From patchwork Wed Jun 18 05:54:38 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thiago Jung Bauermann X-Patchwork-Id: 897536 Delivered-To: patch@linaro.org Received: by 2002:a5d:5f54:0:b0:3a4:ee3f:8f15 with SMTP id cm20csp135008wrb; Tue, 17 Jun 2025 22:56:36 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU2wQas66xBlG6uH5B0Tx7z5X86av+ARCESITRb8czBqemqtg4ImUHb/Z5V0cja5K2LKFlMdA==@linaro.org X-Google-Smtp-Source: AGHT+IHGJKzawbRiS69hhl13+/q/0U62c0hdM+92gUFXdT381GXkAAkgUAnQxCmDWnyirxvhr0xE X-Received: by 2002:a05:620a:8086:b0:7d0:9d42:732b with SMTP id af79cd13be357-7d3c6c1926dmr2320502585a.20.1750226196339; Tue, 17 Jun 2025 22:56:36 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1750226196; cv=pass; d=google.com; s=arc-20240605; b=BCZNViX/FYsB7cRpI2Sq2P30mreDK4+o9rqHY0uprt3RTAeOgVTfAualz0wwQxgy7J ab2hzU4e6ypmlQp92OZBLvM17wI16aLUqfWjAo2z5McdenAbhcVuHCPIjWQEuzwoBVAb LcdgxmdMBOd+gIOOo3wQGidFhbKe1kLioW6jfb0NZeycYWtraxHvGd83AlbwsfM8IhdR 14UKdiOupoOzsWPVDUqGI55Y4waJupUroIe/h3FJz0nRdt+Fzkk8GUHmuGxlKymISu+p OhQL7RwqmBu2h4OmtTpvnS+jJWMMGKlhsa7S9jrRlEOjeHv18dbcITmh5iJ4dMBemszw Binw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter :delivered-to:dkim-filter; bh=Cwa3a0aO5PRnNnEND/5n7yTE5tzZdW23MiQzhCdjdbM=; fh=v0Swrqm/HGzmFfs2Lyn4KGEK39u4NVWMm4qGXeDZh/s=; b=PmgXdXfgXsJapkNgDBFKVUeL8BOMZgWMh8aZ41o05yEN2BEb7XpPQLqoQF1C6fum/i DoIAIzc8ZXHd7WGpHmM3TumDcYUErvTmwqtbv2qVJh/wvq8n9kB326YDkNFPBsGXp+Iz NPZdLhaOGwf7XqqHIx9m1RDx20gf+pJkWQJDZY2nGHoq6Bufl5lQm8jWrUpooIiVxq+g s3PwscJlqHuY2Vl54gDBgmdDJ1+rLX3xaTVhzztHNojWDYjzWmvENz2PTX0ekD3kH7WL ff7OIvahLrm9sCG70/woTPdWtcliy+YqsLITBM1f/Vd4XMaACjQyZWBrnwFFkeRU2WGk firg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="RZ/g+NPS"; arc=pass (i=1); spf=pass (google.com: domain of gdb-patches-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gdb-patches-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id 6a1803df08f44-6fb561aa6ddsi61872686d6.211.2025.06.17.22.56.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Jun 2025 22:56:36 -0700 (PDT) Received-SPF: pass (google.com: domain of gdb-patches-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="RZ/g+NPS"; arc=pass (i=1); spf=pass (google.com: domain of gdb-patches-bounces~patch=linaro.org@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gdb-patches-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E17803816949 for ; Wed, 18 Jun 2025 05:56:35 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E17803816949 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=RZ/g+NPS X-Original-To: gdb-patches@sourceware.org Delivered-To: gdb-patches@sourceware.org Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) by sourceware.org (Postfix) with ESMTPS id 25F1D381694A for ; Wed, 18 Jun 2025 05:54:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 25F1D381694A Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 25F1D381694A Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::62b ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750226095; cv=none; b=gjsV/aB0GfsMJSChTFTgZ+zU96PzwvmkljrkywNU/4Wi6QLK9v3TPLTU4CLH5ylti6Yt1V+ASgf62KxzeoUF+NuMSH1p7SQWdk69jXqO09UVyNvcE6vWVmVyGffHDs8xTXOIMSduorTkGzRhsJt/sg3ktoRR3H6nN7hAx5G/5Tk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1750226095; c=relaxed/simple; bh=/j4tTrKMSRuf7aeU93UdHnQ+z/GlpjKDDdd0DzGs/Rw=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=TCRQ6ulb1ayhxgj0CBRwlOLxUcem4NCQBeZ+tQAO2Ai2O0QeLcAbReq3CtfLyWh/0s9y5dPdxDX1Erw5ZUvQi8u82r64dgd4Mr7IoZpvhPYfNtyVJ2ZM7rYenxiYMNjPlxNdrr//qxmyu8Y9tlpRjFmhGDC2fjryF6iN5j0YTJo= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 