things to do for arch maintainers

things to do for arch maintainers

[Ulrich Drepper]

1. on the setjmp code, make sure that for the code ending up inside 
ld.so we don't call __sigjmp_save (see the x86, x86-64, ppc code)

2. add pointer_guard to tcbhead_t in <tls.h>

3. define THREAD_SET_POINTER_GUARD and THREAD_COPY_POINTER_GUARD in <tls.h>

4. in <sysdep.h>, define PTR_MANGLE and PTR_DEMANGLE.  The ld.so code 
must use the global variable __pointer_chk_guard_local.  The libc code 
must use the tcbhead_t value.  C and asm versions are needed.  See the 
x86-64 version


All needs to be done for archs other than x86 and x86-64 (although 1 is 
done for ppc).

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: things to do for arch maintainers

[Jakub Jelinek]

On Sun, Dec 18, 2005 at 11:09:54AM -0800, Ulrich Drepper wrote:
> 1. on the setjmp code, make sure that for the code ending up inside 
> ld.so we don't call __sigjmp_save (see the x86, x86-64, ppc code)
> 
> 2. add pointer_guard to tcbhead_t in <tls.h>
> 
> 3. define THREAD_SET_POINTER_GUARD and THREAD_COPY_POINTER_GUARD in <tls.h>
> 
> 4. in <sysdep.h>, define PTR_MANGLE and PTR_DEMANGLE.  The ld.so code 
> must use the global variable __pointer_chk_guard_local.  The libc code 
> must use the tcbhead_t value.  C and asm versions are needed.  See the 
> x86-64 version
> 
> 
> All needs to be done for archs other than x86 and x86-64 (although 1 is 
> done for ppc).

Here it is for ppc, ppc64, s390, s390x and ia64.  Arch maintainers are
surely welcome to improve the asm sequences, but this patch seems to at
least work correctly.

2005-12-19  Jakub Jelinek  <jakub@redhat.com>

	* sysdeps/powerpc/powerpc32/__longjmp-common.S (__longjmp): Use
	PTR_DEMANGLE for PC if defined.
	* sysdeps/powerpc/powerpc64/__longjmp-common.S (__longjmp):
	Likewise.
	* sysdeps/unix/sysv/linux/ia64/__longjmp.S (__longjmp): Likewise.
	* sysdeps/s390/s390-32/__longjmp.c (__longjmp): Xor %r14 with
	THREAD_GET_POINTER_GUARD () if PTR_DEMANGLE is defined.
	* sysdeps/s390/s390-64/__longjmp.c (__longjmp): Likewise.
	* sysdeps/powerpc/powerpc32/setjmp-common.S (__sigsetjmp): Use
	PTR_MANGLE for PC if defined.
	* sysdeps/powerpc/powerpc64/setjmp-common.S (__sigsetjmp): Likewise.
	* sysdeps/s390/s390-32/setjmp.S (__sigsetjmp): Likewise.
	Avoid call to __sigjmp_save if IS_IN_rtld.
	* sysdeps/s390/s390-32/elf/setjmp.S (__sigsetjmp): Likewise.
	* sysdeps/s390/s390-64/setjmp.S (__sigsetjmp): Likewise.
	* sysdeps/s390/s390-64/elf/setjmp.S (__sigsetjmp): Likewise.
	* sysdeps/unix/sysv/linux/ia64/setjmp.S (__sigsetjmp): Likewise.
	* sysdeps/unix/sysv/linux/ia64/sysdep.h (PTR_MANGLE, PTR_DEMANGLE):
	Define.
	* sysdeps/unix/sysv/linux/powerpc/powerpc32/sysdep.h: Include tls.h.
	(PTR_MANGLE, PTR_DEMANGLE): Define.
	* sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h: Include tls.h
	(PTR_MANGLE, PTR_DEMANGLE): Define.
	* sysdeps/unix/sysv/linux/s390/s390-32/sysdep.h: Include tls.h.
	(PTR_MANGLE, PTR_DEMANGLE): Define.
	(SYSCALL_ERROR_HANDLER): Add missing semicolons.
	* sysdeps/unix/sysv/linux/s390/s390-64/sysdep.h: Include tls.h.
	(PTR_MANGLE, PTR_DEMANGLE): Define.
	* sysdeps/unix/sysv/linux/s390/s390-64/socket.S (__socket): Add
	SYSCALL_ERROR_HANDLER.
nptl/
	* sysdeps/ia64/tls.h (TLS_PRE_TCB_SIZE): Make room for 2 uintptr_t's
	rather than one.
	(THREAD_GET_POINTER_GUARD, THREAD_SET_POINTER_GUARD,
	THREAD_COPY_POINTER_GUARD): Define.
	* sysdeps/powerpc/tcb-offsets.sym (POINTER_GUARD): Add.
	* sysdeps/powerpc/tls.h (tcbhead_t): Add pointer_guard field.
	(THREAD_GET_POINTER_GUARD, THREAD_SET_POINTER_GUARD,
	THREAD_COPY_POINTER_GUARD): Define.
	* sysdeps/s390/tcb-offsets.sym (STACK_GUARD): Add.
	* sysdeps/s390/tls.h (THREAD_GET_POINTER_GUARD,
	THREAD_SET_POINTER_GUARD, THREAD_COPY_POINTER_GUARD): Define.
	* sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S (__ia64_longjmp):
	Use PTR_DEMANGLE for B0 if defined.

--- libc/sysdeps/unix/sysv/linux/s390/s390-32/sysdep.h.jj	2005-09-12 09:29:49.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/s390/s390-32/sysdep.h	2005-12-19 15:09:37.000000000 +0100
@@ -1,4 +1,5 @@
-/* Copyright (C) 2000,01,02,03,04 Free Software Foundation, Inc.
+/* Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005
+   Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -23,6 +24,7 @@
 #include <sysdeps/s390/s390-32/sysdep.h>
 #include <sysdeps/unix/sysdep.h>
 #include <dl-sysdep.h>	/* For RTLD_PRIVATE_ERRNO.  */
+#include <tls.h>
 
 /* For Linux we can use the system call table in the header file
 	/usr/include/asm/unistd.h
@@ -111,8 +113,8 @@
 0:  lcr   %r0,%r2;							      \
     basr  %r1,0;							      \
 1:  al    %r1,2f-1b(%r1);						      \
-    l     %r1,SYSCALL_ERROR_ERRNO@gotntpoff(%r1)			      \
-    ear   %r2,%a0							      \
+    l     %r1,SYSCALL_ERROR_ERRNO@gotntpoff(%r1);			      \
+    ear   %r2,%a0;							      \
     st    %r0,0(%r1,%r2);						      \
     lhi   %r2,-1;							      \
     br    %r14;								      \
@@ -261,4 +263,24 @@
 #define ASMFMT_4 , "0" (gpr2), "d" (gpr3), "d" (gpr4), "d" (gpr5)
 #define ASMFMT_5 , "0" (gpr2), "d" (gpr3), "d" (gpr4), "d" (gpr5), "d" (gpr6)
 
