Add CET IBT Support to MUSL

Submitted by Joao Moreira on Oct. 19, 2020, 10:43 p.m.

Details

Reviewer None
Submitted Oct. 19, 2020, 10:43 p.m.
Last Updated Oct. 20, 2020, 9:41 a.m.
Revision 1

Cover Letter

Indirect Branch Tracking is an X86 feature which enforces that
indirect-branches to always target an endbranch instruction, confing the
execution flow of applications and protecting against control-flow hijacking
attacks. This patch series adds IBT support to MUSL.

Signed-off-by: Joao Moreira <joao.moreira@intel.com>

Joao Moreira (4):
  Support ASFLAGS in configure and Makefile
  Add ENDBRANCH64 and ENDBRANCH32 macro definitions
  Add endbr64 to x86_64 assembly functions
  Add endbr32 to i386 assembly functions

 Makefile                              |  4 ++--
 arch/x86_64/crt_arch.h                |  3 +++
 configure                             |  3 +++
 crt/i386/crti.s                       |  4 ++++
 crt/i386/crtn.s                       |  4 ++++
 crt/x86_64/crti.s                     |  4 ++++
 crt/x86_64/crtn.s                     |  4 ++++
 src/fenv/i386/fenv.s                  | 13 +++++++++++--
 src/fenv/x86_64/fenv.s                |  9 +++++++++
 src/include/ibt.s                     | 13 +++++++++++++
 src/ldso/i386/dlsym.s                 |  3 +++
 src/ldso/i386/tlsdesc.s               |  4 ++++
 src/ldso/x86_64/dlsym.s               |  3 +++
 src/ldso/x86_64/tlsdesc.s             |  4 ++++
 src/math/i386/acos.s                  |  2 ++
 src/math/i386/acosf.s                 |  3 +++
 src/math/i386/acosl.s                 |  3 +++
 src/math/i386/asin.s                  |  3 +++
 src/math/i386/asinf.s                 |  3 +++
 src/math/i386/asinl.s                 |  3 +++
 src/math/i386/atan.s                  |  3 +++
 src/math/i386/atan2.s                 |  3 +++
 src/math/i386/atan2f.s                |  3 +++
 src/math/i386/atan2l.s                |  3 +++
 src/math/i386/atanf.s                 |  3 +++
 src/math/i386/atanl.s                 |  2 ++
 src/math/i386/exp_ld.s                |  4 ++++
 src/math/i386/expl.s                  |  2 ++
 src/math/i386/floor.s                 | 11 +++++++++++
 src/math/i386/hypot.s                 |  3 +++
 src/math/i386/hypotf.s                |  3 +++
 src/math/i386/log.s                   |  3 +++
 src/math/i386/log10.s                 |  3 +++
 src/math/i386/log10f.s                |  3 +++
 src/math/i386/log10l.s                |  3 +++
 src/math/i386/log1p.s                 |  3 +++
 src/math/i386/log1pf.s                |  3 +++
 src/math/i386/log1pl.s                |  3 +++
 src/math/i386/log2.s                  |  3 +++
 src/math/i386/log2f.s                 |  3 +++
 src/math/i386/log2l.s                 |  3 +++
 src/math/i386/logf.s                  |  3 +++
 src/math/i386/logl.s                  |  3 +++
 src/math/i386/remquo.s                |  5 +++++
 src/math/i386/scalbn.s                |  5 +++++
 src/math/i386/scalbnf.s               |  5 +++++
 src/math/i386/scalbnl.s               |  5 +++++
 src/math/x86_64/acosl.s               |  2 ++
 src/math/x86_64/asinl.s               |  3 +++
 src/math/x86_64/atan2l.s              |  3 +++
 src/math/x86_64/atanl.s               |  3 +++
 src/math/x86_64/exp2l.s               |  4 ++++
 src/math/x86_64/expl.s                |  3 +++
 src/math/x86_64/floorl.s              |  5 +++++
 src/math/x86_64/log10l.s              |  3 +++
 src/math/x86_64/log1pl.s              |  3 +++
 src/math/x86_64/log2l.s               |  3 +++
 src/math/x86_64/logl.s                |  3 +++
 src/process/i386/vfork.s              |  3 +++
 src/process/x86_64/vfork.s            |  3 +++
 src/setjmp/i386/longjmp.s             |  3 +++
 src/setjmp/i386/setjmp.s              |  3 +++
 src/setjmp/x86_64/longjmp.s           |  3 +++
 src/setjmp/x86_64/setjmp.s            |  3 +++
 src/signal/i386/restore.s             |  4 ++++
 src/signal/i386/sigsetjmp.s           |  3 +++
 src/signal/x86_64/restore.s           |  3 +++
 src/signal/x86_64/sigsetjmp.s         |  3 +++
 src/string/i386/memcpy.s              |  3 +++
 src/string/i386/memmove.s             |  3 +++
 src/string/i386/memset.s              |  7 +++++--
 src/string/x86_64/memcpy.s            |  3 +++
 src/string/x86_64/memmove.s           |  3 +++
 src/string/x86_64/memset.s            |  3 +++
 src/thread/i386/__set_thread_area.s   |  3 +++
 src/thread/i386/__unmapself.s         |  3 +++
 src/thread/i386/clone.s               |  3 +++
 src/thread/i386/syscall_cp.s          |  3 +++
 src/thread/i386/tls.s                 |  3 +++
 src/thread/x86_64/__set_thread_area.s |  3 +++
 src/thread/x86_64/__unmapself.s       |  3 +++
 src/thread/x86_64/clone.s             |  3 +++
 src/thread/x86_64/syscall_cp.s        |  4 +++-
 83 files changed, 297 insertions(+), 7 deletions(-)
 create mode 100644 src/include/ibt.s
  

Revisions