From: "H.J. Lu" <hjl.tools@gmail.com>
To: Florian Weimer <fweimer@redhat.com>
Cc: gnu-gabi@sourceware.org,
IA32 System V Application Binary Interface
<ia32-abi@googlegroups.com>,
"x86-64-abi@googlegroups.com" <x86-64-abi@googlegroups.com>,
"Shanbhogue, Vedvyas" <vedvyas.shanbhogue@intel.com>
Subject: Re: RFC: Update x86 psABI to support shadow stac
Date: Sun, 01 Jan 2017 00:00:00 -0000 [thread overview]
Message-ID: <CAMe9rOqZJ+47EB_Mq5YGaDE1GbjbG-8Tju1NrbeqdbSYE3v4Qg@mail.gmail.com> (raw)
In-Reply-To: <20561ce4-e433-618b-86fd-5d74dbf0e56e@redhat.com>
On Thu, Jul 27, 2017 at 8:44 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 06/28/2017 01:21 PM, H.J. Lu wrote:
>> On Wed, Jun 28, 2017 at 2:58 AM, Florian Weimer <fweimer@redhat.com> wrote:
>>> On 06/22/2017 08:44 PM, H.J. Lu wrote:
>>>>> The responsibilities for compliance are split between caller and callee,
>>>>> which can live in different shared objects. I think it would be prudent
>>>>> to formulate the requirement in such a way that compliance can be
>>>>> checked by looking at one DSO in isolation.
>>>
>>>> What do you mean by it?
>>>
>>> I suggest to word the ABI requirement in such a way that it is possible
>>> to verify if a shared object complies with it isolation, independent of
>>> how its functions are called.
>>>
>>
>> 99% of existing binaries are compatible with shadow stack.
>
> I find that surprising, or does this number to refer to x86-64 binaries
> only?
CET is x86 specific. You can take a look at the current CET changes for
GCC at
https://github.com/hjl-tools/gcc/tree/hjl/cet/reorg16
>> It is hard
>> to tell just by looking at assembly instructions. If shadow stack is enabled,
>> compiler should turn on the SHSTK bit in output:
>>
>> [hjl@gnu-tools-1 32]$ readelf -n crtprec32.o
>>
>> Displaying notes found in: .note.gnu.property
>> Owner Data size Description
>> GNU 0x0000000c NT_GNU_PROPERTY_TYPE_0
>> Properties: x86 feature: IBT
>> GNU 0x0000000c NT_GNU_PROPERTY_TYPE_0
>> Properties: x86 feature: SHSTK
>> [hjl@gnu-tools-1 32]$
>>
>> I don't know if it is sufficient for verification.
>
> The ABI document needs to specify what the flag means. I don't think
> it's sufficient to essentially say, “the toolchain did or did not do
> some unspecified stuff and we believe the binary is now compatible with
> the shadow stack feature”.
>
Please see CET x86-64 psABI:
https://github.com/hjl-tools/x86-psABI/wiki/X86-psABI
and let me know if they are sufficient.
Thanks.
--
H.J.
next prev parent reply other threads:[~2017-07-27 16:21 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-01 0:00 H.J. Lu
2017-01-01 0:00 ` Florian Weimer
2017-01-01 0:00 ` H.J. Lu
2017-01-01 0:00 ` Florian Weimer
2017-01-01 0:00 ` H.J. Lu
2017-01-01 0:00 ` Florian Weimer
2017-01-01 0:00 ` H.J. Lu
2017-01-01 0:00 ` Florian Weimer
2017-01-01 0:00 ` H.J. Lu [this message]
2017-01-01 0:00 ` Florian Weimer
2017-01-01 0:00 ` H.J. Lu
2017-01-01 0:00 ` Shanbhogue, Vedvyas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMe9rOqZJ+47EB_Mq5YGaDE1GbjbG-8Tju1NrbeqdbSYE3v4Qg@mail.gmail.com \
--to=hjl.tools@gmail.com \
--cc=fweimer@redhat.com \
--cc=gnu-gabi@sourceware.org \
--cc=ia32-abi@googlegroups.com \
--cc=vedvyas.shanbhogue@intel.com \
--cc=x86-64-abi@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).