Accepting request 1088918 from home:gbelinassi:branches:Base:System
- Add support for livepatches in ASM written functions (bsc#1210777) OBS-URL: https://build.opensuse.org/request/show/1088918 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=651
This commit is contained in:
parent
951bcba4cf
commit
c22496d4ba
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Apr 28 23:42:47 UTC 2023 - Giuliano Belinassi <giuliano.belinassi@suse.com>
|
||||||
|
|
||||||
|
- Add support for livepatches in ASM written functions (bsc#1210777)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Mar 30 12:03:36 UTC 2023 - Andreas Schwab <schwab@suse.de>
|
Thu Mar 30 12:03:36 UTC 2023 - Andreas Schwab <schwab@suse.de>
|
||||||
|
|
||||||
|
@ -260,6 +260,8 @@ Patch15: glibc-2.3.90-langpackdir.diff
|
|||||||
Patch19: nscd-server-user.patch
|
Patch19: nscd-server-user.patch
|
||||||
# PATCH-FEATURE-SLE read nsswich.conf from /usr
|
# PATCH-FEATURE-SLE read nsswich.conf from /usr
|
||||||
Patch20: glibc-nsswitch-usr.diff
|
Patch20: glibc-nsswitch-usr.diff
|
||||||
|
# PATCH-FEATURE-SLE Add ULP prologue into ASM functions
|
||||||
|
Patch21: ulp-prologue-into-asm-functions.patch
|
||||||
|
|
||||||
### Locale related patches
|
### Locale related patches
|
||||||
# PATCH-FIX-OPENSUSE Add additional locales
|
# PATCH-FIX-OPENSUSE Add additional locales
|
||||||
@ -500,6 +502,7 @@ library in a cross compilation setting.
|
|||||||
%patch15 -p1
|
%patch15 -p1
|
||||||
%patch19 -p1
|
%patch19 -p1
|
||||||
%patch20 -p1
|
%patch20 -p1
|
||||||
|
%patch21 -p1
|
||||||
|
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch102 -p1
|
%patch102 -p1
|
||||||
@ -676,6 +679,9 @@ profile="--disable-profile"
|
|||||||
--with-bugurl=http://bugs.opensuse.org \
|
--with-bugurl=http://bugs.opensuse.org \
|
||||||
--enable-bind-now \
|
--enable-bind-now \
|
||||||
--disable-timezone-tools \
|
--disable-timezone-tools \
|
||||||
|
%if %{with livepatching}
|
||||||
|
--enable-userspace-livepatch \
|
||||||
|
%endif
|
||||||
--disable-crypt || \
|
--disable-crypt || \
|
||||||
{
|
{
|
||||||
rc=$?;
|
rc=$?;
|
||||||
@ -688,7 +694,7 @@ profile="--disable-profile"
|
|||||||
%if %{build_main} && %{with livepatching}
|
%if %{build_main} && %{with livepatching}
|
||||||
# Append necessary flags for livepatch support, if enabled. Only objects
|
# Append necessary flags for livepatch support, if enabled. Only objects
|
||||||
# included in shared libraries should be prepared for live patching.
|
# included in shared libraries should be prepared for live patching.
|
||||||
echo 'CFLAGS-.os += -fpatchable-function-entry=16,14 -fdump-ipa-clones' \
|
echo 'CFLAGS-.os += -fdump-ipa-clones' \
|
||||||
>> Makeconfig
|
>> Makeconfig
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
270
ulp-prologue-into-asm-functions.patch
Normal file
270
ulp-prologue-into-asm-functions.patch
Normal file
@ -0,0 +1,270 @@
|
|||||||
|
From e3a1c61d1a69c66a5635bb23318531d5ef651e15 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Giuliano Belinassi <gbelinassi@suse.de>
|
||||||
|
Date: Wed, 24 May 2023 18:03:15 -0300
|
||||||
|
Subject: [PATCH] Add Userspace Livepatch prologue into ASM functions
|
||||||
|
|
||||||
|
Userspace Live Patching (ULP) refers to the process of applying
|
||||||
|
patches to the libraries used by a running process, without
|
||||||
|
interrupting it. In order to archive this, functions must have
|
||||||
|
the NOP prologue. This prologue is included automatically when
|
||||||
|
compiled with -fpatchable-function-entry, but for ASM functions
|
||||||
|
this have to be included manually. This patch does this.
