This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: RFC: Shadow Stack support in glibc

From: Szabolcs Nagy <szabolcs dot nagy at arm dot com>
To: "H.J. Lu" <hjl dot tools at gmail dot com>, Florian Weimer <fweimer at redhat dot com>
Cc: nd at arm dot com, Yu-cheng Yu <yu-cheng dot yu at intel dot com>, GNU C Library <libc-alpha at sourceware dot org>, Igor Tsimbalist <tigor dot tools at gmail dot com>, "Shanbhogue, Vedvyas" <vedvyas dot shanbhogue at intel dot com>
Date: Fri, 09 Jun 2017 12:44:38 +0100
Subject: Re: RFC: Shadow Stack support in glibc
Authentication-results: sourceware.org; auth=none
Authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=arm.com;
Nodisclaimer: True
References: <CAMe9rOqN7oNWWmbw_NmaP=TpBDY7jh=MNbJQNaiOR901Rs7bcw@mail.gmail.com> <451a71c6-7eb7-983d-f808-86cf50fc0dca@redhat.com> <1496876422.12598.31.camel@test-lenovo> <59390EEB.4020409@arm.com> <1496951188.15627.51.camel@test-lenovo> <593A64CC.60100@arm.com> <CAMe9rOoPyXrBfbDTx-dQwm1tPXMHp89eiAMpWwsOgJMyi_LQ2w@mail.gmail.com> <593A834A.7050301@arm.com> <593A84D6.40007@arm.com> <CAMe9rOoEdb5OHMZKTcaWyyc-OMtJJh+vtUCZMeTkV2zfc3QCgQ@mail.gmail.com> <9f339124-dd5d-d677-0272-b8bba161e382@redhat.com> <CAMe9rOq_SdTGTMgipAdqZWCGk8-ti8otwsKqe8idr1DXz71_SA@mail.gmail.com>
Spamdiagnosticmetadata: NSPM
Spamdiagnosticoutput: 1:99

On 09/06/17 12:40, H.J. Lu wrote:
> On Fri, Jun 9, 2017 at 4:32 AM, Florian Weimer <fweimer@redhat.com> wrote:
>> On 06/09/2017 01:28 PM, H.J. Lu wrote:
>>> Yes,  99% of codes just need to recompile.  If context functions
>>> are used or jmpbuf is used independently of setjmp/longjmp,
>>> enabling is needed.
>>
>> Would you please clarify if the size of the type jmp_buf changes in the
>> new compilation mode?
>>
> 
> jmp_buf size will be increased unconditionally in glibc whose <setjmp.h>
> has
> 
> #if shadow stack is enabled
> asm ("Turn on shadow stack in program property"):
> #endif
> 
> The old setjmp/longjuimp only use the old jmp_buf size and the new
> setjmp/longjuimp use the new jmp_buf size.  The new setjmp/longjmp
> are used only if all input object files have shadow stack enabled in
> program property.
> 

what happens if a process with shadow stack enabled
dlopens a lib with shadow stack disabled?

Follow-Ups:
- Re: RFC: Shadow Stack support in glibc
  - From: H.J. Lu

References:
- RFC: Shadow Stack support in glibc
  - From: H.J. Lu
- Re: RFC: Shadow Stack support in glibc
  - From: Florian Weimer
- Re: RFC: Shadow Stack support in glibc
  - From: Yu-cheng Yu
- Re: RFC: Shadow Stack support in glibc
  - From: Szabolcs Nagy
- Re: RFC: Shadow Stack support in glibc
  - From: Yu-cheng Yu
- Re: RFC: Shadow Stack support in glibc
  - From: Szabolcs Nagy
- Re: RFC: Shadow Stack support in glibc
  - From: H.J. Lu
- Re: RFC: Shadow Stack support in glibc
  - From: Szabolcs Nagy
- Re: RFC: Shadow Stack support in glibc
  - From: Szabolcs Nagy
- Re: RFC: Shadow Stack support in glibc
  - From: H.J. Lu
- Re: RFC: Shadow Stack support in glibc
  - From: Florian Weimer
- Re: RFC: Shadow Stack support in glibc
  - From: H.J. Lu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]