From: Carlos O'Donell <carlos@redhat.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: GNU C Library <libc-alpha@sourceware.org>
Subject: Re: [PATCH 0/2] nptl: Update struct pthread_unwind_buf
Date: Thu, 8 Feb 2018 22:40:24 -0800 [thread overview]
Message-ID: <31c5f7cf-fe1b-5dc7-133c-6c10a3ae678f@redhat.com> (raw)
In-Reply-To: <CAMe9rOqewLkL97AjcRJpHxHjCEJW88=4TkrkGSv0CqLmsxfYgw@mail.gmail.com>
On 02/08/2018 05:27 AM, H.J. Lu wrote:
> On Thu, Feb 8, 2018 at 1:25 AM, Carlos O'Donell <carlos@redhat.com> wrote:
>> Again, I would like to see an argument made for CET markup against versioning
>> __pthread_register_cleanup.
>
> Symbol versioning works well when only opaque data pointers are used.
> A pointer of struct pthread_unwind_buf is passed to libpthread from user
> programs. Within libpthread, we need to know the exact layout of struct
> pthread_unwind_buf. It is next to impossible to use symbol versioning here.
My worry is about incorrectly marked up objects which use the wrong unwind
buffer size resulting in difficult to diagnose crashes.
The exact issue would be users using a gcc and binutils which marks up binaries
with CET notes, but glibc headers which are not CET enabled.
This will happen when we ship Developer Toolset with a gcc and binutils that
has CET support, but the system glibc is still < 2.28. Then users will take
these binaries and try to run them on systems with glibc >= 2.28 because we
allow this backwards compatibility, and this will segfault because we are
turning on CET, but mixing different sized unwind buffers.
Please tell me if you think my worries are unfounded, or of sufficiently
low risk that they will not be a problem, or that we can somehow say that
what was done was unsupported e.g. saying that Developer Toolset used with
Intel CET flags to build anything on any system with glibc < 2.28 generates
unsupported binaries.
My suggestion in the other email is that we briefly investigate what it would
take version the data in the unwind buffer such that we *can* handle different
sized objects properly, and enable us to potentially grow the unwind data
we have in the future.
To reiterate from my other email:
* Version __sigsetjmp, and store a version cookie in __saved_mask
indicating the version of the structure.
* Have the old __sigsetjmp disable CET since it clearly indicates
that we have the wrong sized structure regardless of CET flags.
* Adjust the unwinder to look at __saved_mask version cooke to decide
which sized structure it is dealing with.
The third bullet point is effectively what you are *already* doing
with the CET flags, but using the flags in a coarse way to decide
which of 2 sizes of unwind buffers we are using. This has the problems that
I outline above which is that it is error prone. While the symbol version
mechanism will always tell us exactly which sized object was used when
the TU was compiled.
--
Cheers,
Carlos.
prev parent reply other threads:[~2018-02-09 6:38 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-01 20:57 [PATCH 0/2] nptl: Update struct pthread_unwind_buf H.J. Lu
2018-02-01 20:57 ` [PATCH 1/2] Revert "Revert Intel CET changes to __jmp_buf_tag (Bug 22743)" H.J. Lu
2018-02-01 20:57 ` [PATCH 2/2] nptl: Update struct pthread_unwind_buf [BZ #22743] H.J. Lu
2018-02-08 9:25 ` [PATCH 0/2] nptl: Update struct pthread_unwind_buf Carlos O'Donell
2018-02-08 11:55 ` Florian Weimer
2018-02-09 6:29 ` Carlos O'Donell
2018-02-09 10:48 ` Florian Weimer
2018-02-09 11:13 ` H.J. Lu
2018-02-09 12:11 ` Florian Weimer
2018-02-09 12:34 ` H.J. Lu
2018-02-09 14:13 ` H.J. Lu
2018-02-09 14:33 ` Florian Weimer
2018-02-09 15:24 ` H.J. Lu
2018-02-24 5:46 ` Carlos O'Donell
2018-02-24 15:19 ` H.J. Lu
2018-02-24 15:46 ` Florian Weimer
2018-02-25 2:04 ` H.J. Lu
2018-02-25 9:26 ` Florian Weimer
2018-02-25 11:37 ` H.J. Lu
2018-02-25 11:59 ` Florian Weimer
2018-02-25 12:53 ` H.J. Lu
2018-02-25 12:55 ` H.J. Lu
2018-02-25 12:58 ` Florian Weimer
2018-02-25 13:23 ` H.J. Lu
2018-02-25 13:31 ` Florian Weimer
2018-02-25 13:36 ` H.J. Lu
2018-02-25 13:49 ` H.J. Lu
2018-02-25 13:49 ` Florian Weimer
2018-02-25 14:00 ` H.J. Lu
2018-02-25 14:13 ` Florian Weimer
2018-02-26 3:55 ` H.J. Lu
2018-02-28 23:23 ` Carlos O'Donell
2018-03-07 11:56 ` H.J. Lu
2018-03-07 17:34 ` Carlos O'Donell
2018-03-07 19:47 ` H.J. Lu
2018-03-07 20:14 ` H.J. Lu
2018-03-07 22:06 ` H.J. Lu
2018-03-08 12:24 ` Tsimbalist, Igor V
2018-03-08 12:48 ` H.J. Lu
2018-03-09 0:47 ` Carlos O'Donell
2018-03-09 5:23 ` H.J. Lu
2018-03-15 4:20 ` Carlos O'Donell
2018-02-24 6:41 ` Carlos O'Donell
2018-02-08 13:27 ` H.J. Lu
2018-02-09 6:40 ` Carlos O'Donell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/libc/involved.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=31c5f7cf-fe1b-5dc7-133c-6c10a3ae678f@redhat.com \
--to=carlos@redhat.com \
--cc=hjl.tools@gmail.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).