|
||||||
|
|
||||||
|
Signed-off-by: Giuliano Belinassi <gbelinassi@suse.de>
|
||||||
|
---
|
||||||
|
Makeconfig | 5 +++++
|
||||||
|
config.h.in | 3 +++
|
||||||
|
config.make.in | 1 +
|
||||||
|
configure | 20 ++++++++++++++++++
|
||||||
|
configure.ac | 13 ++++++++++++
|
||||||
|
sysdeps/x86/sysdep.h | 22 ++++++++++++++++----
|
||||||
|
sysdeps/x86_64/multiarch/strcmp-avx2.S | 5 +----
|
||||||
|
sysdeps/x86_64/multiarch/strcmp-evex.S | 5 +----
|
||||||
|
sysdeps/x86_64/multiarch/strcmp-sse4_2.S | 5 +----
|
||||||
|
sysdeps/x86_64/sysdep.h | 26 ++++++++++++++++++++++++
|
||||||
|
10 files changed, 89 insertions(+), 16 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/Makeconfig b/Makeconfig
|
||||||
|
index 2514db35f6..37df019873 100644
|
||||||
|
--- a/Makeconfig
|
||||||
|
+++ b/Makeconfig
|
||||||
|
@@ -961,6 +961,11 @@ endif # $(+cflags) == ""
|
||||||
|
$(+stack-protector) -fno-common
|
||||||
|
+gcc-nowarn := -w
|
||||||
|
|
||||||
|
+# Add flags for Userspace Livepatching support.
|
||||||
|
+ifeq (yes,$(enable-userspace-livepatch))
|
||||||
|
++cflags += -fpatchable-function-entry=16,14
|
||||||
|
+endif
|
||||||
|
+
|
||||||
|
# Each sysdeps directory can contain header files that both will be
|
||||||
|
# used to compile and will be installed. Each can also contain an
|
||||||
|
# include/ subdirectory, whose header files will be used to compile
|
||||||
|
diff --git a/config.h.in b/config.h.in
|
||||||
|
index 44a34072a4..430627dcaf 100644
|
||||||
|
--- a/config.h.in
|
||||||
|
+++ b/config.h.in
|
||||||
|
@@ -199,6 +199,9 @@
|
||||||
|
/* Define to 1 if libpthread actually resides in libc. */
|
||||||
|
#define PTHREAD_IN_LIBC 0
|
||||||
|
|
||||||
|
+/* Define to 1 if support for userspace livepatching is enabled. */
|
||||||
|
+#define ENABLE_USERSPACE_LIVEPATCH 0
|
||||||
|
+
|
||||||
|
/* An integer used to scale the timeout of test programs. */
|
||||||
|
#define TIMEOUTFACTOR 1
|
||||||
|
|
||||||
|
diff --git a/config.make.in b/config.make.in
|
||||||
|
index 4afd37feaf..84d957cb1c 100644
|
||||||
|
--- a/config.make.in
|
||||||
|
+++ b/config.make.in
|
||||||
|
@@ -83,6 +83,7 @@ nss-crypt = @libc_cv_nss_crypt@
|
||||||
|
static-nss-crypt = @libc_cv_static_nss_crypt@
|
||||||
|
|
||||||
|
# Configuration options.
|
||||||
|
+enable-userspace-livepatch = @enable_userspace_livepatch@
|
||||||
|
build-shared = @shared@
|
||||||
|
build-profile = @profile@
|
||||||
|
build-static-nss = @static_nss@
|
||||||
|
diff --git a/configure b/configure
|
||||||
|
index f84040644b..490800c75c 100755
|
||||||
|
--- a/configure
|
||||||
|
+++ b/configure
|
||||||
|
@@ -591,6 +591,7 @@ LIBOBJS
|
||||||
|
pthread_in_libc
|
||||||
|
RELEASE
|
||||||
|
VERSION
|
||||||
|
+enable_userspace_livepatch
|
||||||
|
mach_interface_list
|
||||||
|
DEFINES
|
||||||
|
static_nss
|
||||||
|
@@ -783,6 +784,7 @@ enable_mathvec
|
||||||
|
enable_cet
|
||||||
|
enable_scv
|
||||||
|
with_cpu
|
||||||
|
+enable_userspace_livepatch
|
||||||
|
'
|
||||||
|
ac_precious_vars='build_alias
|
||||||
|
host_alias
|
||||||
|
@@ -1452,6 +1454,8 @@ Optional Features:
|
||||||
|
(CET), x86 only
|
||||||
|
--disable-scv syscalls will not use scv instruction, even if the
|
||||||
|
kernel supports it, powerpc only
|
||||||
|
+ --enable-userspace-livepatch
|
||||||
|
+ build with userspace livepatch support [default=no]
|
||||||
|
|
||||||
|
Optional Packages:
|
||||||
|
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
|
||||||
|
@@ -6708,6 +6712,22 @@ libc_cv_multidir=`${CC-cc} $CFLAGS $CPPFLAGS -print-multi-directory`
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
+# Check whether --enable-userspace-livepatch was given.
