From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 48346 invoked by alias); 28 Jun 2017 11:21:50 -0000 Mailing-List: contact gnu-gabi-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: gnu-gabi-owner@sourceware.org Received: (qmail 48329 invoked by uid 89); 28 Jun 2017 11:21:49 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.99.2 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,LIKELY_SPAM_BODY,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=H*Ad:U*gnu-gabi X-Spam-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,LIKELY_SPAM_BODY,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: mail-oi0-f43.google.com Received: from mail-oi0-f43.google.com (HELO mail-oi0-f43.google.com) (209.85.218.43) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 28 Jun 2017 11:21:47 +0000 Received: by mail-oi0-f43.google.com with SMTP id l83so38744291oif.1 for ; Wed, 28 Jun 2017 04:21:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TMH75IVO+LXf/CtS6ZHvxGzNGOolt/b61MvRhdKMtlc=; b=XfQHvQO41Ci9eO26XLF4IoXTQNfNy5eurV0m0yyHjQ7QQQpi/8sRBz7CVAdKKl+5nV ipk/ramoLco5FlRfjx2aO+BpMQLX9qG/U678eNqRiwNmjyFYP714vDJYt6eEKYmqbIB1 AzgBG6tnBNn24SogQ7T97PviF5s+cKthYYgDamsHbCUy8fORlhUrpGRS7sm9fQcTKu2Y kuMkpUmrclrYueHRoftVi4hvN0r/h6Ws/If3SV07OqzXhk5LiiuT9T9CcTo0ypZW2nHx Q//g5ggPzKJKSzcoJ6WmI9Qs0oOW4cbu0INCYMTijH8ahEhJJB6Yi4lVXqc/6/84rbpb ygyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TMH75IVO+LXf/CtS6ZHvxGzNGOolt/b61MvRhdKMtlc=; b=EKEBHllGW58UYxHGel4mjwz7niR2jljOJnbwmDltwbXX4e1nyVfvOFzOFQ97IZJ47k c2CCblO1oc4QxP7IRgtyocPbVrBWOg/+rzN18mJHOr+yCUx/IR5V2Uhe2HG3q0to4VxC RPPhAfKypt/Nbj7/vL2UpJuqJgaQc34VLHB4wzcXLIQmMyVhRelSJuEJbwKO5rcSdy+l x1JECGr0hQMIJA4AcYXbd/aBZfmr3oNjtSO3mIDCavUL+WaOYAzfep/a6wIVTsZqNXvl a9KnFKv9UhvAaPbNC3CW1cEMp7hxKJsqMwU7RuDToBe4l0DKxVWP4tE2DdOISEEMUxmu Jvqw== X-Gm-Message-State: AKS2vOxN+HlwExAHzLNfRlAGh3nVttj4z9MlenG+ih29Y3oN8IBVAluu CdQ+FfomKeULwQEruM6fwNfNT3C76A== X-Received: by 10.202.93.215 with SMTP id r206mr4440973oib.2.1498648905641; Wed, 28 Jun 2017 04:21:45 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.141.84 with HTTP; Wed, 28 Jun 2017 04:21:45 -0700 (PDT) In-Reply-To: <4a0a3d70-ff4b-9c99-810a-4537d5415594@redhat.com> References: <53356291-bb6d-3a69-3dc7-4a1f011942bd@redhat.com> <4a0a3d70-ff4b-9c99-810a-4537d5415594@redhat.com> From: "H.J. Lu" Date: Sun, 01 Jan 2017 00:00:00 -0000 Message-ID: Subject: Re: RFC: Update x86 psABI to support shadow stac To: Florian Weimer Cc: gnu-gabi@sourceware.org, IA32 System V Application Binary Interface , "x86-64-abi@googlegroups.com" , "Shanbhogue, Vedvyas" Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2017-q2/txt/msg00042.txt.bz2 On Wed, Jun 28, 2017 at 2:58 AM, Florian Weimer wrote: > On 06/22/2017 08:44 PM, H.J. Lu wrote: >>> The responsibilities for compliance are split between caller and callee, >>> which can live in different shared objects. I think it would be prudent >>> to formulate the requirement in such a way that compliance can be >>> checked by looking at one DSO in isolation. > >> What do you mean by it? > > I suggest to word the ABI requirement in such a way that it is possible > to verify if a shared object complies with it isolation, independent of > how its functions are called. > 99% of existing binaries are compatible with shadow stack. It is hard to tell just by looking at assembly instructions. If shadow stack is enabled, compiler should turn on the SHSTK bit in output: [hjl@gnu-tools-1 32]$ readelf -n crtprec32.o Displaying notes found in: .note.gnu.property Owner Data size Description GNU 0x0000000c NT_GNU_PROPERTY_TYPE_0 Properties: x86 feature: IBT GNU 0x0000000c NT_GNU_PROPERTY_TYPE_0 Properties: x86 feature: SHSTK [hjl@gnu-tools-1 32]$ I don't know if it is sufficient for verification. -- H.J.