without working sigaltstack we cannot perform the test. */
- testl %eax, %eax
- jne .Lok2
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S b/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
- --- a/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S
- @@ -90,7 +90,7 @@ __lll_lock_wait_private:
-
- 1: LIBC_PROBE (lll_lock_wait_private, 1, %rdi)
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- 2: movl %edx, %eax
- xchgl %eax, (%rdi) /* NB: lock is implied */
- @@ -130,7 +130,7 @@ __lll_lock_wait:
-
- 1: LIBC_PROBE (lll_lock_wait, 2, %rdi, %rsi)
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- 2: movl %edx, %eax
- xchgl %eax, (%rdi) /* NB: lock is implied */
- @@ -185,7 +185,7 @@ __lll_timedlock_wait:
-
- 1: movl $SYS_futex, %eax
- movl $2, %edx
- - syscall
- + SYSCALLDB
-
- 2: xchgl %edx, (%rdi) /* NB: lock is implied */
-
- @@ -279,7 +279,7 @@ __lll_timedlock_wait:
- LOAD_FUTEX_WAIT (%esi)
- movq %r12, %rdi
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- /* NB: %edx == 2 */
- xchgl %edx, (%r12)
- @@ -336,7 +336,7 @@ __lll_unlock_wake_private:
- LOAD_PRIVATE_FUTEX_WAKE (%esi)
- movl $1, %edx /* Wake one thread. */
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- popq %rdx
- cfi_adjust_cfa_offset(-8)
- @@ -366,7 +366,7 @@ __lll_unlock_wake:
- LOAD_FUTEX_WAKE (%esi)
- movl $1, %edx /* Wake one thread. */
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- popq %rdx
- cfi_adjust_cfa_offset(-8)
- @@ -436,7 +436,7 @@ __lll_timedwait_tid:
- #endif
- movq %r12, %rdi
- movl $SYS_futex, %eax
- - syscall
- + SYSCALLDB
-
- cmpl $0, (%rdi)
- jne 1f
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/setcontext.S b/sysdeps/unix/sysv/linux/x86_64/setcontext.S
- --- a/sysdeps/unix/sysv/linux/x86_64/setcontext.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/setcontext.S
- @@ -43,7 +43,7 @@ ENTRY(__setcontext)
- movl $SIG_SETMASK, %edi
- movl $_NSIG8,%r10d
- movl $__NR_rt_sigprocmask, %eax
- - syscall
- + SYSCALLDB
- popq %rdi /* Reload %rdi, adjust stack. */
- cfi_adjust_cfa_offset(-8)
- cmpq $-4095, %rax /* Check %rax for error. */
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/sigaction.c b/sysdeps/unix/sysv/linux/x86_64/sigaction.c
- --- a/sysdeps/unix/sysv/linux/x86_64/sigaction.c
- +++ b/sysdeps/unix/sysv/linux/x86_64/sigaction.c
- @@ -120,7 +120,7 @@ asm \
- " .type __" #name ",@function\n" \
- "__" #name ":\n" \
- " movq $" #syscall ", %rax\n" \
- - " syscall\n" \
- + SYSCALLDB_ASM \
- ".LEND_" #name ":\n" \
- ".section .eh_frame,\"a\",@progbits\n" \
- ".LSTARTFRAME_" #name ":\n" \
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/swapcontext.S b/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
- --- a/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/swapcontext.S
- @@ -75,7 +75,7 @@ ENTRY(__swapcontext)
- movl $SIG_SETMASK, %edi
- movl $_NSIG8,%r10d
- movl $__NR_rt_sigprocmask, %eax
- - syscall
- + SYSCALLDB
- cmpq $-4095, %rax /* Check %rax for error. */
- jae SYSCALL_ERROR_LABEL /* Jump to error handler if error. */
-
