From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: "H.J. Lu" Newsgroups: gmane.comp.lib.glibc.alpha Subject: Re: [PATCH 0/2] nptl: Update struct pthread_unwind_buf Date: Wed, 7 Mar 2018 11:47:15 -0800 Message-ID: References: <20180201205757.51911-1-hjl.tools@gmail.com> <87a7vyjsqv.fsf@mid.deneb.enyo.de> <87vaelbetu.fsf@mid.deneb.enyo.de> <87fu5pb7ql.fsf@mid.deneb.enyo.de> <877er1b4zp.fsf@mid.deneb.enyo.de> <87371pb3ga.fsf@mid.deneb.enyo.de> <87tvu59o21.fsf@mid.deneb.enyo.de> <87po4t9mxt.fsf@mid.deneb.enyo.de> <3764b0a1-9f26-6f5f-1bc5-d374f2672f3a@redhat.com> <86d5d5ba-2b53-1904-dada-3efe2b3ad501@redhat.com> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: blaine.gmane.org 1520451956 19308 195.159.176.226 (7 Mar 2018 19:45:56 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 7 Mar 2018 19:45:56 +0000 (UTC) Cc: Florian Weimer , GNU C Library To: "Carlos O'Donell" Original-X-From: libc-alpha-return-90887-glibc-alpha=m.gmane.org@sourceware.org Wed Mar 07 20:45:51 2018 Return-path: Envelope-to: glibc-alpha@blaine.gmane.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; q=dns; s=default; b=ihhN Z4pAYOEjPolk5jNNvYj+VJ2tivz3qaXVfOM5AtsNOmrp4fLnED/NlkIZeNBlk2qK 3SyNTKBb7uaGF3JeDmNXjblStMQcKKV+4tMdqXpXU924iUdQA87NII24PFAR9U9u JWVyBiNu/t0bzul+2IutJQsMzgKg0TP/wwBsNdY= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; s=default; bh=Gofcs0AlDD pD7MD8ipcTiHrumxM=; b=XT6+D9dHrrKtQbOSDSmt3UUZ9aLJ/R+7o76UhLqozv u2IDpKgFtisC26SuQTLpBA2P5zL+dvBA4us4ZYtkbhiwQsetASokkUzVnI+bFgcB pmecHLlGI1Fww8AfizaOfZnbtQIFRY8XzFPYXcKF5e+1tl8TF4Sfk21gnjBrvSMv 0= Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Original-Sender: libc-alpha-owner@sourceware.org Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy=temper X-HELO: mail-ot0-f196.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xt3x1roxx/oFiY3X9AmhzDCNYzDJFC12reegcjAvbJY=; b=g02sqxa7ihlF+OMeqEO9lPhzqov7vtgmPoNLvDdG6qi6QK4s+b1Qe7v7KcFKfJ1Bla 4+Gtcfo4F/5tpiu+pukrxtct0Jha5lTdW3At1RledKNYLpNsNh4Xd1F/zSct+QtyPFGz ZXCZJcSCE3HVQrALR5x7+uerD/H+CxLEMOjcR34ByvkExoZUsHNjJf9AxXzc5/tHKVbf Nq5Q+DUAr76j8UB5BZvfLmJc910pBpPLcavbeo2sN9admUKgz/Y5B/42roHBzUrzmRbY Cw+GoI7AfGjzj/2ddmx6CnDEASBOymCkExXWFXfCy3A7rIqWjxawghrEVQvGLOsYPKl1 hnuw== X-Gm-Message-State: APf1xPCv4HnoPQlfKlrMgG/nnltJYwXBTKbJUEbM+lGLz8mHAMm5i6RU rFUNhmKryOs5Rk4xiRe7zARhUk4lvm1vAauDC/k= X-Google-Smtp-Source: AG47ELt83IK6X3LNGwpEEcEi3tM6L5O8M8UoSqyElspGc9DRBlLqfq/lSlFCCawollwwmtf4tILWxrPxYuU8y6g9n5c= X-Received: by 10.157.65.18 with SMTP id o18mr17534954ote.7.1520452035704; Wed, 07 Mar 2018 11:47:15 -0800 (PST) In-Reply-To: <86d5d5ba-2b53-1904-dada-3efe2b3ad501@redhat.com> Xref: news.gmane.org gmane.comp.lib.glibc.alpha:83218 Archived-At: Received: from server1.sourceware.org ([209.132.180.131] helo=sourceware.org) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1etezz-0000G2-UP for glibc-alpha@blaine.gmane.org; Wed, 07 Mar 2018 20:45:16 +0100 Received: (qmail 83311 invoked by alias); 7 Mar 2018 19:47:19 -0000 Received: (qmail 83302 invoked by uid 89); 7 Mar 2018 19:47:19 -0000 On Wed, Mar 7, 2018 at 9:34 AM, Carlos O'Donell wrote: > On 03/07/2018 03:56 AM, H.J. Lu wrote: >>>> 1. I have to add __setjmp_cancel and __sigsetjmp_cancel which won't >>>> save and restore shadow stack register. >> >> I have been testing this. I ran into one issue. GCC knows that setjmp will >> return via longjmp and inserts ENDBR after it. But it doesn't know >> __setjmp_cancel and __sigsetjmp_cancel. We can either add them to GCC >> or add NOTRACK prefix to the corresponding longjmps. > > I would rather GCC did not know about these implementation details. > > I have no objection to the NOTRACK prefix in the corresponding longjmps. > > What would be a downside to this choice? > NOTRACK prefix is typically generated by compiler for switch table. Compiler knows each indirect jump target is valid and pointer load for indirect jump is generated by compiler in read-only section. This is pretty safe since there is very little chance for malicious codes to temper the pointer value. However, in case of longjmp, the indirect jump target is in jmpbuf. There is a possilibty for malicious codes to change the indirect jump target such that longjmp wil jump to the wrong place. Use NOTRACK prefix here defeats the purpose of indirect branch tracking in CET. -- H.J.