+
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  */
+#else
+/* For the time being just use stack_guard rather than a separate
+   pointer_guard.  */
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg, tmpreg) \
+  ear     tmpreg,%a0;			\
+  x       reg,STACK_GUARD(tmpreg)
+#  define PTR_DEMANGLE(reg, tmpreg) PTR_MANGLE (reg, tmpreg)
+# else
+#  define PTR_MANGLE(var) \
+  (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* _LINUX_S390_SYSDEP_H */
--- libc/sysdeps/unix/sysv/linux/s390/s390-64/sysdep.h.jj	2005-09-12 09:29:50.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/s390/s390-64/sysdep.h	2005-12-19 15:09:48.000000000 +0100
@@ -1,5 +1,5 @@
 /* Assembler macros for 64 bit S/390.
-   Copyright (C) 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -24,6 +24,7 @@
 #include <sysdeps/s390/s390-64/sysdep.h>
 #include <sysdeps/unix/sysdep.h>
 #include <dl-sysdep.h>	/* For RTLD_PRIVATE_ERRNO.  */
+#include <tls.h>
 
 /* For Linux we can use the system call table in the header file
 	/usr/include/asm/unistd.h
@@ -263,4 +264,25 @@
 #define ASMFMT_4 , "0" (gpr2), "d" (gpr3), "d" (gpr4), "d" (gpr5)
 #define ASMFMT_5 , "0" (gpr2), "d" (gpr3), "d" (gpr4), "d" (gpr5), "d" (gpr6)
 
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  */
+#else
+/* For the time being just use stack_guard rather than a separate
+   pointer_guard.  */
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg, tmpreg) \
+  ear     tmpreg,%a0;			\
+  sllg    tmpreg,tmpreg,32;		\
+  ear     tmpreg,%a1;			\
+  xg      reg,STACK_GUARD(tmpreg)
+#  define PTR_DEMANGLE(reg, tmpreg) PTR_MANGLE (reg, tmpreg)
+# else
+#  define PTR_MANGLE(var) \
+  (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* _LINUX_S390_SYSDEP_H */
--- libc/sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h.jj	2005-09-12 09:29:49.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h	2005-12-19 15:08:42.000000000 +0100
@@ -23,6 +23,7 @@
 #define _LINUX_POWERPC_SYSDEP_H 1
 
 #include <sysdeps/unix/powerpc/sysdep.h>
+#include <tls.h>
 
 /* Define __set_errno() for INLINE_SYSCALL macro below.  */
 #ifndef __ASSEMBLER__
@@ -180,4 +181,22 @@
 #define ASM_INPUT_5 ASM_INPUT_4, "5" (r7)
 #define ASM_INPUT_6 ASM_INPUT_5, "6" (r8)
 
+
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  */
+#else
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg, tmpreg) \
+	ld	tmpreg,POINTER_GUARD(r13); \
+	xor	reg,tmpreg,reg
+#  define PTR_DEMANGLE(reg, tmpreg) PTR_MANGLE (reg, tmpreg)
+# else
+#  define PTR_MANGLE(var) \
+  (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* linux/powerpc/powerpc64/sysdep.h */
--- libc/sysdeps/unix/sysv/linux/powerpc/powerpc32/sysdep.h.jj	2005-09-12 09:29:49.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/powerpc/powerpc32/sysdep.h	2005-12-19 15:09:06.000000000 +0100
@@ -20,6 +20,7 @@
 #define _LINUX_POWERPC_SYSDEP_H 1
 
 #include <sysdeps/unix/powerpc/sysdep.h>
+#include <tls.h>
 
 /* Some systen calls got renamed over time, but retained the same semantics.
    Handle them here so they can be catched by both C and assembler stubs in
@@ -170,4 +171,21 @@
 #endif /* __ASSEMBLER__ */
 
 
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  */
+#else
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg, tmpreg) \
+	lwz	tmpreg,POINTER_GUARD(r2); \
+	xor	reg,tmpreg,reg
+#  define PTR_DEMANGLE(reg, tmpreg) PTR_MANGLE (reg, tmpreg)
+# else
+#  define PTR_MANGLE(var) \
+  (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* linux/powerpc/powerpc32/sysdep.h */
--- libc/sysdeps/unix/sysv/linux/ia64/__longjmp.S.jj	2001-07-06 08:24:16.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/ia64/__longjmp.S	2005-12-19 13:54:19.000000000 +0100
@@ -1,4 +1,4 @@
-/* Copyright (C) 1999, 2000, 2001 Free Software Foundation, Inc.
+/* Copyright (C) 1999, 2000, 2001, 2005 Free Software Foundation, Inc.
    Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -101,6 +101,9 @@ LEAF(__longjmp)
 	ld8.nta r18=[r2],16		// b2
 	ld8.nta r19=[r3],16		// b3
 	;;
+#ifdef PTR_DEMANGLE
+	PTR_DEMANGLE (r16, r24)
+#endif
 	ld8.nta r20=[r2],16		// b4
 	ld8.nta r21=[r3],16		// b5
 	;;
--- libc/sysdeps/unix/sysv/linux/ia64/sysdep.h.jj	2005-09-12 09:29:44.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/ia64/sysdep.h	2005-12-19 13:54:48.000000000 +0100
@@ -1,4 +1,5 @@
-/* Copyright (C) 1999, 2000, 2002, 2003, 2004 Free Software Foundation, Inc.
+/* Copyright (C) 1999, 2000, 2002, 2003, 2004, 2005
+   Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Jes Sorensen, <Jes.Sorensen@cern.ch>, April 1999.
    Based on code originally written by David Mosberger-Tang
@@ -360,4 +361,24 @@
 
 #endif /* not __ASSEMBLER__ */
 
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  */
+#else
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg, tmpreg) \
+        add	tmpreg=-16,r13		\
+        ;;				\
+        ld8	tmpreg=[tmpreg]		\
+        ;;				\
+        xor	reg=reg, tmpreg
+#  define PTR_DEMANGLE(reg, tmpreg) PTR_MANGLE (reg, tmpreg)
+# else
+#  define PTR_MANGLE(var) \
+  (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* linux/ia64/sysdep.h */
--- libc/sysdeps/unix/sysv/linux/ia64/setjmp.S.jj	2004-04-28 20:39:49.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/ia64/setjmp.S	2005-12-19 13:55:01.000000000 +0100
@@ -1,4 +1,5 @@
-/* Copyright (C) 1999, 2000, 2001, 2002, 2004 Free Software Foundation, Inc.
+/* Copyright (C) 1999, 2000, 2001, 2002, 2004, 2005
+   Free Software Foundation, Inc.
    Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -86,7 +87,7 @@ libc_hidden_def (_setjmp)
 