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/syscall.S b/sysdeps/unix/sysv/linux/x86_64/syscall.S
- --- a/sysdeps/unix/sysv/linux/x86_64/syscall.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/syscall.S
- @@ -34,7 +34,7 @@ ENTRY (syscall)
- movq %r8, %r10
- movq %r9, %r8
- movq 8(%rsp),%r9 /* arg6 is on the stack. */
- - syscall /* Do the system call. */
- + SYSCALLDB /* Do the system call. */
- cmpq $-4095, %rax /* Check %rax for error. */
- jae SYSCALL_ERROR_LABEL /* Jump to error handler if error. */
- ret /* Return to caller. */
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/sysdep.h b/sysdeps/unix/sysv/linux/x86_64/sysdep.h
- --- a/sysdeps/unix/sysv/linux/x86_64/sysdep.h
- +++ b/sysdeps/unix/sysv/linux/x86_64/sysdep.h
- @@ -22,6 +22,7 @@
- #include <sysdeps/unix/sysv/linux/sysdep.h>
- #include <sysdeps/unix/x86_64/sysdep.h>
- #include <tls.h>
- +#include "syscalldb.h"
-
- #if IS_IN (rtld)
- # include <dl-sysdep.h> /* Defines RTLD_PRIVATE_ERRNO. */
- @@ -177,7 +178,7 @@
- # define DO_CALL(syscall_name, args) \
- DOARGS_##args \
- movl $SYS_ify (syscall_name), %eax; \
- - syscall;
- + SYSCALLDB;
-
- # define DOARGS_0 /* nothing */
- # define DOARGS_1 /* nothing */
- @@ -191,9 +192,20 @@
- /* Define a macro which expands inline into the wrapper code for a system
- call. */
- # undef INLINE_SYSCALL
- -# define INLINE_SYSCALL(name, nr, args...) \
- +# define INLINE_SYSCALL(name, nr_args...) \
- ({ \
- - unsigned long int resultvar = INTERNAL_SYSCALL (name, , nr, args); \
- + unsigned long int resultvar = INTERNAL_SYSCALL (name, , ##nr_args); \
- + if (__glibc_unlikely (INTERNAL_SYSCALL_ERROR_P (resultvar, ))) \
- + { \
- + __set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, )); \
- + resultvar = (unsigned long int) -1; \
- + } \
- + (long int) resultvar; })
- +
- +# undef INLINE_SYSCALL_ASM
- +# define INLINE_SYSCALL_ASM(name, nr_args...) \
- + ({ \
- + unsigned long int resultvar = INTERNAL_SYSCALL_ASM (name, , ##nr_args); \
- if (__glibc_unlikely (INTERNAL_SYSCALL_ERROR_P (resultvar, ))) \
- { \
- __set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, )); \
- @@ -205,9 +217,9 @@
- into the wrapper code for a system call. It should be used when size
- of any argument > size of long int. */
- # undef INLINE_SYSCALL_TYPES
- -# define INLINE_SYSCALL_TYPES(name, nr, args...) \
- +# define INLINE_SYSCALL_TYPES(name, nr_args...) \
- ({ \
- - unsigned long int resultvar = INTERNAL_SYSCALL_TYPES (name, , nr, args); \
- + unsigned long int resultvar = INTERNAL_SYSCALL_TYPES (name, , ##nr_args); \
- if (__glibc_unlikely (INTERNAL_SYSCALL_ERROR_P (resultvar, ))) \
- { \
- __set_errno (INTERNAL_SYSCALL_ERRNO (resultvar, )); \
- @@ -236,12 +248,19 @@
- #define INTERNAL_SYSCALL_NCS(number, err, nr, args...) \
- internal_syscall##nr (number, err, args)
-
- +#undef INTERNAL_SYSCALL_ASM
- +#define INTERNAL_SYSCALL_ASM(name, err, nr, args...) \
- + INTERNAL_SYSCALL_NCS_ASM (SYS_ify (name), err, nr, args)
- +
- +#undef INTERNAL_SYSCALL_NCS_ASM
- +#define INTERNAL_SYSCALL_NCS_ASM INTERNAL_SYSCALL_NCS
- +
- #undef internal_syscall0