25F1D381694A Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-235e1d710d8so81138675ad.1 for ; Tue, 17 Jun 2025 22:54:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1750226094; x=1750830894; darn=sourceware.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Cwa3a0aO5PRnNnEND/5n7yTE5tzZdW23MiQzhCdjdbM=; b=RZ/g+NPS4bOfsZ4zSW82rofqMFJeHIBbMGMdGo3zT1sXZfPwRsc46h/l93nsWrFBcM YA9NFUAJVIkOieIbylihXwXYQfyh2dakTVdQzwkmWwC+YvZKSPCEYYDS+efE+4rYc4xD oewQc2+Zl7hco8GRv0EW32gex58Ikf5QGtNfWgVuscBXhaPMP5yowVshSDgVrHDIgu0i LGtKfUVQ9DBRzapa9dZ9p/nrtUBozOu4ZqEHwVIIkuHmqew0virdNKMT+9RPdjo8LrOE q73fzvrz3l5XsJY44OT5vqTDeKq1PDqTxoap0UlX3fHXoNEnjnGLNtPDRsQnU7pZ4tog 4knw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750226094; x=1750830894; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Cwa3a0aO5PRnNnEND/5n7yTE5tzZdW23MiQzhCdjdbM=; b=Ihi0PhTE4fczif/rfbXE/mi2cnewIe9P453E25QWsSc8uZ7lnx6Hu2GZLLCWDoKV7N uLM56b31aAgHEK6sL8gI1RAD8FLzvgRR8W4bSn9wjSzSdqf+saACzBNzl08JzP90R6Zp JUtpK6sZOWFbjz/QIuMm0tN8iEgDVLMugfn3gHpzNhd9yE7vMqwqsCXIZGS84KdL7FPb mW4CT2T8mL8o8jMVEF67KBhhmz4Xy/LhvTyjcJ7jQ+VEyzP7znEDMV0FjF33Zs2HoNBF FirqKRx69+j5zrFTeX42i9Vuz4BZwO8+M7KuS5A92fBmvVrCvNg+MAIHZ4oFlrYI6tqa mb6Q== X-Gm-Message-State: AOJu0YxHo34GqHBOnd1Gbh/fRygyE2rM0eLFDTPQ0AXY0F2paFbxYGeB fRVpr3HNq/JdzIatRCfwKMqho35UklWOJkpeH0ZKd4S+hJFcAqLkTQhnfuPHtJ1+8RCyKB2FO8k JFGHw X-Gm-Gg: ASbGnctrbPNSxLGjsm8xAPezVcNCGwFoaKurCRrv/ab5l4gkevHBkJhiNJCxAJSGEUl 4veP4GhLytyNIn8KfrV3vp+RzW3noyCMdAy2kO1/RyP32jym7XXfKYNd3ljFJ1rMJArwyYUOMTs n4jVTpEO4vC669ldsQWUvZNzlpbl5srZyh064dNJtZeC0w5MkAvv9CQG3gMESSK9FTdFGC/ATp2 y1dzmjZi+uujtkorb5L+wFUcHgCnjtesgjtKjI2X3fTULjc44BiDv0nj875fwUzzPeVG6ZWUhAB /xUVi3Ur1WryxL0ATFiQgxGZrSyfyzYwioWeBcA0/6NRANdV3bH9O6rxfcugAQ9DMT6wDKjdAVl bTs4= X-Received: by 2002:a17:90b:3843:b0:313:176b:3d4b with SMTP id 98e67ed59e1d1-313f1ce5d1fmr20428195a91.22.1750226093843; Tue, 17 Jun 2025 22:54:53 -0700 (PDT) Received: from localhost ([2804:14d:7e39:88d6:ae12:97ab:a9:43c]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-313c1c4e3b9sm13268315a91.29.2025.06.17.22.54.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Jun 2025 22:54:53 -0700 (PDT) From: Thiago Jung Bauermann To: gdb-patches@sourceware.org Cc: Eli Zaretskii , "Schimpe, Christina" , Luis Machado Subject: [PATCH v2 2/9] gdb, gdbarch: Enable inferior calls for shadow stack support. Date: Wed, 18 Jun 2025 02:54:38 -0300 Message-ID: <20250618055445.709416-3-thiago.bauermann@linaro.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250618055445.709416-1-thiago.bauermann@linaro.org> References: <20250618055445.709416-1-thiago.bauermann@linaro.org> MIME-Version: 1.0 X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces~patch=linaro.org@sourceware.org From: Christina Schimpe Inferior calls in GDB reset the current PC to the beginning of the function that is called. As no call instruction is executed the new return address needs to be pushed to the shadow stack and the shadow