 ENTRY(__sigsetjmp)
 	.prologue ASM_UNW_PRLG_RP|ASM_UNW_PRLG_PFS, ASM_UNW_PRLG_GRSAVE(2)
-	alloc loc1=ar.pfs,2,3,2,0
+	alloc loc1=ar.pfs,2,5,2,0
 	.save ar.unat, loc2
 	mov loc2=ar.unat
 	;;
@@ -140,7 +141,13 @@ ENTRY(__sigsetjmp)
 	;;
 	stf.spill.nta [r8]=f28,32
 	stf.spill.nta [r9]=f29,32
+#ifdef PTR_MANGLE
+	mov loc3=loc0
 	;;
+	PTR_MANGLE (loc3, loc4)
+#else
+	;;
+#endif
 	stf.spill.nta [r8]=f30
 	stf.spill.nta [r9]=f31
 
@@ -151,7 +158,11 @@ ENTRY(__sigsetjmp)
 	mov r25=ar.unat
 	mov out0=in0
 
+#ifdef PTR_MANGLE
+	st8.nta [r2]=loc3,16		// b0
+#else
 	st8.nta [r2]=loc0,16		// b0
+#endif
 	st8.nta [r3]=r17,16		// b1
 	mov out1=in1
 	;;
@@ -169,7 +180,12 @@ ENTRY(__sigsetjmp)
 	;;
 	st8.nta [r2]=r25		// ar.unat
 	st8.nta [r3]=in0		// &__jmp_buf
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	;;
+#else
 	br.call.dpnt.few rp=__sigjmp_save
+#endif
 .ret0:					// force a new bundle ::q
 	mov.m ar.unat=loc2		// restore caller's unat
 	mov rp=loc0
--- libc/sysdeps/s390/s390-32/setjmp.S.jj	2001-07-06 06:56:03.000000000 +0200
+++ libc/sysdeps/s390/s390-32/setjmp.S	2005-12-19 16:39:36.000000000 +0100
@@ -1,5 +1,5 @@
 /*
-   Copyright (C) 2000, 2001 Free Software Foundation, Inc.
+   Copyright (C) 2000, 2001, 2005 Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -29,10 +29,22 @@
 /* R2 = pointer to jmp_buf, R3 = savemask */
 
 ENTRY(__sigsetjmp)
+#ifdef PTR_MANGLE
+	stm    %r6,%r13,0(%r2)      /* store registers in jmp_buf */
+	lr     %r4,%r14
+	PTR_MANGLE (%r4, %r5)
+	st     %r4,32(%r2)
+	st     %r15,36(%r2)
+#else
 	stm    %r6,%r15,0(%r2)      /* store registers in jmp_buf */
+#endif
 	std    %f4,40(%r2)
 	std    %f6,48(%r2)
-#ifdef PIC
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	lhi    %r2,0
+	br     %r14
+#elif defined PIC
 	/* We cannot use the PLT, because it requires that %r12 be set, but
 	   we can't save and restore our caller's value.  Instead, we do an
 	   indirect jump through the GOT. */
--- libc/sysdeps/s390/s390-32/elf/setjmp.S.jj	2005-09-12 09:29:34.000000000 +0200
+++ libc/sysdeps/s390/s390-32/elf/setjmp.S	2005-12-19 16:43:16.000000000 +0100
@@ -1,5 +1,5 @@
 /* setjmp for s390, ELF version.
-   Copyright (C) 2000, 2002 Free Software Foundation, Inc.
+   Copyright (C) 2000, 2002, 2005 Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -46,10 +46,22 @@ END (__setjmp)
 
 ENTRY(__sigsetjmp)
 .Linternal_sigsetjmp:
+#ifdef PTR_MANGLE
+	stm    %r6,%r13,0(%r2)      /* store registers in jmp_buf */
+	lr     %r4,%r14
+	PTR_MANGLE (%r4, %r5)
+	st     %r4,32(%r2)
+	st     %r15,36(%r2)
+#else
 	stm    %r6,%r15,0(%r2)      /* store registers in jmp_buf */
+#endif
 	std    %f4,40(%r2)
 	std    %f6,48(%r2)
-#ifdef PIC
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	lhi    %r2,0
+	br     %r14
+#elif defined PIC
 	/* We cannot use the PLT, because it requires that %r12 be set, but
 	   we can't save and restore our caller's value.  Instead, we do an
 	   indirect jump through the GOT. */
--- libc/sysdeps/s390/s390-32/__longjmp.c.jj	2001-07-06 06:56:03.000000000 +0200
+++ libc/sysdeps/s390/s390-32/__longjmp.c	2005-12-19 13:45:41.000000000 +0100
@@ -1,4 +1,4 @@
-/* Copyright (C) 2000, 2001 Free Software Foundation, Inc.
+/* Copyright (C) 2000, 2001, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
 
@@ -29,14 +29,24 @@
 void
 __longjmp (__jmp_buf env, int val)
 {
-   /* Restore registers and jump back.  */
-   asm volatile ("lr   %%r2,%0\n\t"	  /* PUT val in grp 2.  */
-		 "ld   %%f6,48(%1)\n\t"
-		 "ld   %%f4,40(%1)\n\t"
-		 "lm   %%r6,%%r15,0(%1)\n\t"
-		 "br   %%r14"
-		 : : "r" (val == 0 ? 1 : val),
-		 "a" (env) : "2" );
+#ifdef PTR_DEMANGLE
+  register uintptr_t r5 __asm ("%r5") = THREAD_GET_POINTER_GUARD ();
+#endif
+  /* Restore registers and jump back.  */
+  asm volatile ("lr   %%r2,%0\n\t"	  /* PUT val in grp 2.  */
+		"ld   %%f6,48(%1)\n\t"
+		"ld   %%f4,40(%1)\n\t"
+		"lm   %%r6,%%r15,0(%1)\n\t"
+#ifdef PTR_DEMANGLE
+		"xr   %%r14,%2\n\t"
+#endif
+		"br   %%r14"
+		: : "r" (val == 0 ? 1 : val),
+		    "a" (env)
+#ifdef PTR_DEMANGLE
+		    , "r" (r5)
+#endif
+		: "2" );
 
   /* Avoid `volatile function does return' warnings.  */
   for (;;);
--- libc/sysdeps/s390/s390-64/setjmp.S.jj	2001-07-06 06:56:03.000000000 +0200
+++ libc/sysdeps/s390/s390-64/setjmp.S	2005-12-19 16:41:22.000000000 +0100
@@ -1,4 +1,4 @@
-/* Copyright (C) 2001 Free Software Foundation, Inc.
+/* Copyright (C) 2001, 2005 Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -28,16 +28,26 @@
 /* R2 = pointer to jmp_buf, R3 = savemask.  */
 
 ENTRY(__sigsetjmp)
+#ifdef PTR_MANGLE
+	stmg   %r6,%r13,0(%r2)      /* Store registers in jmp_buf.  */
+	lgr    %r4,%r14
+	PTR_MANGLE (%r4, %r5)
+	stg    %r4,64(%r2)
+	stg    %r15,72(%r2)
+#else
         stmg   %r6,%r15,0(%r2)      /* Store registers in jmp_buf.  */
+#endif
 	std    %f1,80(%r2)
 	std    %f3,88(%r2)
 	std    %f5,96(%r2)
 	std    %f7,104(%r2)
-#ifdef PIC
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	lghi   %r2,0
+	br     %r14
+#elif defined PIC
         jg     __sigjmp_save@PLT    /* Tail-call __sigjmp_save.  */
 #else
         jg     __sigjmp_save        /* Tail-call __sigjmp_save.  */
 #endif
 END (__sigsetjmp)
-
-
--- libc/sysdeps/s390/s390-64/elf/setjmp.S.jj	2005-09-12 09:29:34.000000000 +0200
+++ libc/sysdeps/s390/s390-64/elf/setjmp.S	2005-12-19 16:43:25.000000000 +0100
@@ -1,5 +1,5 @@
 /* setjmp for 64 bit S/390, ELF version.
-   Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+   Copyright (C) 2001, 2002, 2005 Free Software Foundation, Inc.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
    This file is part of the GNU C Library.
 
