This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: RFC: Shadow Stack support in glibc
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: Szabolcs Nagy <szabolcs dot nagy at arm dot com>
- Cc: Yu-cheng Yu <yu-cheng dot yu at intel dot com>, nd <nd at arm dot com>, Florian Weimer <fweimer at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>, Igor Tsimbalist <tigor dot tools at gmail dot com>, "Shanbhogue, Vedvyas" <vedvyas dot shanbhogue at intel dot com>
- Date: Fri, 9 Jun 2017 04:13:53 -0700
- Subject: Re: RFC: Shadow Stack support in glibc
- Authentication-results: sourceware.org; auth=none
- References: <CAMe9rOqN7oNWWmbw_NmaP=TpBDY7jh=MNbJQNaiOR901Rs7bcw@mail.gmail.com> <451a71c6-7eb7-983d-f808-86cf50fc0dca@redhat.com> <1496876422.12598.31.camel@test-lenovo> <59390EEB.4020409@arm.com> <1496951188.15627.51.camel@test-lenovo> <593A64CC.60100@arm.com>
On Fri, Jun 9, 2017 at 2:05 AM, Szabolcs Nagy <szabolcs.nagy@arm.com> wrote:
>
> fixing setjmp/longjmp is non-trivial since jmpbuf size is abi,
> it may be possible to do without saving ssp into jmpbuf though.
>
Shadow stack is enabled at run-time only if all sources are compiled
with shadow stack enabled compiler against shadow stack enabled
glibc. setjmp/longjmp are implemented with IFUNC, which uses
the old setjmp/longjmp if shadow stack is off and uses the new
setjmp/longjmp if shadow stack is on.
--
H.J.