This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: V2: [PATCH 02/24] x86: Support shadow stack pointer in setjmp/longjmp
On Sat, Jul 14, 2018 at 12:57 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
> * H. J. Lu:
>
>> + /* Get the current ssp. */
>> + rdsspd %edx
>
> This moves the required binutils version past current Debian's 2.28.
>
> I know we recently increased the minimum make version recently, but
> binutils 2.28 is still quite new, I think.
>
> Could we list the bytes for the instruction explicitly instead?
The next patch:
https://sourceware.org/ml/libc-alpha/2018-07/msg00266.html
has sysdeps/x86/configure.ac:
if test x"$enable_cet" = xyes; then
# Check if CET can be enabled.
AC_CACHE_CHECK(whether CET can be enabled,
libc_cv_x86_cet_available, [dnl
cat > conftest.c <<EOF
#if !defined __CET__ || __CET__ != 3
# error CET isn't available.
#endif
EOF
if AC_TRY_COMMAND(${CC-cc} -c $CFLAGS -fcf-protection -include
cet.h conftest.c 1>&AS_MESSAGE_LOG_FD); then
libc_cv_x86_cet_available=yes
else
libc_cv_x86_cet_available=no
fi
rm -rf conftest*])
if test $libc_cv_x86_cet_available = yes; then
enable_cet=yes
else
if test x"$enable_cet" = xdefault; then
enable_cet=no
else
AC_MSG_ERROR([$CC doesn't support CET])
fi
fi
fi
if test $enable_cet = yes; then
# Check if assembler supports CET.
AC_CACHE_CHECK(whether $AS supports CET,
libc_cv_x86_cet_as, [dnl
cat > conftest.s <<EOF
incsspd %ecx
EOF
if AC_TRY_COMMAND(${CC-cc} -c $CFLAGS conftest.s -o conftest.o
1>&AS_MESSAGE_LOG_FD); then
libc_cv_x86_cet_as=yes
else
libc_cv_x86_cet_as=no
fi
rm -rf conftest*])
if test $libc_cv_x86_cet_as = no; then
AC_MSG_ERROR([$AS doesn't support CET])
fi
fi
LIBC_CONFIG_VAR([enable-cet], [$enable_cet])
You need GCC 8 and binutils with CET to enable CET. If you have an
older binutils or
GCC, you will get a configure error when --enable-cet is used.
--
H.J.