@@ -46,12 +46,24 @@ END (setjmp)
 
 ENTRY(__sigsetjmp)
 .Linternal_sigsetjmp:
+#ifdef PTR_MANGLE
+	stmg   %r6,%r13,0(%r2)      /* Store registers in jmp_buf.  */
+	lgr    %r4,%r14
+	PTR_MANGLE (%r4, %r5)
+	stg    %r4,64(%r2)
+	stg    %r15,72(%r2)
+#else
         stmg   %r6,%r15,0(%r2)      /* Store registers in jmp_buf.  */
+#endif
 	std    %f1,80(%r2)
 	std    %f3,88(%r2)
 	std    %f5,96(%r2)
 	std    %f7,104(%r2)
-#ifdef PIC
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	lghi   %r2,0
+	br     %r14
+#elif defined PIC
         jg     __sigjmp_save@PLT    /* Branch to PLT of __sigsetjmp.  */
 #else
 	jg     __sigjmp_save
--- libc/sysdeps/s390/s390-64/__longjmp.c.jj	2001-07-06 06:56:03.000000000 +0200
+++ libc/sysdeps/s390/s390-64/__longjmp.c	2005-12-19 13:46:12.000000000 +0100
@@ -1,4 +1,4 @@
-/* Copyright (C) 2001 Free Software Foundation, Inc.
+/* Copyright (C) 2001, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Martin Schwidefsky (schwidefsky@de.ibm.com).
 
@@ -29,18 +29,27 @@
 void
 __longjmp (__jmp_buf env, int val)
 {
-   /* Restore registers and jump back.  */
-   asm volatile ("lgr  %%r2,%0\n\t"        /* Put val in grp 2.  */
-		 "ld   %%f7,104(%1)\n\t"
-		 "ld   %%f5,96(%1)\n\t"
-		 "ld   %%f3,88(%1)\n\t"
-		 "ld   %%f1,80(%1)\n\t"
-                 "lmg  %%r6,%%r15,0(%1)\n\t"
-                 "br   %%r14"
-                 : : "r" (val == 0 ? 1 : val),
-                 "a" (env) : "2" );
+#ifdef PTR_DEMANGLE
+  register uintptr_t r5 __asm ("%r5") = THREAD_GET_POINTER_GUARD ();
+#endif
+  /* Restore registers and jump back.  */
+  asm volatile ("lgr  %%r2,%0\n\t"        /* Put val in grp 2.  */
+		"ld   %%f7,104(%1)\n\t"
+		"ld   %%f5,96(%1)\n\t"
+		"ld   %%f3,88(%1)\n\t"
+		"ld   %%f1,80(%1)\n\t"
+		"lmg  %%r6,%%r15,0(%1)\n\t"
+#ifdef PTR_DEMANGLE
+		"xgr  %%r14,%2\n\t"
+#endif
+		"br   %%r14"
+		: : "r" (val == 0 ? 1 : val),
+		    "a" (env)
+#ifdef PTR_DEMANGLE
+		    , "r" (r5)
+#endif
+		: "2" );
 
   /* Avoid `volatile function does return' warnings.  */
   for (;;);
 }
-
--- libc/sysdeps/powerpc/powerpc64/__longjmp-common.S.jj	2004-12-21 14:33:39.000000000 +0100
+++ libc/sysdeps/powerpc/powerpc64/__longjmp-common.S	2005-12-19 10:41:04.000000000 +0100
@@ -1,5 +1,5 @@
 /* longjmp for PowerPC64.
-   Copyright (C) 1995, 1996, 1997, 1999, 2000, 2001, 2002, 2003, 2004
+   Copyright (C) 1995, 1996, 1997, 1999, 2000, 2001, 2002, 2003, 2004, 2005
    Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
@@ -128,6 +128,9 @@ L(no_vmx):
 	lfd fp19,((JB_FPRS+5)*8)(r3)
 	ld r20,((JB_GPRS+6)*8)(r3)
 	lfd fp20,((JB_FPRS+6)*8)(r3)
+#ifdef PTR_DEMANGLE
+	PTR_DEMANGLE (r0, r25)
+#endif
 	mtlr r0
 /* 	std r2,40(r1)	Restore the TOC save area.  */
 	ld r21,((JB_GPRS+7)*8)(r3)
--- libc/sysdeps/powerpc/powerpc64/setjmp-common.S.jj	2005-12-19 08:43:50.000000000 +0100
+++ libc/sysdeps/powerpc/powerpc64/setjmp-common.S	2005-12-19 10:47:55.000000000 +0100
@@ -56,6 +56,9 @@ JUMPTARGET(GLUE(__sigsetjmp,_ent)):
 #endif
 	std  r14,((JB_GPRS+0)*8)(3)
 	stfd fp14,((JB_FPRS+0)*8)(3)
+#ifdef PTR_MANGLE
+	PTR_MANGLE (r0, r10)
+#endif
 	std  r0,(JB_LR*8)(3)
 	std  r15,((JB_GPRS+1)*8)(3)
 	stfd fp15,((JB_FPRS+1)*8)(3)
--- libc/sysdeps/powerpc/powerpc32/__longjmp-common.S.jj	2004-02-14 05:04:04.000000000 +0100
+++ libc/sysdeps/powerpc/powerpc32/__longjmp-common.S	2005-12-19 10:38:07.000000000 +0100
@@ -1,5 +1,6 @@
 /* longjmp for PowerPC.
-   Copyright (C) 1995-1997,1999-2001,2003,2004 Free Software Foundation, Inc.
+   Copyright (C) 1995-1997, 1999-2001, 2003, 2004, 2005
+   Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -40,6 +41,9 @@ ENTRY (BP_SYM (__longjmp))
 	lwz r18,((JB_GPRS+4)*4)(r3)
 	lwz r19,((JB_GPRS+5)*4)(r3)
 	lwz r20,((JB_GPRS+6)*4)(r3)
+#ifdef PTR_DEMANGLE
+	PTR_DEMANGLE (r0, r25)
+#endif
 	mtlr r0
 	lwz r21,((JB_GPRS+7)*4)(r3)
 	lwz r22,((JB_GPRS+8)*4)(r3)
--- libc/sysdeps/powerpc/powerpc32/setjmp-common.S.jj	2005-12-19 08:43:50.000000000 +0100
+++ libc/sysdeps/powerpc/powerpc32/setjmp-common.S	2005-12-19 10:47:36.000000000 +0100
@@ -36,6 +36,9 @@ ENTRY (BP_SYM (__sigsetjmp))
 	stw  r1,(JB_GPR1*4)(3)
 	mflr r0
 	stw  r14,((JB_GPRS+0)*4)(3)
+#ifdef PTR_MANGLE
+	PTR_MANGLE (r0, r10)
+#endif
 	stw  r0,(JB_LR*4)(3)
 	stw  r15,((JB_GPRS+1)*4)(3)
 	mfcr r0
--- libc/nptl/sysdeps/s390/tcb-offsets.sym.jj	2004-12-21 14:33:30.000000000 +0100
+++ libc/nptl/sysdeps/s390/tcb-offsets.sym	2005-12-19 09:32:17.000000000 +0100
@@ -2,5 +2,6 @@
 #include <tls.h>
 
