-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[libunwind] Support rtld-c18n as the runtime linker.
This commit adds support for backtrace and exception handling in libunwind when the process is running with the compartmentalization runtime linker. The unwinding process remains the same until a trampoline is encountered as the return address. This means that we are crossing compartment boundaries and we need to gather the unwind information from the runtime linker. We do this by reading information from the executive stack that the runtime linker populates for us in unw_getcontext. It also adds a new class, CompartmentInfo, which is responsible for abstracting away the details of c18n compartments. Currently, it is only used to define the constants relating to the trusted frame layout. There are two ways to compile this code: - LIBUNWIND_SANDBOX_OTYPES only; - LIBUNWIND_SANDBOX_OTYPES and LIBUNWIND_SANDBOX_HARDENED. When LIBUNWIND_SANDBOX_HARDENED is specified, every stack pointer, frame pointer and callee-saved register will be sealed in the unwind register context. This is to prevent leakage of capabilities through the register context as much as possible. There are two exceptions to this: - When unw_set_reg() is called from a libunwind consumer, the caller might expect to be able to retrieve the capability it stored in the context, and sealing it will break the API semantics; - When the capability that is in the context is a sentry. These can't be sealed using an otype. The otype allocated to libunwind is given to libunwind by the runtime linker via the _rtld_unw_getsealer function.
- Loading branch information
Showing
12 changed files
with
499 additions
and
43 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
//===----------------------------------------------------------------------===// | ||
// | ||
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. | ||
// See https://llvm.org/LICENSE.txt for license information. | ||
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception | ||
// | ||
// | ||
// Abstracts unwind information when used with a compartmentalizing runtime | ||
// linker. | ||
// | ||
//===----------------------------------------------------------------------===// | ||
|
||
#ifndef __COMPARTMENT_INFO_HPP__ | ||
#define __COMPARTMENT_INFO_HPP__ | ||
|
||
#include "AddressSpace.hpp" | ||
|
||
namespace libunwind { | ||
class _LIBUNWIND_HIDDEN CompartmentInfo { | ||
public: | ||
static CompartmentInfo sThisCompartmentInfo; | ||
#if defined(__CHERI_PURE_CAPABILITY__) | ||
static const uintcap_t kInvalidRCSP = (uintcap_t)0; | ||
// Per-architecture trusted stack frame layout. | ||
#if defined(_LIBUNWIND_TARGET_AARCH64) | ||
static const uint32_t kNewSPOffset = 48; | ||
static const uint32_t kNextOffset = 32; | ||
static const uint32_t kFPOffset = 0; | ||
static const uint32_t kCalleeSavedOffset = 80; | ||
static const uint32_t kCalleeSavedCount = 10; | ||
static const uint32_t kCalleeSavedSize = 16; | ||
static const uint32_t kReturnAddressOffset = 40; | ||
static const uint32_t kPCOffset = 16; | ||
// kCalleeSavedCount - 1 because kCalleeSavedOffset is the first one. | ||
static const uint32_t kTrustedFrameSize = | ||
kCalleeSavedOffset + (kCalleeSavedCount - 1) * kCalleeSavedSize; | ||
#else | ||
#error "Unsupported architecture for compartmentalization" | ||
#endif // _LIBUNWIND_TARGET_AARCH64 | ||
#endif // __CHERI_PURE_CAPABILITY__ | ||
}; | ||
} // namespace libunwind | ||
#endif // __COMPARTMENT_INFO_HPP__ |
Oops, something went wrong.