[PING][PATCH 00/12] Add CET shadow stack support
Schimpe, Christina
christina.schimpe@intel.com
Thu Jan 16 14:01:58 GMT 2025
> -----Original Message-----
> From: Schimpe, Christina <christina.schimpe@intel.com>
> Sent: Friday, December 20, 2024 9:05 PM
> To: gdb-patches@sourceware.org
> Subject: [PATCH 00/12] Add CET shadow stack support
>
> Hi all,
>
> this is a series to add amd64 shadow stack support to GDB on linux.
> Shadow stack is part of the Control-flow Enforcement Technology (CET) by Intel.
>
> Intel's CET provides the two capabilities to defend against ROP/COP/JOP style
> control-flow subversion attacks: shadow stack and indirect branch tracking (IBT).
>
> While there is linux kernel support for CET shadow stack in userspace, there is no
> linux kernel support available for userspace IBT, yet.
> This series therefore focuses on CET shadow stack only.
>
> I am looking forward to your feedback!
>
> Regards,
> Christina
>
>
> Felix Willgerodt (1):
> gdb, bfd: amd64 linux coredump support with shadow stack.
>
> Schimpe, Christina (11):
> gdb, testsuite: Rename set_sanitizer_default to append_environment.
> gdbserver: Add optional runtime register set type.
> gdbserver: Add assert in x86_linux_read_description.
> gdb: Sync up x86-gcc-cpuid.h with cpuid.h from gcc 14 branch.
> gdb, gdbserver: Use xstate_bv for target description creation on x86.
> gdb, gdbserver: Add support of Intel shadow stack pointer register.
> gdb: Handle shadow stack pointer register unwinding for amd64 linux.
> gdb, gdbarch: Enable inferior calls for shadow stack support.
> gdb: Implement amd64 linux shadow stack support for inferior calls.
> gdb, gdbarch: Introduce gdbarch method to get the shadow stack
> pointer.
> gdb: Enable displaced stepping with shadow stack on amd64 linux.
>
> bfd/elf.c | 24 +++
> gdb/amd64-linux-nat.c | 17 ++
> gdb/amd64-linux-tdep.c | 197 +++++++++++++++++-
> gdb/amd64-tdep.c | 32 ++-
> gdb/amd64-tdep.h | 9 +-
> gdb/arch-utils.c | 8 +
> gdb/arch-utils.h | 5 +
> gdb/arch/amd64-linux-tdesc.c | 33 +--
> gdb/arch/amd64-linux-tdesc.h | 7 +-
> gdb/arch/amd64.c | 25 ++-
> gdb/arch/amd64.h | 10 +-
> gdb/arch/i386-linux-tdesc.c | 29 +--
> gdb/arch/i386-linux-tdesc.h | 5 +-
> gdb/arch/i386.c | 19 +-
> gdb/arch/i386.h | 8 +-
> gdb/arch/x86-linux-tdesc-features.c | 56 ++---
> gdb/arch/x86-linux-tdesc-features.h | 25 ++-
> gdb/doc/gdb.texinfo | 42 ++++
> gdb/features/Makefile | 2 +
> gdb/features/i386/32bit-ssp.c | 14 ++
> gdb/features/i386/32bit-ssp.xml | 11 +
> gdb/features/i386/64bit-ssp.c | 14 ++
> gdb/features/i386/64bit-ssp.xml | 11 +
> gdb/gdbarch-gen.c | 54 +++++
> gdb/gdbarch-gen.h | 20 ++
> gdb/gdbarch_components.py | 26 +++
> gdb/i386-tdep.c | 44 +++-
> gdb/i386-tdep.h | 11 +-
> gdb/infcall.c | 6 +
> gdb/linux-tdep.c | 47 +++++
> gdb/linux-tdep.h | 7 +
> gdb/nat/x86-gcc-cpuid.h | 153 +++++++++++---
> gdb/nat/x86-linux-tdesc.c | 20 +-
> gdb/nat/x86-linux-tdesc.h | 7 +-
> gdb/nat/x86-linux.c | 55 +++++
> gdb/nat/x86-linux.h | 4 +
> .../gdb.arch/amd64-shadow-stack-cmds.exp | 141 +++++++++++++
> .../gdb.arch/amd64-shadow-stack-corefile.exp | 50 +++++
> .../gdb.arch/amd64-shadow-stack-disp-step.exp | 84 ++++++++
> gdb/testsuite/gdb.arch/amd64-shadow-stack.c | 35 ++++
> gdb/testsuite/gdb.arch/amd64-ssp.exp | 50 +++++
> .../gdb.base/inline-frame-cycle-unwind.py | 4 +
> gdb/testsuite/gdb.base/libsegfault.exp | 2 +-
> .../gdb.threads/attach-slow-waitpid.exp | 2 +-
> gdb/testsuite/lib/gdb.exp | 77 ++++++-
> gdb/x86-linux-nat.c | 51 ++++-
> gdb/x86-linux-nat.h | 11 +
> gdb/x86-tdep.c | 22 ++
> gdb/x86-tdep.h | 9 +
> gdbserver/i387-fp.cc | 40 ++--
> gdbserver/linux-amd64-ipa.cc | 10 +-
> gdbserver/linux-i386-ipa.cc | 6 +-
> gdbserver/linux-low.cc | 40 ++--
> gdbserver/linux-low.h | 7 +-
> gdbserver/linux-x86-low.cc | 44 +++-
> gdbsupport/x86-xstate.h | 7 +-
> 56 files changed, 1537 insertions(+), 212 deletions(-) create mode 100644
> gdb/features/i386/32bit-ssp.c create mode 100644 gdb/features/i386/32bit-
> ssp.xml create mode 100644 gdb/features/i386/64bit-ssp.c create mode 100644
> gdb/features/i386/64bit-ssp.xml create mode 100644
> gdb/testsuite/gdb.arch/amd64-shadow-stack-cmds.exp
> create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-corefile.exp
> create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack-disp-
> step.exp
> create mode 100644 gdb/testsuite/gdb.arch/amd64-shadow-stack.c
> create mode 100644 gdb/testsuite/gdb.arch/amd64-ssp.exp
>
> --
> 2.34.1
>
> Intel Deutschland GmbH
> Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
> Tel: +49 89 99 8853-0, www.intel.de
> Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva
> Chairperson of the Supervisory Board: Nicole Lau Registered Office: Munich
> Commercial Register: Amtsgericht Muenchen HRB 186928
Kindly pinging for feedback.
Best Regards,
Christina
Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de
Managing Directors: Sean Fennelly, Jeffrey Schneiderman, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928
More information about the Gdb-patches
mailing list