 MULTIPLE_THREADS_OFFSET		offsetof (tcbhead_t, multiple_threads)
+STACK_GUARD			offsetof (tcbhead_t, stack_guard)
 PID				offsetof (struct pthread, pid)
 TID				offsetof (struct pthread, tid)
--- libc/nptl/sysdeps/s390/tls.h.jj	2005-07-04 10:16:56.000000000 +0200
+++ libc/nptl/sysdeps/s390/tls.h	2005-12-19 13:42:40.000000000 +0100
@@ -164,6 +164,13 @@ typedef struct
   ((descr)->header.stack_guard						      \
    = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
 
+/* s390 doesn't have HP_TIMING_*, so for the time being
+   use stack_guard as pointer_guard.  */
+#define THREAD_GET_POINTER_GUARD() \
+  THREAD_GETMEM (THREAD_SELF, header.stack_guard)
+#define THREAD_SET_POINTER_GUARD(value)
+#define THREAD_COPY_POINTER_GUARD(descr)
+
 #endif /* __ASSEMBLER__ */
 
 #endif	/* tls.h */
--- libc/nptl/sysdeps/powerpc/tcb-offsets.sym.jj	2005-02-21 17:20:00.000000000 +0100
+++ libc/nptl/sysdeps/powerpc/tcb-offsets.sym	2005-12-19 10:19:53.000000000 +0100
@@ -14,3 +14,4 @@ MULTIPLE_THREADS_OFFSET		thread_offsetof
 #endif
 PID				thread_offsetof (pid)
 TID				thread_offsetof (tid)
+POINTER_GUARD			(offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))
--- libc/nptl/sysdeps/powerpc/tls.h.jj	2005-07-04 10:16:56.000000000 +0200
+++ libc/nptl/sysdeps/powerpc/tls.h	2005-12-19 10:17:09.000000000 +0100
@@ -66,9 +66,11 @@ typedef union dtv
 # include <nptl/descr.h>
 
 /* The stack_guard is accessed directly by GCC -fstack-protector code,
-   so it is a part of public ABI.  The dtv field is private.  */
+   so it is a part of public ABI.  The dtv and pointer_guard fields
+   are private.  */
 typedef struct
 {
+  uintptr_t pointer_guard;
   uintptr_t stack_guard;
   dtv_t *dtv;
 } tcbhead_t;
@@ -166,6 +168,17 @@ register void *__thread_register __asm__
      = ((tcbhead_t *) ((char *) __thread_register			      \
 		       - TLS_TCB_OFFSET))[-1].stack_guard)
 
+/* Set the stack guard field in TCB head.  */
+# define THREAD_GET_POINTER_GUARD() \
+    (((tcbhead_t *) ((char *) __thread_register				      \
+		     - TLS_TCB_OFFSET))[-1].pointer_guard)
+# define THREAD_SET_POINTER_GUARD(value) \
+    (THREAD_GET_POINTER_GUARD () = (value))
+# define THREAD_COPY_POINTER_GUARD(descr) \
+    (((tcbhead_t *) ((char *) (descr)					      \
+		     + TLS_PRE_TCB_SIZE))[-1].pointer_guard		      \
+     = THREAD_GET_POINTER_GUARD())
+
 /* l_tls_offset == 0 is perfectly valid on PPC, so we have to use some
    different value to mean unset l_tls_offset.  */
 # define NO_TLS_OFFSET		-1
--- libc/nptl/sysdeps/ia64/tls.h.jj	2005-07-11 09:14:32.000000000 +0200
+++ libc/nptl/sysdeps/ia64/tls.h	2005-12-19 13:41:05.000000000 +0100
@@ -81,13 +81,14 @@ register struct pthread *__thread_self _
 # define TLS_TCB_SIZE sizeof (tcbhead_t)
 
 /* This is the size we need before TCB.
-   If there is not any room for uintptr_t stack_guard in struct pthread's
-   final padding, we need to put struct pthread 16 byte slower.  */
+   If there is not any room for uintptr_t stack_guard and
+   uintptr_t pointer_guard in struct pthread's final padding,
+   we need to put struct pthread 16 byte slower.  */
 # define TLS_PRE_TCB_SIZE \
-  (sizeof (struct pthread)					\
-   + (PTHREAD_STRUCT_END_PADDING < sizeof (uintptr_t)		\
-      ? ((sizeof (uintptr_t) + __alignof__ (struct pthread) - 1)\
-	 & ~(__alignof__ (struct pthread) - 1))			\
+  (sizeof (struct pthread)						\
+   + (PTHREAD_STRUCT_END_PADDING < 2 * sizeof (uintptr_t)		\
+      ? ((2 * sizeof (uintptr_t) + __alignof__ (struct pthread) - 1)	\
+	 & ~(__alignof__ (struct pthread) - 1))				\
       : 0))
 
 /* Alignment requirements for the TCB.  */
@@ -156,6 +157,15 @@ register struct pthread *__thread_self _
   (((uintptr_t *) ((char *) (descr) + TLS_PRE_TCB_SIZE))[-1] \
    = ((uintptr_t *) __thread_self)[-1])
 
+/* Set the pointer guard field in TCB head.  */
+#define THREAD_GET_POINTER_GUARD() \
+  (((uintptr_t *) __thread_self)[-2])
+#define THREAD_SET_POINTER_GUARD(value) \
+  (((uintptr_t *) __thread_self)[-2] = (value))
+#define THREAD_COPY_POINTER_GUARD(descr) \
+  (((uintptr_t *) ((char *) (descr) + TLS_PRE_TCB_SIZE))[-2] \
+   = THREAD_GET_POINTER_GUARD ())
+
 #endif /* __ASSEMBLER__ */
 
 #endif	/* tls.h */
--- libc/sysdeps/unix/sysv/linux/s390/s390-64/socket.S.jj	2005-09-12 09:29:50.000000000 +0200
+++ libc/sysdeps/unix/sysv/linux/s390/s390-64/socket.S	2005-12-19 16:23:44.000000000 +0100
@@ -128,6 +128,7 @@ L(socket_cancel):
 	j	4b
 #endif
 
