This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]

From: "H.J. Lu" <hjl dot tools at gmail dot com>
To: Florian Weimer <fweimer at redhat dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 7 Dec 2017 11:35:07 -0800
Subject: Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
Authentication-results: sourceware.org; auth=none
References: <20171207174057.GA32196@gmail.com> <e3100ba9-587a-cbad-1b49-0b57f3d2457c@redhat.com> <CAMe9rOoMjoZOO-rVHeJWGh_jWmRqw4aLS_RDWCfE2L18iUdOGQ@mail.gmail.com> <7e890f53-c331-d86e-ad13-b380a69d99eb@redhat.com> <CAMe9rOrBtpjUsXcnbnFMZi5dc46RWvRd6cMH3qnSFbHbprkvZg@mail.gmail.com> <814691a7-d946-1794-d6d8-7861f9ed2067@redhat.com> <CAMe9rOqYvgRYifxq8CGFsBCGcVS0FAcoa+gwZ5m4CyMQVpTWWg@mail.gmail.com> <08cf7c54-8bf0-27c0-863a-65cb76dd0728@redhat.com>

On Thu, Dec 7, 2017 at 11:25 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 12/07/2017 08:19 PM, H.J. Lu wrote:
>>
>> On Thu, Dec 7, 2017 at 11:14 AM, Florian Weimer <fweimer@redhat.com>
>> wrote:
>>>
>>> On 12/07/2017 08:12 PM, H.J. Lu wrote:
>>>>>
>>>>>
>>>>> Sorry, what exactly is stored on the shadow stack?  I assumed it was
>>>>> for
>>>>> verification of the targets of ret instructions.
>>>>>
>>>>> In this case, don't need to unwind the shadow stack (or preserve its
>>>>> contents) because there are no returns from existing stack frames once
>>>>> cancellation has started.
>>>>>
>>>> Shadow stack is the similar to normal call stack without local
>>>> variables.
>>>> SHSTK checks  the return address of EACH  "RET"  instruction against
>>>> shadow stack.
>>>
>>>
>>>
>>> Then the shadow stack contents at the time of cancellation does not
>>> matter
>>> because all future RET instructions on this thread will match CALLs which
>>> happened *after* cancellation.  (In other words, I still think I'm right
>>> about this.)
>>>
>>
>> We are updating setjmp/lonjmp to save and restore shadow stack pointer:
>>
>>
>> https://sourceware.org/git/?p=glibc.git;a=commit;h=ac195a2d554e3fb577e44474faf3ed7f4521de9f
>
>
> Please try to understand what I wrote.  You don't need the restore during
> cancellation handling:
>
>     if (__glibc_unlikely (__not_first_call))          \
>       {                                               \
>         __cancel_routine (__cancel_arg);              \
>         __pthread_unwind_next (&__cancel_buf);        \
>         /* NOTREACHED */                              \
>       }                                               \
>

Who will sync shadow stack with call stack?


-- 
H.J.

Follow-Ups:
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: H.J. Lu

References:
- [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: H.J. Lu
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: Florian Weimer
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: H.J. Lu
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: Florian Weimer
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: H.J. Lu
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: Florian Weimer
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: H.J. Lu
- Re: [PATCH 1/2] Linux/x86: Update cancel_jmp_buf to match __jmp_buf_tag [BZ #22563]
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]