[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC: Update x86 psABI to support shadow stac

To: "H.J. Lu" <hjl.tools@gmail.com>
Subject: Re: RFC: Update x86 psABI to support shadow stac
From: Florian Weimer <fweimer@redhat.com>
Date: Thu, 27 Jul 2017 17:44:11 +0200
Authentication-results: sourceware.org; auth=none
Authentication-results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=fweimer@redhat.com
Cc: gnu-gabi@sourceware.org, IA32 System V Application Binary Interface <ia32-abi@googlegroups.com>, "x86-64-abi@googlegroups.com" <x86-64-abi@googlegroups.com>, "Shanbhogue, Vedvyas" <vedvyas.shanbhogue@intel.com>
Delivered-to: listarch-gnu-gabi@sourceware.org
Delivered-to: mailing list gnu-gabi@sourceware.org
Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com E381DC00DBBD
In-reply-to: <CAMe9rOozuSv623LWjQtyVnyMy6PP1xDQm5WRFB8oRKLDJyxJNw@mail.gmail.com>
List-help: <mailto:gnu-gabi-help@sourceware.org>
List-id: <gnu-gabi.sourceware.org>
List-post: <mailto:gnu-gabi@sourceware.org>
List-subscribe: <mailto:gnu-gabi-subscribe@sourceware.org>
Mailing-list: contact gnu-gabi-help@sourceware.org; run by ezmlm
References: <CAMe9rOq9-LXXzNQy8ov67rJM6rfQP=7+sWnK_RdHbe2OTiULtw@mail.gmail.com> <bcc0e16a-06bf-f906-9c24-777bd0230c83@redhat.com> <CAMe9rOqEDh=xhGBOYaqek2LsV8=UxE9VB2UUEsRx5yozEKPrsw@mail.gmail.com> <53356291-bb6d-3a69-3dc7-4a1f011942bd@redhat.com> <CAMe9rOpoEMgRrTy5G1jsO4A7aAtEvYx3nizwZz8haVXFceogOA@mail.gmail.com> <4a0a3d70-ff4b-9c99-810a-4537d5415594@redhat.com> <CAMe9rOozuSv623LWjQtyVnyMy6PP1xDQm5WRFB8oRKLDJyxJNw@mail.gmail.com>
Sender: gnu-gabi-owner@sourceware.org
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

On 06/28/2017 01:21 PM, H.J. Lu wrote:
> On Wed, Jun 28, 2017 at 2:58 AM, Florian Weimer <fweimer@redhat.com> wrote:
>> On 06/22/2017 08:44 PM, H.J. Lu wrote:
>>>> The responsibilities for compliance are split between caller and callee,
>>>> which can live in different shared objects.  I think it would be prudent
>>>> to formulate the requirement in such a way that compliance can be
>>>> checked by looking at one DSO in isolation.
>>
>>> What do you mean by it?
>>
>> I suggest to word the ABI requirement in such a way that it is possible
>> to verify if a shared object complies with it isolation, independent of
>> how its functions are called.
>>
> 
> 99% of existing binaries are compatible with shadow stack.

I find that surprising, or does this number to refer to x86-64 binaries
only?

> It is hard
> to tell just by looking at assembly instructions.  If shadow stack is enabled,
> compiler should turn on the SHSTK bit in output:
> 
> [hjl@gnu-tools-1 32]$ readelf -n crtprec32.o
> 
> Displaying notes found in: .note.gnu.property
>   Owner                 Data size Description
>   GNU                  0x0000000c NT_GNU_PROPERTY_TYPE_0
>       Properties: x86 feature: IBT
>   GNU                  0x0000000c NT_GNU_PROPERTY_TYPE_0
>       Properties: x86 feature: SHSTK
> [hjl@gnu-tools-1 32]$
> 
> I don't know if it is sufficient for verification.

The ABI document needs to specify what the flag means.  I don't think
it's sufficient to essentially say, “the toolchain did or did not do
some unspecified stuff and we believe the binary is now compatible with
the shadow stack feature”.

Florian

Follow-Ups:
- Re: RFC: Update x86 psABI to support shadow stac
  - From: "H.J. Lu" <hjl.tools@gmail.com>

Next by Date: Re: RFC: Update x86 psABI to support shadow stac
Next by thread: Re: RFC: Update x86 psABI to support shadow stac
Index(es):
- Date
- Thread