+	SYSCALL_ERROR_HANDLER
 END (__socket)
 
 #ifndef NO_WEAK_ALIAS
--- libc/nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S.jj	2004-09-13 20:34:47.000000000 +0200
+++ libc/nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S	2005-12-19 19:00:44.000000000 +0100
@@ -1,4 +1,4 @@
-/* Copyright (C) 1999, 2000, 2001, 2004 Free Software Foundation, Inc.
+/* Copyright (C) 1999, 2000, 2001, 2004, 2005 Free Software Foundation, Inc.
    Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -102,6 +102,9 @@ LEAF(__ia64_longjmp)
 	;;
 	ld8.nta r20=[r2],16		// b4
 	ld8.nta r21=[r3],16		// b5
+#ifdef PTR_DEMANGLE
+	PTR_DEMANGLE (r16, r24)
+#endif
 	;;
 	ld8.nta r11=[r2],16		// ar.pfs
 	ld8.nta r22=[r3],56		// ar.lc


	Jakub

Re: things to do for arch maintainers

[Ulrich Drepper]

Applied.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: things to do for arch maintainers

[Kaz Kojima]

> 1. on the setjmp code, make sure that for the code ending up inside 
> ld.so we don't call __sigjmp_save (see the x86, x86-64, ppc code)
> 
> 2. add pointer_guard to tcbhead_t in <tls.h>
> 
> 3. define THREAD_SET_POINTER_GUARD and THREAD_COPY_POINTER_GUARD in <tls.h>
> 
> 4. in <sysdep.h>, define PTR_MANGLE and PTR_DEMANGLE.  The ld.so code 
> must use the global variable __pointer_chk_guard_local.  The libc code 
> must use the tcbhead_t value.  C and asm versions are needed.  See the 
> x86-64 version
> 
> 
> All needs to be done for archs other than x86 and x86-64 (although 1 is 
> done for ppc).

The appended patch is for SH.  It also fixes a typo in
sysdeps/unix/sysv/linux/sh/sysdep.h.

Regards,
	kaz
--
[nptl/ChangeLog]
2005-12-19  Kaz Kojima  <kkojima@rr.iij4u.or.jp>

	* sysdeps/sh/tcb-offsets.sym: Add POINTER_GUARD.
	* sysdeps/sh/tls.h (tcbhead_t): Remove private and add pointer_guard.
	(THREAD_GET_POINTER_GUARD, THREAD_SET_POINTER_GUARD,
	THREAD_COPY_POINTER_GUARD): Define.

[ChangeLog]
2005-12-19  Kaz Kojima  <kkojima@rr.iij4u.or.jp>

	* sysdeps/unix/sysv/linux/sh/sysdep.h: Include tls.h.
	(PTR_MANGLE, PTR_DEMANGLE): Difine.
	(SYSCALL_ERROR_HANDLER): Fix typo.
	* sysdeps/sh/sh4/__longjmp.S: Use PTR_DEMANGLE if defined.
	* sysdeps/sh/sh3/__longjmp.S: Likewise.
	* sysdeps/sh/sh4/setjmp.S: Use PTR_MANGLE if defined.
	* sysdeps/sh/sh3/setjmp.S: Likewise.

diff -uprN ORIG/libc/nptl/sysdeps/sh/tcb-offsets.sym LOCAL/libc/nptl/sysdeps/sh/tcb-offsets.sym
--- ORIG/libc/nptl/sysdeps/sh/tcb-offsets.sym	2004-03-12 01:03:46.000000000 +0900
+++ LOCAL/libc/nptl/sysdeps/sh/tcb-offsets.sym	2005-12-19 07:11:28.000000000 +0900
@@ -9,3 +9,4 @@ CLEANUP_JMP_BUF		offsetof (struct pthrea
 MULTIPLE_THREADS_OFFSET	offsetof (struct pthread, header.multiple_threads)
 TLS_PRE_TCB_SIZE	sizeof (struct pthread)
 MUTEX_FUTEX		offsetof (pthread_mutex_t, __data.__lock)
+POINTER_GUARD		offsetof (tcbhead_t, pointer_guard)
diff -uprN ORIG/libc/nptl/sysdeps/sh/tls.h LOCAL/libc/nptl/sysdeps/sh/tls.h
--- ORIG/libc/nptl/sysdeps/sh/tls.h	2005-01-07 07:40:21.000000000 +0900
+++ LOCAL/libc/nptl/sysdeps/sh/tls.h	2005-12-20 16:26:27.000000000 +0900
@@ -41,7 +41,7 @@ typedef union dtv
 typedef struct
 {
   dtv_t *dtv;
-  void *private;
+  uintptr_t pointer_guard;
 } tcbhead_t;
 
 # define TLS_MULTIPLE_THREADS_IN_TCB 1
@@ -140,6 +140,19 @@ typedef struct
 # define THREAD_SETMEM_NC(descr, member, idx, value) \
     descr->member[idx] = (value)
 
+#define THREAD_GET_POINTER_GUARD() \
+  ({ tcbhead_t *__tcbp;							      \
+     __asm __volatile ("stc gbr,%0" : "=r" (__tcbp));			      \
+     __tcbp->pointer_guard;})
+ #define THREAD_SET_POINTER_GUARD(value) \
+  ({ tcbhead_t *__tcbp;							      \
+     __asm __volatile ("stc gbr,%0" : "=r" (__tcbp));			      \
+     __tcbp->pointer_guard = (value);})
+#define THREAD_COPY_POINTER_GUARD(descr) \
+  ({ tcbhead_t *__tcbp;							      \
+     __asm __volatile ("stc gbr,%0" : "=r" (__tcbp));			      \
+     ((tcbhead_t *) (descr + 1))->pointer_guard	= __tcbp->pointer_guard;})
+
 #endif /* __ASSEMBLER__ */
 
