From: kettenis Date: Wed, 19 Apr 2023 15:37:36 +0000 (+0000) Subject: Add a new PT_OPENBSD_NOBTCFI "segment type" to indicate that the kernel X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7e82ed534d1a25a5c556e9d910e22050313dcdfa;p=openbsd Add a new PT_OPENBSD_NOBTCFI "segment type" to indicate that the kernel should not enforce branch target control flow integrety for a binary. This works analoguous to PT_OPENBSD_WXNEEDED in that we will set it on binaries that don't have the necessary landing pads (yet). The kernel will enforce branch target CFI by default in the near future! This is a better match for what we want to achieve than the GNU property note mechanism that the Linux folks came up with. We can still use the GNU property notes for diagnostic purposes so we won't disable their generation in the toolchain. But ports will need to pass an explicit -Wl,-z,nobtcfi option to disable branch target CFI. Like with PT_OPENBSD_WXNEEDED we convert the presence of PT_OPENBSD_NOBTCFI into a flag in struct exec_package. From there MD code can pick it up and set a struct process flag or take action in setregs(). ok deraadt@ --- diff --git a/sys/kern/exec_elf.c b/sys/kern/exec_elf.c index 6b4f45ce407..f7c11b4ccc8 100644 --- a/sys/kern/exec_elf.c +++ b/sys/kern/exec_elf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.c,v 1.180 2023/01/16 07:09:11 guenther Exp $ */ +/* $OpenBSD: exec_elf.c,v 1.181 2023/04/19 15:37:36 kettenis Exp $ */ /* * Copyright (c) 1996 Per Fogelstrom @@ -918,6 +918,10 @@ elf_os_pt_note(struct proc *p, struct exec_package *epp, Elf_Ehdr *eh, int *name epp->ep_flags |= EXEC_WXNEEDED; continue; } + if (ph->p_type == PT_OPENBSD_NOBTCFI) { + epp->ep_flags |= EXEC_NOBTCFI; + continue; + } if (ph->p_type != PT_NOTE || ph->p_filesz > 1024) continue; diff --git a/sys/sys/exec.h b/sys/sys/exec.h index d083c6d4ec4..c70d1d94a17 100644 --- a/sys/sys/exec.h +++ b/sys/sys/exec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: exec.h,v 1.51 2022/10/30 17:43:40 guenther Exp $ */ +/* $OpenBSD: exec.h,v 1.52 2023/04/19 15:37:36 kettenis Exp $ */ /* $NetBSD: exec.h,v 1.59 1996/02/09 18:25:09 christos Exp $ */ /*- @@ -138,6 +138,7 @@ struct exec_package { #define EXEC_SKIPARG 0x0008 /* don't copy user-supplied argv[0] */ #define EXEC_DESTR 0x0010 /* destructive ops performed */ #define EXEC_WXNEEDED 0x0020 /* executable will violate W^X */ +#define EXEC_NOBTCFI 0x0040 /* no branch target CFI */ #ifdef _KERNEL /* diff --git a/sys/sys/exec_elf.h b/sys/sys/exec_elf.h index e077519c183..80580a0466b 100644 --- a/sys/sys/exec_elf.h +++ b/sys/sys/exec_elf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: exec_elf.h,v 1.99 2023/04/16 13:35:58 kettenis Exp $ */ +/* $OpenBSD: exec_elf.h,v 1.100 2023/04/19 15:37:36 kettenis Exp $ */ /* * Copyright (c) 1995, 1996 Erik Theisen. All rights reserved. * @@ -481,6 +481,7 @@ typedef struct { #define PT_OPENBSD_MUTABLE 0x65a3dbe5 /* like bss, but not immutable */ #define PT_OPENBSD_RANDOMIZE 0x65a3dbe6 /* fill with random data */ #define PT_OPENBSD_WXNEEDED 0x65a3dbe7 /* program performs W^X violations */ +#define PT_OPENBSD_NOBTCFI 0x65a3dbe8 /* no branch target CFI */ #define PT_OPENBSD_BOOTDATA 0x65a41be6 /* section for boot arguments */ /* Segment flags - p_flags */