This is the mail archive of the
mailing list for the glibc project.
Re: V2: [PATCH 02/24] x86: Support shadow stack pointer in setjmp/longjmp
* H. J. Lu:
>> We currently have this (as of commit
>> ==> sysdeps/unix/sysv/linux/x86/jmp_buf-ssp.sym <==
>> #include <setjmpP.h>
>> #undef __saved_mask
>> SHADOW_STACK_POINTER_OFFSET offsetof(struct __jmp_buf_tag,
>> ==> sysdeps/x86/jmp_buf-ssp.sym <==
>> -- FIXME: Define SHADOW_STACK_POINTER_OFFSET to support shadow stack.
>> So SHADOW_STACK_POINTER_OFFSET is defined unconditionally. I don't
>> see how the quoted patch changes that.
>> Making sure that rdssp is only assembled with --enable-cet looks like
>> the right solution, but you need something like #if ENABLE_CET, and
>> not depend on SHADOW_STACK_POINTER_OFFSET being defined.
> Take sysdeps/x86_64/setjmp.S as example:
> /* Don't save shadow stack register if shadow stack isn't enabled. */
> #if !SHSTK_ENABLED
> # undef SHADOW_STACK_POINTER_OFFSET
> Shadow stack pointer is saved/restored only if --enable-cet is used to
> configure glibc. If you compile glibc with -fcf-protection, but without
> configuring glibc with --enable-cet, result is undefined.
That doesn't work because <jmp_buf-ssp.h> is included after the
#undef. I think you can avoid that by using #if SHTSTK_ENABLED
instead of #ifdef SHADOW_STACK_POINTER_OFFSET, which also expresses
the intent more accurately.
> BTW, it passed build-many-glibcs.py.
With binutils 2.28?