Adds initial handling for the restartable sequence ("rseq") feature that is now in the mainline Linux kernel.
We identify rseq regions by looking for ELF sections with established names according to upstream conventions. Unfortunately this requires going to disk for most libraries, so we avoid this for full-control-mode if we have never seen an rseq system call, and for attach if no thread has registered for rseq.
For blocks inside rseq regions, mangling removes all memory stores. For the final commit instruction, we append a native call back to the abort handler. We assume this extra frame is ok, and we require the rseq sequence to end in a return. Future work will improve these assumptions.
Updates the 3 Linux syscall lists up through SYS_rseq.
Adds 3 RSTATS for rseq operation.
Documents the current limitations on rseq region support:
- The application must store an rseq_cs struct for each rseq region in a section of its binary with an established name.
- Each rseq region's code must never be also executed as a non-restartable sequence.
- Each rseq region must make forward progress if its abort handler is always called the first time it is executed.
- Each memory store instruction inside an rseq region must have no other side effects.
- Each rseq region must end with a return instruction, and each abort handler plus rseq code must combine into a callee following normal call-return semantics.
- Any helper function called from within an rseq region must have no side effects.
Adds two tests for x86_64 Linux, one for full control and one for attach. However, these require a 4.18+ kernel and so are not exercised by Travis. The Fedora CDash machine does have 4.18 so we do have some automated coverage.
Once this is in place, the old and now obsolete rseq support will be removed.
Issue: #2350 (closed)