This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel

From: "H.J. Lu" <hjl dot tools at gmail dot com>
To: Florian Weimer <fw at deneb dot enyo dot de>
Cc: Joseph Myers <joseph at codesourcery dot com>, "Carlos O'Donell" <carlos at redhat dot com>, "Tsimbalist, Igor V" <igor dot v dot tsimbalist at intel dot com>, GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 29 Mar 2018 13:13:00 -0700
Subject: Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
References: <CAMe9rOoB0t6CffwX-wgbBGNtaGgD923WoWmrtCjiXLc5pm=Z9g@mail.gmail.com> <alpine.DEB.2.20.1803151634160.26519@digraph.polyomino.org.uk> <CAMe9rOpLdFLbUE4NCH8L0C8CPMKtcMOepwhSr3PdpfnTgqHBqA@mail.gmail.com> <87efkkxwah.fsf@mid.deneb.enyo.de> <CAMe9rOo6XFKmaPhL2rg4VZQ_tp3bm1ioCD7m2X=r-vmu6G=jOg@mail.gmail.com> <CAMe9rOqaF+eVmQ=THJUro5=gw=PRn7FjQghXUVRC85zFKKGLRw@mail.gmail.com> <871sg2wzsv.fsf@mid.deneb.enyo.de> <CAMe9rOo9YonsZXhZOyL49VG3KojV_83+dskr6BpuMTBgpNuX3w@mail.gmail.com> <87bmf6vfbp.fsf@mid.deneb.enyo.de> <CAMe9rOoiD5NH-p5JqFvxkXnGh79bZShuab9k7DqhyT6qKYFPuw@mail.gmail.com> <87605eve34.fsf@mid.deneb.enyo.de>

On Thu, Mar 29, 2018 at 1:09 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
> * H. J. Lu:
>
>> On Thu, Mar 29, 2018 at 12:42 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
>>> * H. J. Lu:
>>>
>>>> On Thu, Mar 29, 2018 at 10:34 AM, Florian Weimer <fw@deneb.enyo.de> wrote:
>>>>> * H. J. Lu:
>>>>>
>>>>>> Here is the updated patch.  OK for master?
>>>>>
>>>>> If you want to backport this into Fedora 28, you will have to avoid
>>>>> new symbol versions.
>>>>
>>>> Should we revisit my patch to extend struct pthread_unwind_buf:
>>>>
>>>> https://sourceware.org/ml/libc-alpha/2018-02/msg00291.html
>>>>
>>>> This patch doesn't introduce the new symbol version.
>>>
>>> That patch will require recompiling a subset of static libraries in
>>> Fedora 28 to avoid crashes once CET is enabled.  Which should be
>>> doable at a technical level, but takes resources away from other work,
>>> obviously.
>>
>> BOTH approaches NEED to recompile a subset of static libraries in Fedora
>> 28, as stated in
>>
>> https://sourceware.org/ml/libc-alpha/2018-03/msg00521.html
>
> That's just another suboptimal implementation, I think.
>
>> NB: Shared libraries built with glibc 2.27 or older are compatible with
>> glibc 2.28.  Relocatable objects compiled against glibc 2.27 or older
>> are incompatible with glibc 2.28 since they reference the older version
>> of __sigsetjmp.
>
> Understood.
>
>>> My preference still is a solution where we shift the stored signal
>>> mask to make room for the shadow stack data in CET mode (for maximum
>>> compatibility).  But I expect that Carlos will review your patch.
>>
>> As I have pointed out before
>>
>> Note: There is an unused pointer space in pthread_unwind_buf_data.  But
>> it isn't suitable for saving and restoring shadow stack register since
>> x32 is a 64-bit process with 32-bit software pointer and kernel may
>> place x32 shadow stack above 4GB.  We need to save and restore 64-bit
>> shadow stack register for x32.
>
> I thought you agreed that we do not need to unwind the shadow stack
> pointer?  Therefore, __sigsetjmp can override the other members, too.
> It's just a dead store, and __pthread_register_cancel will overwrite
> it.
>
> This will need a longjmp_cancel which does not restore the shadow
> stack pointer.  But that can be a GLIBC_PRIVATE symbol.

You need to make a choice.  You either don't introduce a new symbol
version or don't save shadow stack for thread cancellation.   You can't
have both.

-- 
H.J.

Follow-Ups:
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Florian Weimer

References:
- [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Joseph Myers
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Florian Weimer
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Florian Weimer
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Florian Weimer
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: H.J. Lu
- Re: [PATCH] x86: Add __sigsetjmp_cancel and __setjmp_cancel
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]