stack pointer needs to be updated. This commit adds a new gdbarch method to push an address on the shadow stack. The method is used to adapt the function 'call_function_by_hand_dummy' for inferior call shadow stack support. Reviewed-by: Thiago Jung Bauermann --- gdb/gdbarch-gen.c | 32 ++++++++++++++++++++++++++++++++ gdb/gdbarch-gen.h | 14 ++++++++++++++ gdb/gdbarch_components.py | 16 ++++++++++++++++ gdb/infcall.c | 14 ++++++++++---- 4 files changed, 72 insertions(+), 4 deletions(-) This is exactly: [PATCH v4 08/11] gdb, gdbarch: Enable inferior calls for shadow stack support. https://inbox.sourceware.org/gdb-patches/20250617121147.1956686-9-christina.schimpe@intel.com/ diff --git a/gdb/gdbarch-gen.c b/gdb/gdbarch-gen.c index 32d16598940b..3ca19c427a31 100644 --- a/gdb/gdbarch-gen.c +++ b/gdb/gdbarch-gen.c @@ -262,6 +262,7 @@ struct gdbarch gdbarch_read_core_file_mappings_ftype *read_core_file_mappings = default_read_core_file_mappings; gdbarch_use_target_description_from_corefile_notes_ftype *use_target_description_from_corefile_notes = default_use_target_description_from_corefile_notes; gdbarch_core_parse_exec_context_ftype *core_parse_exec_context = default_core_parse_exec_context; + gdbarch_shadow_stack_push_ftype *shadow_stack_push = nullptr; }; /* Create a new ``struct gdbarch'' based on information provided by @@ -535,6 +536,7 @@ verify_gdbarch (struct gdbarch *gdbarch) /* Skip verify of read_core_file_mappings, invalid_p == 0. */ /* Skip verify of use_target_description_from_corefile_notes, invalid_p == 0. */ /* Skip verify of core_parse_exec_context, invalid_p == 0. */ + /* Skip verify of shadow_stack_push, has predicate. */ if (!log.empty ()) internal_error (_("verify_gdbarch: the following are invalid ...%s"), log.c_str ()); @@ -1406,6 +1408,12 @@ gdbarch_dump (struct gdbarch *gdbarch, struct ui_file *file) gdb_printf (file, "gdbarch_dump: core_parse_exec_context = <%s>\n", host_address_to_string (gdbarch->core_parse_exec_context)); + gdb_printf (file, + "gdbarch_dump: gdbarch_shadow_stack_push_p() = %d\n", + gdbarch_shadow_stack_push_p (gdbarch)); + gdb_printf (file, + "gdbarch_dump: shadow_stack_push = <%s>\n", + host_address_to_string (gdbarch->shadow_stack_push)); if (gdbarch->dump_tdep != NULL) gdbarch->dump_tdep (gdbarch, file); } @@ -5551,3 +5559,27 @@ set_gdbarch_core_parse_exec_context (struct gdbarch *gdbarch, { gdbarch->core_parse_exec_context = core_parse_exec_context; } + +bool +gdbarch_shadow_stack_push_p (struct gdbarch *gdbarch) +{ + gdb_assert (gdbarch != NULL); + return gdbarch->shadow_stack_push != NULL; +} + +void +gdbarch_shadow_stack_push (struct gdbarch *gdbarch, CORE_ADDR new_addr, regcache *regcache) +{ + gdb_assert (gdbarch != NULL); + gdb_assert (gdbarch->shadow_stack_push != NULL); + if (gdbarch_debug >= 2) + gdb_printf (gdb_stdlog, "gdbarch_shadow_stack_push called\n"); + gdbarch->shadow_stack_push (gdbarch, new_addr, regcache); +} + +void +set_gdbarch_shadow_stack_push (struct gdbarch *gdbarch, + gdbarch_shadow_stack_push_ftype shadow_stack_push) +{ + gdbarch->shadow_stack_push = shadow_stack_push; +} diff --git a/gdb/gdbarch-gen.h b/gdb/gdbarch-gen.h index 313a8f198fdb..c276cd66d716 100644 --- a/gdb/gdbarch-gen.h +++ b/gdb/gdbarch-gen.h @@ -1801,3 +1801,17 @@ extern void