 #endif	/* tls.h */
diff -uprN ORIG/libc/sysdeps/sh/sh3/__longjmp.S LOCAL/libc/sysdeps/sh/sh3/__longjmp.S
--- ORIG/libc/sysdeps/sh/sh3/__longjmp.S	2001-07-06 13:56:03.000000000 +0900
+++ LOCAL/libc/sysdeps/sh/sh3/__longjmp.S	2005-12-19 08:44:11.000000000 +0900
@@ -1,5 +1,5 @@
 /* longjmp for SH.
-   Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2000, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -32,13 +32,19 @@ ENTRY (__longjmp)
 	mov.l	@r4+, r12
 	mov.l	@r4+, r13
 	mov.l	@r4+, r14
-	mov.l	@r4+, r15
 	mov	r5, r0		/* get the return value in place */
 	tst	r0, r0
 	bf.s	1f
-	 lds.l	@r4+, pr
+	 mov.l	@r4+, r15
 	mov	#1,r0		/* can't let setjmp() return zero! */
 1:
+#ifdef PTR_DEMANGLE
+	mov.l	@r4+, r2
+	PTR_DEMANGLE (r2)
+	lds	r2, pr
+#else
+	lds.l	@r4+, pr
+#endif
 	rts
 	 ldc.l	@r4+, gbr
 END (__longjmp)
diff -uprN ORIG/libc/sysdeps/sh/sh3/setjmp.S LOCAL/libc/sysdeps/sh/sh3/setjmp.S
--- ORIG/libc/sysdeps/sh/sh3/setjmp.S	2001-07-06 13:56:03.000000000 +0900
+++ LOCAL/libc/sysdeps/sh/sh3/setjmp.S	2005-12-19 08:43:47.000000000 +0900
@@ -1,5 +1,5 @@
 /* setjmp for SH3.
-   Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2000, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -26,7 +26,13 @@ ENTRY (__sigsetjmp)
 	/* Save registers */
 	add	#(JB_SIZE - 4 * 5), r4
 	stc.l	gbr, @-r4
+#ifdef PTR_MANGLE
+	sts	pr, r2
+	PTR_MANGLE (r2)
+	mov.l	r2, @-r4
+#else
 	sts.l	pr, @-r4
+#endif
 	mov.l	r15, @-r4
 	mov.l	r14, @-r4
 	mov.l	r13, @-r4
@@ -36,8 +42,13 @@ ENTRY (__sigsetjmp)
 	mov.l	r9, @-r4
 	mov.l	r8, @-r4
 
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	rts
+	 mov	#0, r0
+#else
 	/* Make a tail call to __sigjmp_save; it takes the same args.  */
-#ifdef SHARED
+# ifdef SHARED
 	mov.l	1f, r1
 	mova	1f, r0
 	bra	2f
@@ -53,12 +64,13 @@ ENTRY (__sigsetjmp)
 	.align	2
 .L1:
 	.long	C_SYMBOL_NAME(__sigjmp_save@GOT)
-#else
+# else
 	mov.l	.L1, r1
 	jmp	@r1
 	 nop
 	.align	2
 .L1:
 	.long	C_SYMBOL_NAME(__sigjmp_save)
+# endif
 #endif
 END (__sigsetjmp)
diff -uprN ORIG/libc/sysdeps/sh/sh4/__longjmp.S LOCAL/libc/sysdeps/sh/sh4/__longjmp.S
--- ORIG/libc/sysdeps/sh/sh4/__longjmp.S	2001-07-06 13:56:03.000000000 +0900
+++ LOCAL/libc/sysdeps/sh/sh4/__longjmp.S	2005-12-19 08:44:47.000000000 +0900
@@ -1,5 +1,5 @@
 /* longjmp for SH.
-   Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2000, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -32,13 +32,19 @@ ENTRY (__longjmp)
 	mov.l	@r4+, r12
 	mov.l	@r4+, r13
 	mov.l	@r4+, r14
-	mov.l	@r4+, r15
 	mov	r5, r0		/* get the return value in place */
 	tst	r0, r0
 	bf.s	1f
-	 lds.l	@r4+, pr
+	 mov.l	@r4+, r15
 	mov	#1,r0		/* can't let setjmp() return zero! */
 1:
+#ifdef PTR_DEMANGLE
+	mov.l	@r4+, r2
+	PTR_DEMANGLE (r2)
+	lds	r2, pr
+#else
+	lds.l	@r4+, pr
+#endif
 	ldc.l	@r4+, gbr
 	lds.l	@r4+, fpscr
 	fmov.s	@r4+, fr12
diff -uprN ORIG/libc/sysdeps/sh/sh4/setjmp.S LOCAL/libc/sysdeps/sh/sh4/setjmp.S
--- ORIG/libc/sysdeps/sh/sh4/setjmp.S	2001-07-06 13:56:03.000000000 +0900
+++ LOCAL/libc/sysdeps/sh/sh4/setjmp.S	2005-12-19 08:44:31.000000000 +0900
@@ -1,5 +1,5 @@
 /* setjmp for SH4.
-   Copyright (C) 1999, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2000, 2005 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -31,7 +31,13 @@ ENTRY (__sigsetjmp)
 	fmov.s	fr12, @-r4
 	sts.l	fpscr, @-r4
 	stc.l	gbr, @-r4
+#ifdef PTR_MANGLE
+	sts	pr, r2
+	PTR_MANGLE (r2)
+	mov.l	r2, @-r4
+#else
 	sts.l	pr, @-r4
+#endif
 	mov.l	r15, @-r4
 	mov.l	r14, @-r4
 	mov.l	r13, @-r4
@@ -41,8 +47,13 @@ ENTRY (__sigsetjmp)
 	mov.l	r9, @-r4
 	mov.l	r8, @-r4
 
+#if defined NOT_IN_libc && defined IS_IN_rtld
+	/* In ld.so we never save the signal mask.  */
+	rts
+	 mov	#0, r0
+#else
 	/* Make a tail call to __sigjmp_save; it takes the same args.  */
-#ifdef SHARED
+# ifdef SHARED
 	mov.l	1f, r1
 	mova	1f, r0
 	bra	2f
@@ -58,12 +69,13 @@ ENTRY (__sigsetjmp)
 	.align	2
 .L1:
 	.long	C_SYMBOL_NAME(__sigjmp_save@GOT)
-#else
+# else
 	mov.l	.L1, r1
 	jmp	@r1
 	 nop
 	.align	2
 .L1:
 	.long	C_SYMBOL_NAME(__sigjmp_save)
+# endif
 #endif
 END (__sigsetjmp)
diff -uprN ORIG/libc/sysdeps/unix/sysv/linux/sh/sysdep.h LOCAL/libc/sysdeps/unix/sysv/linux/sh/sysdep.h
--- ORIG/libc/sysdeps/unix/sysv/linux/sh/sysdep.h	2004-10-05 05:59:37.000000000 +0900
+++ LOCAL/libc/sysdeps/unix/sysv/linux/sh/sysdep.h	2005-12-20 17:31:03.000000000 +0900
@@ -1,5 +1,5 @@
-/* Copyright (C) 1992,1993,1995,1996,1997,1998,1999,2000,2002,2003,2004
-	Free Software Foundation, Inc.
+/* Copyright (C) 1992,1993,1995,1996,1997,1998,1999,2000,2002,2003,2004,
+   2005	Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper, <drepper@gnu.ai.mit.edu>, August 1995.
    Changed by Kaz Kojima, <kkojima@rr.iij4u.or.jp>.
@@ -24,6 +24,7 @@
 
 /* There is some commonality.  */
 #include <sysdeps/unix/sh/sysdep.h>
+#include <tls.h>
 
 /* For Linux we can use the system call table in the header file
 	/usr/include/asm/unistd.h
@@ -104,7 +105,7 @@
 	mova 0f,r0; \
 	add r0,r12; \
 	mov.l 1f,r0; \
-	mov.l r1,@(r0,r12)
+	mov.l r1,@(r0,r12); \
 	bra .Lpseudo_end; \
 	 mov _IMM1,r0; \
 	.align 2; \
@@ -359,4 +360,21 @@
 
