This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: V2: [PATCH 02/24] x86: Support shadow stack pointer in setjmp/longjmp


On Sat, Jul 14, 2018 at 4:15 PM, H.J. Lu <hjl.tools@gmail.com> wrote:
> On Sat, Jul 14, 2018 at 4:07 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
>> * H. J. Lu:
>>
>>> On Sat, Jul 14, 2018 at 12:57 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
>>>> * H. J. Lu:
>>>>
>>>>> +     /* Get the current ssp.  */
>>>>> +     rdsspd  %edx
>>>>
>>>> This moves the required binutils version past current Debian's 2.28.
>>>>
>>>> I know we recently increased the minimum make version recently, but
>>>> binutils 2.28 is still quite new, I think.
>>>>
>>>> Could we list the bytes for the instruction explicitly instead?
>>>
>>> The next patch:
>>>
>>> https://sourceware.org/ml/libc-alpha/2018-07/msg00266.html
>>>
>>> has sysdeps/x86/configure.ac:
>>
>> We currently have this (as of commit
>> faaee1f07ed25b2779bfd935ffb29f431b80d6d3):
>>
>> ==> sysdeps/unix/sysv/linux/x86/jmp_buf-ssp.sym <==
>> #include <setjmpP.h>
>> #undef __saved_mask
>>
>> --
>> SHADOW_STACK_POINTER_OFFSET offsetof(struct __jmp_buf_tag, __saved_mask.__saved.__shadow_stack_pointer)
>>
>> ==> sysdeps/x86/jmp_buf-ssp.sym <==
>> -- FIXME: Define SHADOW_STACK_POINTER_OFFSET to support shadow stack.
>>
>> So SHADOW_STACK_POINTER_OFFSET is defined unconditionally.  I don't
>> see how the quoted patch changes that.
>>
>> Making sure that rdssp is only assembled with --enable-cet looks like
>> the right solution, but you need something like #if ENABLE_CET, and
>> not depend on SHADOW_STACK_POINTER_OFFSET being defined.
>
> Take sysdeps/x86_64/setjmp.S as example:
>
> /* Don't save shadow stack register if shadow stack isn't enabled.  */
> #if !SHSTK_ENABLED
> # undef SHADOW_STACK_POINTER_OFFSET
> #endif
> .....
>
> Shadow stack pointer is saved/restored only if --enable-cet is used to
> configure glibc.   If you compile glibc with -fcf-protection, but without
> configuring glibc with --enable-cet, result is undefined.
>

BTW, it passed build-many-glibcs.py.


-- 
H.J.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]