This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 0/4] i386: Finish CET support
On Thu, Dec 12, 2019 at 4:46 AM Florian Weimer <fweimer@redhat.com> wrote:
>
> * H. J. Lu:
>
> > This patch set finishes CET support on i386:
> >
> > 1. getcontext, setcontext and swapcontext are updated not to preserve
> > EAX, ECX and EDX. Since they are caller-saved, caller will reload them
> > after getcontext, setcontext and swapcontext calls if needed. The extra
> > scratch registers are used to enable CET.
> > 2. Add missing _CET_ENDBR to i386 assembly files.
> > 3. Enable CET support in i386 ucontext functions.
> >
> > Tested on i386 CET/non-CET machines.
>
> Has the kernel ABI been finalized?
These parts of kernel ABI haven't been changed.
> I wonder if we should add IFUNC resolvers which set a flag, and check
> that flag at the start of (some of) these functions, so that they cannot
> be used as ROP gadgets in programs that do not reference them.
>
What exactly do you have in mind?
--
H.J.