From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: "H.J. Lu" Newsgroups: gmane.comp.lib.glibc.alpha Subject: Re: [PATCH 0/2] nptl: Update struct pthread_unwind_buf Date: Wed, 7 Mar 2018 12:14:12 -0800 Message-ID: References: <20180201205757.51911-1-hjl.tools@gmail.com> <87a7vyjsqv.fsf@mid.deneb.enyo.de> <87vaelbetu.fsf@mid.deneb.enyo.de> <87fu5pb7ql.fsf@mid.deneb.enyo.de> <877er1b4zp.fsf@mid.deneb.enyo.de> <87371pb3ga.fsf@mid.deneb.enyo.de> <87tvu59o21.fsf@mid.deneb.enyo.de> <87po4t9mxt.fsf@mid.deneb.enyo.de> <3764b0a1-9f26-6f5f-1bc5-d374f2672f3a@redhat.com> <86d5d5ba-2b53-1904-dada-3efe2b3ad501@redhat.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: blaine.gmane.org 1520453544 20935 195.159.176.226 (7 Mar 2018 20:12:24 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 7 Mar 2018 20:12:24 +0000 (UTC) Cc: Florian Weimer , GNU C Library To: "Carlos O'Donell" Original-X-From: libc-alpha-return-90890-glibc-alpha=m.gmane.org@sourceware.org Wed Mar 07 21:12:19 2018 Return-path: Envelope-to: glibc-alpha@blaine.gmane.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; q=dns; s=default; b=E1ym VZXkTKG2hNMnU1cYaaakN0aV7yBCwoXHlBbpgFrbri7Yw4nSDFLWJoPqNS9CAIj8 PiVkjXl2J4SsQmP0wv3lsybli7wtuxbfjOSqBUCCfAAyURlwZwRbnsjJ9q24djmp Vb68kPNFk5gIzbS77gyLTzVPCyt0Ax3q+INLL6c= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; s=default; bh=xYtFlzz7m0 SLTI/jhTnv8yf8QlU=; b=qnHl/Ua2FZnEKXfkOYkUxymsU2G6s8AIj6EA1Dt5Ob f37VXW5qeuM+5hf0QlEtGpE3DdIXAwYYDOr//qHVuN/IRZHL64/p/2mXDIP7W1jQ V4rV3vAgJWCGZNLH0Jlvh0CesS/wXLdqwFKJMkY+UdL8S7Uy4ChCpr1KlpmYQ/rQ Q= Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Original-Sender: libc-alpha-owner@sourceware.org Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mail-oi0-f67.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Owx2qeXxhZx1lpFhYMt3SJvxK53zoR2PQWex034LZUk=; b=Z/ho5itFGtcuWBsfD8pYCmPruBDH3IYpCTEbuWLywDtFfkQkd6+X5aR2stKPcx6r2v YKsJEwB8MW7k/HYn6XLf2Ts40wOo3oKz6j0Is/oP/n+oQMI7h0U9NgdEZkzJLlPrE3MQ u3Jxck6L4XUYvgts3sKFqkGm+wG98N3SNc7WxwU9YwRzkVIAguyviriJN6HfE55Tm9tk 3M52Zmk9KF8z4Ku2D1GZB+m6+OYejKlYg0JeoOVsexhJB77Z5z7XKt8E3Sy9wsRPVJfM UKYPcNz7AQ908aJ9bYWwUU7EfTwN41yYO5aA91sNjb7SRfuCftb48PZg6byX3HInGY7i r/HQ== X-Gm-Message-State: AElRT7HX/saID/7YX26YR4K7ZRKqYNhNhQ2EM0WWYUH8cpYnL7G3zmSp EHeM9PHD6i9Uoe8b4w3aELp+WnZh8F5h+uCdzhQ= X-Google-Smtp-Source: AG47ELtDthPzzOpOgOzFLm944g0Q7ZkJ85XaroR/Ni8n8eHc3822h3hGCnPlhzk7DLMteMwLldqw3xBMzs8kfcCDuUg= X-Received: by 10.202.214.1 with SMTP id n1mr15681358oig.279.1520453653461; Wed, 07 Mar 2018 12:14:13 -0800 (PST) In-Reply-To: Xref: news.gmane.org gmane.comp.lib.glibc.alpha:83221 Archived-At: Received: from server1.sourceware.org ([209.132.180.131] helo=sourceware.org) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1etfQ7-0004Hy-ID for glibc-alpha@blaine.gmane.org; Wed, 07 Mar 2018 21:12:15 +0100 Received: (qmail 10339 invoked by alias); 7 Mar 2018 20:14:18 -0000 Received: (qmail 10320 invoked by uid 89); 7 Mar 2018 20:14:17 -0000 On Wed, Mar 7, 2018 at 11:47 AM, H.J. Lu wrote: > On Wed, Mar 7, 2018 at 9:34 AM, Carlos O'Donell wrote: >> On 03/07/2018 03:56 AM, H.J. Lu wrote: >>>>> 1. I have to add __setjmp_cancel and __sigsetjmp_cancel which won't >>>>> save and restore shadow stack register. >>> >>> I have been testing this. I ran into one issue. GCC knows that setjmp will >>> return via longjmp and inserts ENDBR after it. But it doesn't know >>> __setjmp_cancel and __sigsetjmp_cancel. We can either add them to GCC >>> or add NOTRACK prefix to the corresponding longjmps. >> >> I would rather GCC did not know about these implementation details. >> >> I have no objection to the NOTRACK prefix in the corresponding longjmps. >> >> What would be a downside to this choice? >> > > NOTRACK prefix is typically generated by compiler for switch table. Compiler > knows each indirect jump target is valid and pointer load for indirect jump is > generated by compiler in read-only section. This is pretty safe since there is > very little chance for malicious codes to temper the pointer value. However, > in case of longjmp, the indirect jump target is in jmpbuf. There is > a possilibty > for malicious codes to change the indirect jump target such that longjmp wil > jump to the wrong place. Use NOTRACK prefix here defeats the purpose of > indirect branch tracking in CET. > Also GCC needs to know that __setjmp_cancel and __sigsetjmp_cancel may return twice, similar to setjmp. -- H.J.