- #define internal_syscall0(number, err, dummy...) \
- ({ \
- unsigned long int resultvar; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number) \
- : "memory", REGISTERS_CLOBBERED_BY_SYSCALL); \
- @@ -255,7 +270,7 @@
- TYPEFY (arg1, __arg1) = ARGIFY (arg1); \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1) \
- : "memory", REGISTERS_CLOBBERED_BY_SYSCALL); \
- @@ -271,7 +286,7 @@
- register TYPEFY (arg2, _a2) asm ("rsi") = __arg2; \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1), "r" (_a2) \
- : "memory", REGISTERS_CLOBBERED_BY_SYSCALL); \
- @@ -289,7 +304,7 @@
- register TYPEFY (arg2, _a2) asm ("rsi") = __arg2; \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1), "r" (_a2), "r" (_a3) \
- : "memory", REGISTERS_CLOBBERED_BY_SYSCALL); \
- @@ -309,7 +324,7 @@
- register TYPEFY (arg2, _a2) asm ("rsi") = __arg2; \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1), "r" (_a2), "r" (_a3), "r" (_a4) \
- : "memory", REGISTERS_CLOBBERED_BY_SYSCALL); \
- @@ -331,7 +346,7 @@
- register TYPEFY (arg2, _a2) asm ("rsi") = __arg2; \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1), "r" (_a2), "r" (_a3), "r" (_a4), \
- "r" (_a5) \
- @@ -356,7 +371,7 @@
- register TYPEFY (arg2, _a2) asm ("rsi") = __arg2; \
- register TYPEFY (arg1, _a1) asm ("rdi") = __arg1; \
- asm volatile ( \
- - "syscall\n\t" \
- + SYSCALLDB \
- : "=a" (resultvar) \
- : "0" (number), "r" (_a1), "r" (_a2), "r" (_a3), "r" (_a4), \
- "r" (_a5), "r" (_a6) \
- diff -ruNp a/sysdeps/unix/sysv/linux/x86_64/vfork.S b/sysdeps/unix/sysv/linux/x86_64/vfork.S
- --- a/sysdeps/unix/sysv/linux/x86_64/vfork.S
- +++ b/sysdeps/unix/sysv/linux/x86_64/vfork.S
- @@ -36,7 +36,7 @@ ENTRY (__vfork)
-
- /* Stuff the syscall number in RAX and enter into the kernel. */
- movl $SYS_ify (vfork), %eax
- - syscall
- + SYSCALLDB
-
- /* Push back the return PC. */
- pushq %rdi
- diff -ruNp a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h
- --- a/sysdeps/x86_64/dl-machine.h
- +++ b/sysdeps/x86_64/dl-machine.h
- @@ -577,7 +577,8 @@ elf_machine_lazy_rel (struct link_map *m
- value = ((ElfW(Addr) (*) (void)) value) ();
- *reloc_addr = value;
- }
- - else
- + /* for graphene, get around R_X86_64_NONE */
- + else if (__builtin_expect (r_type != R_X86_64_NONE, 1))
- _dl_reloc_bad_type (map, r_type, 1);
- }
-
- diff -ruNp a/sysdeps/x86_64/nptl/tls.h b/sysdeps/x86_64/nptl/tls.h
- --- a/sysdeps/x86_64/nptl/tls.h
- +++ b/sysdeps/x86_64/nptl/tls.h
- @@ -29,6 +29,7 @@
- # include <libc-pointer-arith.h> /* For cast_to_integer. */
- # include <kernel-features.h>
- # include <dl-dtv.h>
- +# include <syscalldb.h>
-
- /* Replacement type for __m128 since this file is included by ld.so,
- which is compiled with -mno-sse. It must not change the alignment
- @@ -144,7 +149,7 @@ typedef struct
- _head->self = _thrdescr; \
- \
- /* It is a simple syscall to set the %fs value for the thread. */ \
- - asm volatile ("syscall" \
- + asm volatile (SYSCALLDB \
- : "=a" (_result) \
- : "0" ((unsigned long int) __NR_arch_prctl), \
- "D" ((unsigned long int) ARCH_SET_FS), \
|