ucontext wip

Author: jaidTw

sysdeps/unix/sysv/linux/riscv/getcontext.S

@@ -17,6 +17,7 @@
    <https://www.gnu.org/licenses/>.  */
 
 #include "ucontext-macros.h"
+#include "tcb-offsets.h"
 
 /* int getcontext (ucontext_t *ucp) */
 
@@ -60,8 +61,25 @@ LEAF (__getcontext)
 #endif /* __riscv_float_abi_soft */
 
 #ifdef __riscv_shadow_stack
-	ssrdp   t0
-	SAVE_INT_REG (t0,  28, a0)  /* We use t3 slot to store ssp  */
+	ssrdp	t0
+	beqz	t0, .Lskip_ss
+	/* Read ssp_base from TLS  */
+	ld	t1, SSP_BASE_OFFSET(tp)
+
+	bnez	t1, .Lbase_saved
+	/* if not found, use current ssp as the marker  */
+	mv	t1, t0
+	sd	t1, SSP_BASE_OFFSET(tp)
+
+.Lbase_saved:
+	/* Save caller's ssp and base marker to ucontext  */
+	REG_S	t1, UCONTEXT_SSP_BASE(a0)
+	REG_S	t0, UCONTEXT_SSP(a0)
+
+	/* clean up  */
+	xor	t0, t0, t0
+	xor	t1, t1, t1
+.Lskip_ss:
 #endif
 
 /* rt_sigprocmask (SIG_BLOCK, NULL, &ucp->uc_sigmask, _NSIG8) */

sysdeps/unix/sysv/linux/riscv/makecontext.c

@@ -84,13 +84,11 @@ __makecontext (ucontext_t *ucp, void (*func) (void), int argc,
 			  STACK_SIZE_TO_SHADOW_STACK_SIZE_SHIFT;
   unsigned long ss_page = (ss_size + 4096 - 1) / 4096 + 2;
   ss_size = (ss_page - 2) * 4096;
-  void *ssp = __mmap (NULL, ss_page * 4096, PROT_NONE,
-                      MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
-  unsigned long ss_base = (unsigned long) ssp + 4096;
-  ucp->uc_mcontext.__gregs[REG_PC + 29] = ss_base;
-  __mprotect ((void *) ss_base, ss_size, PROT_READ | PROT_WRITE);
-  ucp->uc_mcontext.__gregs[REG_PC + 28] = ss_base + ss_size
-	           - sizeof (unsigned long);
+  void *ss_start = __mmap (NULL, ss_page * 4096, PROT_NONE,
+                           MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+  ucp->uc_ssp_base = (unsigned long long) ss_start + 4096;
+  ucp->uc_ssp = ucp->uc_ssp_base + ss_size - sizeof (unsigned long long);
+  __mprotect ((void *) ucp->uc_ssp_base, ss_size, PROT_READ | PROT_WRITE);
 #endif
 }
 

sysdeps/unix/sysv/linux/riscv/setcontext.S

@@ -17,6 +17,7 @@
    <https://www.gnu.org/licenses/>.  */
 
 #include "ucontext-macros.h"
+#include "tcb-offsets.h"
 
 /*  int __setcontext (const ucontext_t *ucp)
 
@@ -51,9 +52,31 @@ LEAF (__setcontext)
 	ssrdp	t2
 	beqz	t2, .Lfin
 	/* We are safe to adjust shadow stack after the sanity check  */
-	RESTORE_INT_REG	   (t1,   28, t0)
+	REG_L	a0, UCONTEXT_SSP_BASE(t0)
+	REG_L   t0, SSP_BASE_OFFSET(tp)
+	REG_L	a1, UCONTEXT_SSP(t0)
+	bne	a0, t0, .Lstack_switch
+
+.Lunwind:
+        bleu    a1, t2, .Lfin
+        /* increase ssp by at most a page size to ensure always run into
+	   a guard page before accidentally point to another legal shadow
+	   stack page  */
+        /* t2 = (a1 - t2 >= 4096) ? t2 + 4096 : a1  */
+        lui     a3, 1
+        add     t2, t2, a3
+        bleu    t2, a1, 1f
+        mv      t2, a1
+1:
+        csrw    ssp, t2
+        /* Test if the location pointed by ssp is legal  */
+        sspush  x5
+        sspopchk x5
+        j .Lunwind
+
+.Lstack_switch:
 	/* FIXME: We are skipping ANY security check for now  */
-	csrw	ssp, t1
+	csrw    ssp, a1
 .Lfin:
 #endif
 

sysdeps/unix/sysv/linux/riscv/swapcontext.S

@@ -17,6 +17,7 @@
    <https://www.gnu.org/licenses/>.  */
 
 #include "ucontext-macros.h"
+#include "tcb-offsets.h"
 
 /* int swapcontext (ucontext_t *oucp, const ucontext_t *ucp) */