 #endif	/* __ASSEMBLER__ */
 
+/* Pointer mangling support.  */
+#if defined NOT_IN_libc && defined IS_IN_rtld
+/* We cannot use the thread descriptor because in ld.so we use setjmp
+   earlier than the descriptor is initialized.  Using a global variable
+   is too complicated here since we have no PC-relative addressing mode.  */
+#else
+# ifdef __ASSEMBLER__
+#  define PTR_MANGLE(reg) \
+     stc gbr,r1; mov.l @(POINTER_GUARD,r1),r1; xor r1,reg
+#  define PTR_DEMANGLE(reg)	PTR_MANGLE (reg)
+# else
+#  define PTR_MANGLE(var) \
+     (var) = (void *) ((uintptr_t) (var) ^ THREAD_GET_POINTER_GUARD ())
+#  define PTR_DEMANGLE(var)	PTR_MANGLE (var)
+# endif
+#endif
+
 #endif /* linux/sh/sysdep.h */

Re: things to do for arch maintainers

[Ulrich Drepper]

Kaz Kojima wrote:
> The appended patch is for SH.  It also fixes a typo in
> sysdeps/unix/sysv/linux/sh/sysdep.h.

Applied.  But why didn't the typo have any effect?  Is there a test we 
need to add?

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: things to do for arch maintainers

[Steven Munroe]

Ulrich Drepper wrote:

> 1. on the setjmp code, make sure that for the code ending up inside 
> ld.so we don't call __sigjmp_save (see the x86, x86-64, ppc code)
>
> 2. add pointer_guard to tcbhead_t in <tls.h>
>
> 3. define THREAD_SET_POINTER_GUARD and THREAD_COPY_POINTER_GUARD in 
> <tls.h>
>
> 4. in <sysdep.h>, define PTR_MANGLE and PTR_DEMANGLE.  The ld.so code 
> must use the global variable __pointer_chk_guard_local.  The libc code 
> must use the tcbhead_t value.  C and asm versions are needed.  See the 
> x86-64 version
>
>
> All needs to be done for archs other than x86 and x86-64 (although 1 
> is done for ppc).
>
Jakub got to the powerpc change before I could finish testing my 
version. No problem with Jukub's quickness, but I notice that his 
version does not fill in the

"#if defined NOT_IN_libc && defined IS_IN_rtld"


case. While the X86_64 example does.

Is this acceptable or should I try to fill in the code for this case?

There are some difficulties with toc/got access before they are 
relocated, so this may be appropriate. But I wanted to verify that this 
omission is intended.

Re: things to do for arch maintainers

[Jakub Jelinek]

On Tue, Dec 20, 2005 at 04:05:40PM -0600, Steven Munroe wrote:
> Jakub got to the powerpc change before I could finish testing my 
> version. No problem with Jukub's quickness, but I notice that his 
> version does not fill in the
> 
> "#if defined NOT_IN_libc && defined IS_IN_rtld"
> 
> 
> case. While the X86_64 example does.

Uli did that part already earlier for
sysdeps/powerpc/powerpc32/setjmp-common.S:

#if defined NOT_IN_libc && defined IS_IN_rtld
        li   r3,0
        blr
#else
        b BP_SYM (__sigjmp_save@local)
#endif

as well as sysdeps/powerpc/powerpc64/setjmp-common.S:

#if defined NOT_IN_libc && defined IS_IN_rtld
        li      r3,0
        blr
#else
        b JUMPTARGET (BP_SYM (__sigjmp_save))
#endif

and mentioned it in his mail?  Or do you see it missing elsewhere?

	Jakub

Re: things to do for arch maintainers

[Steven Munroe]

Jakub Jelinek wrote:

>On Tue, Dec 20, 2005 at 04:05:40PM -0600, Steven Munroe wrote:
>  
>
>>Jakub got to the powerpc change before I could finish testing my 
>>version. No problem with Jukub's quickness, but I notice that his 
>>version does not fill in the
>>
>>"#if defined NOT_IN_libc && defined IS_IN_rtld"
>>
>>
>>case. While the X86_64 example does.
>>    
>>
>
>Uli did that part already earlier for
>sysdeps/powerpc/powerpc32/setjmp-common.S:
>
>#if defined NOT_IN_libc && defined IS_IN_rtld
>        li   r3,0
>        blr
>#else
>        b BP_SYM (__sigjmp_save@local)
>#endif
>
>  
>
I was refering to defining the PTR_MANGLE/PTR_DEMANGLE macros for the 
IS_IN_RTLD case. X86_64 defines:

#if defined NOT_IN_libc && defined IS_IN_rtld
/* We cannot use the thread descriptor because in ld.so we use setjmp
   earlier than the descriptor is initialized.  */
# ifdef __ASSEMBLER__
#  define PTR_MANGLE(reg)    xorq __pointer_chk_guard_local(%rip), reg
#  define PTR_DEMANGLE(reg)    PTR_MANGLE (reg)
# else
#  define PTR_MANGLE(reg)    asm ("xorq 
__pointer_chk_guard_local(%%rip), %0"\
                     : "=r" (reg) : "0" (reg))
#  define PTR_DEMANGLE(reg)    PTR_MANGLE (reg)
# endif
...

While powerpc and most other arch's leave the macros undefined for the 
IS_IN_RTLD case.

This may be appropriate because powerpc does not have a pc relative 
reference to access __pointer_chk_guard_local and access via the 
.got/.toc will fail if access is attemped before the got/toc are 
relocated. But I wanted to verify this.

It is not clear what this change is really for, so it is difficult to 
determine what is intended or required.

Re: things to do for arch maintainers

[Roland McGrath]

> This may be appropriate because powerpc does not have a pc relative 
> reference to access __pointer_chk_guard_local and access via the 
> .got/.toc will fail if access is attemped before the got/toc are 
> relocated. But I wanted to verify this.

If you cannot access it safely in the first _dl_catch_error call in
startup, then leave the macros undefined.  I think the ld.so bootstrap
relocation will be complete before it's ever used.

> It is not clear what this change is really for, so it is difficult to 
> determine what is intended or required.

They make it harder to exploit buffer overruns to write useful addresses
into jmp_buf's PC values and have those result in attacker-chosen jumps.


Thanks,
Roland

Re: things to do for arch maintainers

[Kaz Kojima]

Ulrich Drepper <drepper@redhat.com> wrote:
> Applied.  But why didn't the typo have any effect?  Is there a test we 
> need to add?

Before the patch, sysdeps/generic/dl-sysdep.h wasn't included before
the definitions of SYSCALL_ERROR_HANDLER in sysdeps/unix/sysv/linux/sh/
sysdeps.h.  Then RTLD_PRIVATE_ERRNO is always 0 and the broken macro
was never used.  So rtld-* routines used slow SYSCALL_ERROR_HANDLER
but there was no error.  Now the patch includes sysdeps/generic/dl-sysdep.h
via tls.h and the fast SYSCALL_ERROR_HANDLER is used.

Regards,
	kaz