|
||||||
|
+if test "${enable_userspace_livepatch+set}" = set; then :
|
||||||
|
+ enableval=$enable_userspace_livepatch; enable_userspace_livepatch=$enableval
|
||||||
|
+else
|
||||||
|
+ enable_userspace_livepatch=no
|
||||||
|
+fi
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+# Libpulp uses -fpatchable-function-entry to add padding NOPS to the
|
||||||
|
+# prologue of all functions.
|
||||||
|
+if test "x$enable_userspace_livepatch" = xyes; then
|
||||||
|
+ $as_echo "#define ENABLE_USERSPACE_LIVEPATCH 1" >>confdefs.h
|
||||||
|
+
|
||||||
|
+fi
|
||||||
|
+
|
||||||
|
+
|
||||||
|
VERSION=`sed -n -e 's/^#define VERSION "\([^"]*\)"/\1/p' < $srcdir/version.h`
|
||||||
|
RELEASE=`sed -n -e 's/^#define RELEASE "\([^"]*\)"/\1/p' < $srcdir/version.h`
|
||||||
|
|
||||||
|
diff --git a/configure.ac b/configure.ac
|
||||||
|
index 88df3e5eed..1c2983de75 100644
|
||||||
|
--- a/configure.ac
|
||||||
|
+++ b/configure.ac
|
||||||
|
@@ -1803,6 +1803,19 @@ AC_SUBST(DEFINES)
|
||||||
|
dnl See sysdeps/mach/configure.ac for this variable.
|
||||||
|
AC_SUBST(mach_interface_list)
|
||||||
|
|
||||||
|
+AC_ARG_ENABLE([userspace-livepatch],
|
||||||
|
+ AS_HELP_STRING([--enable-userspace-livepatch],
|
||||||
|
+ [build with userspace livepatch support @<:@default=no@:>@]),
|
||||||
|
+ [enable_userspace_livepatch=$enableval],
|
||||||
|
+ [enable_userspace_livepatch=no])
|
||||||
|
+
|
||||||
|
+# Libpulp uses -fpatchable-function-entry to add padding NOPS to the
|
||||||
|
+# prologue of all functions.
|
||||||
|
+if test "x$enable_userspace_livepatch" = xyes; then
|
||||||
|
+ AC_DEFINE(ENABLE_USERSPACE_LIVEPATCH)
|
||||||
|
+fi
|
||||||
|
+AC_SUBST(enable_userspace_livepatch)
|
||||||
|
+
|
||||||
|
VERSION=`sed -n -e 's/^#define VERSION "\([^"]*\)"/\1/p' < $srcdir/version.h`
|
||||||
|
RELEASE=`sed -n -e 's/^#define RELEASE "\([^"]*\)"/\1/p' < $srcdir/version.h`
|
||||||
|
AC_SUBST(VERSION)
|
||||||
|
diff --git a/sysdeps/x86/sysdep.h b/sysdeps/x86/sysdep.h
|
||||||
|
index 0b3483a77a..329c16306e 100644
|
||||||
|
--- a/sysdeps/x86/sysdep.h
|
||||||
|
+++ b/sysdeps/x86/sysdep.h
|
||||||
|
@@ -77,15 +77,29 @@ enum cf_protection_level
|
||||||
|
#define ALIGNARG(log2) 1<<log2
|
||||||
|
#define ASM_SIZE_DIRECTIVE(name) .size name,.-name;
|
||||||
|
|
||||||
|
+/* For 32-bit glibc then define those macros as empty. */
|
||||||
|
+#ifndef ULP_PRE_PROLOGUE
|
||||||
|
+# define ULP_PRE_PROLOGUE
|
||||||
|
+#endif
|
||||||
|
+#ifndef ULP_POST_PROLOGUE
|
||||||
|
+# define ULP_POST_PROLOGUE
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+/* Define the first instructions of a function. */
|
||||||
|
+#define FUNCTION_START(name) \
|
||||||
|
+ ULP_PRE_PROLOGUE; \
|
||||||
|
+ C_LABEL(name); \
|
||||||
|
+ cfi_startproc; \
|
||||||
|
+ _CET_ENDBR; \
|
||||||
|
+ ULP_POST_PROLOGUE; \
|
||||||
|
+ CALL_MCOUNT;
|
||||||
|
+
|
||||||
|
/* Define an entry point visible from C. */
|
||||||
|
#define ENTRY_P2ALIGN(name, alignment) \
|
||||||
|
.globl C_SYMBOL_NAME(name); \
|
||||||
|
.type C_SYMBOL_NAME(name),@function; \
|
||||||
|
.align ALIGNARG(alignment); \
|
||||||
|
- C_LABEL(name) \
|
||||||
|
- cfi_startproc; \
|
||||||
|
- _CET_ENDBR; \
|