set_gdbarch_use_target_description_from_corefile_notes (struct gdbar typedef core_file_exec_context (gdbarch_core_parse_exec_context_ftype) (struct gdbarch *gdbarch, bfd *cbfd); extern core_file_exec_context gdbarch_core_parse_exec_context (struct gdbarch *gdbarch, bfd *cbfd); extern void set_gdbarch_core_parse_exec_context (struct gdbarch *gdbarch, gdbarch_core_parse_exec_context_ftype *core_parse_exec_context); + +/* Some targets support special hardware-assisted control-flow protection + technologies. For example, the Intel Control-Flow Enforcement Technology + (Intel CET) on x86 provides a shadow stack and indirect branch tracking. + To enable inferior calls the function shadow_stack_push has to be provided. + + Push the address NEW_ADDR on the shadow stack and update the shadow stack + pointer. */ + +extern bool gdbarch_shadow_stack_push_p (struct gdbarch *gdbarch); + +typedef void (gdbarch_shadow_stack_push_ftype) (struct gdbarch *gdbarch, CORE_ADDR new_addr, regcache *regcache); +extern void gdbarch_shadow_stack_push (struct gdbarch *gdbarch, CORE_ADDR new_addr, regcache *regcache); +extern void set_gdbarch_shadow_stack_push (struct gdbarch *gdbarch, gdbarch_shadow_stack_push_ftype *shadow_stack_push); diff --git a/gdb/gdbarch_components.py b/gdb/gdbarch_components.py index ec09d9550889..ab685b14ec7d 100644 --- a/gdb/gdbarch_components.py +++ b/gdb/gdbarch_components.py @@ -2848,3 +2848,19 @@ which all assume current_inferior() is the one to read from. predefault="default_core_parse_exec_context", invalid=False, ) + +Method( + comment=""" +Some targets support special hardware-assisted control-flow protection +technologies. For example, the Intel Control-Flow Enforcement Technology +(Intel CET) on x86 provides a shadow stack and indirect branch tracking. +To enable inferior calls the function shadow_stack_push has to be provided. + +Push the address NEW_ADDR on the shadow stack and update the shadow stack +pointer. +""", + type="void", + name="shadow_stack_push", + params=[("CORE_ADDR", "new_addr"), ("regcache *", "regcache")], + predicate=True, +) diff --git a/gdb/infcall.c b/gdb/infcall.c index 098072dfd2aa..a1c80c812380 100644 --- a/gdb/infcall.c +++ b/gdb/infcall.c @@ -1448,10 +1448,16 @@ call_function_by_hand_dummy (struct value *function, /* Create the dummy stack frame. Pass in the call dummy address as, presumably, the ABI code knows where, in the call dummy, the return address should be pointed. */ - sp = gdbarch_push_dummy_call (gdbarch, function, - get_thread_regcache (inferior_thread ()), - bp_addr, args.size (), args.data (), - sp, return_method, struct_addr); + regcache *regcache = get_thread_regcache (inferior_thread ()); + sp = gdbarch_push_dummy_call (gdbarch, function, regcache, bp_addr, + args.size (), args.data (), sp, + return_method, struct_addr); + + /* Push the return address of the inferior (bp_addr) on the shadow stack + and update the shadow stack pointer. As we don't execute a call + instruction to start the inferior we need to handle this manually. */ + if (gdbarch_shadow_stack_push_p (gdbarch)) + gdbarch_shadow_stack_push (gdbarch, bp_addr, regcache); /* Set up a frame ID for the dummy frame so we can pass it to set_momentary_breakpoint. We need to give the breakpoint a frame