From: Florian Weimer <fweimer@redhat.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH 0/4] i386: Finish CET support
Date: Thu, 12 Dec 2019 13:46:44 +0100 [thread overview]
Message-ID: <878snhhft7.fsf@oldenburg2.str.redhat.com> (raw)
In-Reply-To: <20191210204710.4832-1-hjl.tools@gmail.com> (H. J. Lu's message of "Tue, 10 Dec 2019 12:47:06 -0800")
* H. J. Lu:
> This patch set finishes CET support on i386:
>
> 1. getcontext, setcontext and swapcontext are updated not to preserve
> EAX, ECX and EDX. Since they are caller-saved, caller will reload them
> after getcontext, setcontext and swapcontext calls if needed. The extra
> scratch registers are used to enable CET.
> 2. Add missing _CET_ENDBR to i386 assembly files.
> 3. Enable CET support in i386 ucontext functions.
>
> Tested on i386 CET/non-CET machines.
Has the kernel ABI been finalized?
I wonder if we should add IFUNC resolvers which set a flag, and check
that flag at the start of (some of) these functions, so that they cannot
be used as ROP gadgets in programs that do not reference them.
Thanks,
Florian
next prev parent reply other threads:[~2019-12-12 12:46 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-10 20:47 [PATCH 0/4] i386: Finish CET support H.J. Lu
2019-12-10 20:47 ` [PATCH 1/4] i386: Don't unnecessarily save and restore EAX, ECX and EDX [BZ# 25262] H.J. Lu
2019-12-10 20:47 ` [PATCH 2/4] i386/sub_n.S: Add a missing _CET_ENDBR to indirect jump target H.J. Lu
2019-12-10 20:47 ` [PATCH 3/4] i386: Add _CET_ENDBR to assembly files without ENTRY H.J. Lu
2020-01-07 22:05 ` Adhemerval Zanella
2020-01-07 23:38 ` H.J. Lu
2019-12-10 20:47 ` [PATCH 4/4] i386: Enable CET support in ucontext functions H.J. Lu
2019-12-12 12:46 ` Florian Weimer [this message]
2019-12-12 15:57 ` [PATCH 0/4] i386: Finish CET support H.J. Lu
2020-01-07 20:43 ` H.J. Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/libc/involved.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=878snhhft7.fsf@oldenburg2.str.redhat.com \
--to=fweimer@redhat.com \
--cc=hjl.tools@gmail.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).