Next: Alpha, Previous: AArch64, Up: Architectures [Contents][Index]
set struct-convention modeSet the convention used by the inferior to return structs and
unions from functions to mode. Possible values of
mode are "pcc", "reg", and "default" (the
default). "default" or "pcc" means that structs
are returned on the stack, while "reg" means that a
struct or a union whose size is 1, 2, 4, or 8 bytes will
be returned in a register.
show struct-conventionShow the current setting of the convention to return structs
from functions.
GDB provides access to the x87 state through the following registers:
$st0 to st7: ST(0) to ST(7) floating-point
registers
$fctrl: control word register (FCW)
$fstat: status word register (FSW)
$ftag: tag word (FTW)
$fiseg: last instruction pointer segment
$fioff: last instruction pointer
$foseg: last data pointer segment
$fooff: last data pointer
$fop: last opcode
The Intel Control-Flow Enforcement Technology (Intel CET) provides two capabilities to defend against “Return-oriented Programming” and “call/jmp-oriented programming” style control-flow attacks:
RET instruction pops the
return addresses from both call and shadow stack. If the return addresses from
the two stacks do not match, the processor signals a control protection
exception.
JMP and CALL instructions. The state machine can
be either IDLE or WAIT_FOR_ENDBRANCH. When a JMP or CALL is
executed the state machine chages to the WAIT_FOR_ENDBRANCH state. In
WAIT_FOR_ENDBRANCH state the next instruction in the program stream
must be an ENDBR instruction, otherwise the processor signals a
control protection exception. After executing a ENDBR instruction
the state machine returns to the IDLE state.
Impact on GDB commands:
RET
instruction actually is. To avoid a control protection exception due to the
missing return address on the shadow stack, GDB pushes the new return
address to the shadow stack and updates the shadow stack pointer.
Next: Alpha, Previous: AArch64, Up: Architectures [Contents][Index]