[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: Update x86 psABI to support shadow stac



On Wed, Jun 28, 2017 at 2:58 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 06/22/2017 08:44 PM, H.J. Lu wrote:
>>> The responsibilities for compliance are split between caller and callee,
>>> which can live in different shared objects.  I think it would be prudent
>>> to formulate the requirement in such a way that compliance can be
>>> checked by looking at one DSO in isolation.
>
>> What do you mean by it?
>
> I suggest to word the ABI requirement in such a way that it is possible
> to verify if a shared object complies with it isolation, independent of
> how its functions are called.
>

99% of existing binaries are compatible with shadow stack.  It is hard
to tell just by looking at assembly instructions.  If shadow stack is enabled,
compiler should turn on the SHSTK bit in output:

[hjl@gnu-tools-1 32]$ readelf -n crtprec32.o

Displaying notes found in: .note.gnu.property
  Owner                 Data size Description
  GNU                  0x0000000c NT_GNU_PROPERTY_TYPE_0
      Properties: x86 feature: IBT
  GNU                  0x0000000c NT_GNU_PROPERTY_TYPE_0
      Properties: x86 feature: SHSTK
[hjl@gnu-tools-1 32]$

I don't know if it is sufficient for verification.


-- 
H.J.