||||||
|
- CALL_MCOUNT
|
||||||
|
+ FUNCTION_START(name)
|
||||||
|
|
||||||
|
/* Common entry 16 byte aligns. */
|
||||||
|
#define ENTRY(name) ENTRY_P2ALIGN (name, 4)
|
||||||
|
diff --git a/sysdeps/x86_64/multiarch/strcmp-avx2.S b/sysdeps/x86_64/multiarch/strcmp-avx2.S
|
||||||
|
index 07f8ec54c6..b22d59b5cf 100644
|
||||||
|
--- a/sysdeps/x86_64/multiarch/strcmp-avx2.S
|
||||||
|
+++ b/sysdeps/x86_64/multiarch/strcmp-avx2.S
|
||||||
|
@@ -201,10 +201,7 @@ END (STRCASECMP)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
.p2align 4
|
||||||
|
-STRCMP:
|
||||||
|
- cfi_startproc
|
||||||
|
- _CET_ENDBR
|
||||||
|
- CALL_MCOUNT
|
||||||
|
+FUNCTION_START(STRCMP)
|
||||||
|
|
||||||
|
# if defined USE_AS_STRCASECMP_L
|
||||||
|
/* We have to fall back on the C implementation for locales with
|
||||||
|
diff --git a/sysdeps/x86_64/multiarch/strcmp-evex.S b/sysdeps/x86_64/multiarch/strcmp-evex.S
|
||||||
|
index a8bd5cd786..809ba10447 100644
|
||||||
|
--- a/sysdeps/x86_64/multiarch/strcmp-evex.S
|
||||||
|
+++ b/sysdeps/x86_64/multiarch/strcmp-evex.S
|
||||||
|
@@ -224,10 +224,7 @@ END (STRCASECMP)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
.p2align 4
|
||||||
|
-STRCMP:
|
||||||
|
- cfi_startproc
|
||||||
|
- _CET_ENDBR
|
||||||
|
- CALL_MCOUNT
|
||||||
|
+FUNCTION_START(STRCMP)
|
||||||
|
|
||||||
|
# if defined USE_AS_STRCASECMP_L
|
||||||
|
/* We have to fall back on the C implementation for locales with
|
||||||
|
diff --git a/sysdeps/x86_64/multiarch/strcmp-sse4_2.S b/sysdeps/x86_64/multiarch/strcmp-sse4_2.S
|
||||||
|
index f93c34465e..f96f66d54c 100644
|
||||||
|
--- a/sysdeps/x86_64/multiarch/strcmp-sse4_2.S
|
||||||
|
+++ b/sysdeps/x86_64/multiarch/strcmp-sse4_2.S
|
||||||
|
@@ -103,10 +103,7 @@ END (STRCASECMP)
|
||||||
|
|
||||||
|
# define arg arg
|
||||||
|
|
||||||
|
-STRCMP:
|
||||||
|
- cfi_startproc
|
||||||
|
- _CET_ENDBR
|
||||||
|
- CALL_MCOUNT
|
||||||
|
+FUNCTION_START(STRCMP)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This implementation uses SSE to compare up to 16 bytes at a time.
|
||||||
|
diff --git a/sysdeps/x86_64/sysdep.h b/sysdeps/x86_64/sysdep.h
|
||||||
|
index 6ca169573d..a4265a3ef4 100644
|
||||||
|
--- a/sysdeps/x86_64/sysdep.h
|
||||||
|
+++ b/sysdeps/x86_64/sysdep.h
|
||||||
|
@@ -24,6 +24,32 @@
|
||||||
|
|
||||||
|
#ifdef __ASSEMBLER__
|
||||||
|
|
||||||
|
+/* Libpulp uses -fpatchable-function-entry to add padding NOPS to the
|
||||||
|
+ prologue of all functions. This works for C functions. For functions
|
||||||
|
+ written in ASM, the way we do this is by adding this prologue manually. */
|
||||||
|
+
|
||||||
|
+#if ENABLE_USERSPACE_LIVEPATCH == 1
|
||||||
|
+# undef ULP_PRE_PROLOGUE
|
||||||
|
+# undef ULP_POST_PROLOGUE
|
||||||
|
+# define ULP_PRE_PROLOGUE \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop; \
|
||||||
|
+ nop;
|
||||||
|
+# define ULP_POST_PROLOGUE \
|
||||||
|
+ xchg %ax, %ax
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Syntactic details of assembler. */
|
||||||
|
|
||||||
|
/* This macro is for setting proper CFI with DW_CFA_expression describing
|
||||||
|
--
|
||||||
|
2.39.0
|
||||||
|
|
Loading…
Reference in New Issue
Block a user