RFC: Update x86 psABI to support shadow stac
Florian Weimer
fweimer@redhat.com
Sun Jan 1 00:00:00 GMT 2017
On 06/22/2017 03:01 PM, H.J. Lu wrote:
> On Thu, Jun 22, 2017 at 5:51 AM, Florian Weimer <fweimer@redhat.com> wrote:
>> On 06/21/2017 05:25 PM, H.J. Lu wrote:
>>> GNU_PROPERTY_X86_FEATURE_1_SHSTK is set on output only if it is set on
>>> all relocatable inputs, which means that the C library must be compiled
>>> with SHSTK-enabled compiler.
>>
>> I don't think this is sufficiently detailed for an ABI specification.
>> It needs to say what an SHSTK-enabled compiler does.
>
> Compilers just need to make return address popped from shadow
> stack match return address popped from normal stack.
Nothing else? Would a writable GOT still be fine?
The responsibilities for compliance are split between caller and callee,
which can live in different shared objects. I think it would be prudent
to formulate the requirement in such a way that compliance can be
checked by looking at one DSO in isolation.
Is there a requirement that the return address is popped from the same
stack location where it was pushed by the call instruction? Or could
you return with an elevated stack pointer if you copied the address first?
Thanks,
Florian
More information about the Gnu-gabi
mailing list