From patchwork Sat Jun 17 13:07:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 21064 Received: (qmail 53874 invoked by alias); 17 Jun 2017 13:07:11 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 53857 invoked by uid 89); 17 Jun 2017 13:07:10 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-25.4 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mail-pf0-f193.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=B7B/OCT4fXmtRu9hxsvzn4Ji6qpIiP0BpFFgINIqP10=; b=fm+k40jT4Bui5pBMIqZARI6wAfh6L68QukcDwRxrgjI80CxksQ4RneM83b456fqTAb dAEpaWBfnEczLo+/M+n/1IlZWuRP8BBcoZqYZw9DcPMDnjIRSCeFaa8TbHAlMoDhPPS1 47El34iUK5P0+QbBlsijHQfS3nxXNaIECSFLALiBSkDE90EFPPIT8ZR0+t+D0TZychI2 uT9JkQe0xEtfMWKTgj935mGCjfCG+nVts/89zoi6Q9gIde1jQQIyU6f7gKZDQykIHDfd GQi8Td6YyNy6kRrncxkiBIlX/LdXVepiAu10VxFRwtwzgoKqLvIUp8qy+qy/I8gfkgt7 /XLQ== X-Gm-Message-State: AKS2vOwh35XwyGndUSaQ7IXoarMRxd8pPwcWhq0VaxEYABPkl5HxnncD oM0ciKLnKGzAm18F X-Received: by 10.84.129.4 with SMTP id 4mr19340628plb.9.1497704831707; Sat, 17 Jun 2017 06:07:11 -0700 (PDT) Date: Sat, 17 Jun 2017 06:07:10 -0700 From: "H.J. Lu" To: GNU C Library Subject: [PATCH 2/2] i386: Update _dl_runtime_resolve/_dl_runtime_profile Message-ID: <20170617130710.GB14641@gmail.com> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.8.0 (2017-02-23) To make symbol resolver compatible with Shadow Stack in Intel Control-flow Enforcement Technology (CET) instructions: https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf call resolved function indirectly with %ecx. Any comments? H.J. --- [BZ #21598] * sysdeps/i386/dl-trampoline.S (_dl_runtime_resolve): Call resolved function indirectly with %ecx. (_dl_runtime_profile): Likewise. --- sysdeps/i386/dl-trampoline.S | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/sysdeps/i386/dl-trampoline.S b/sysdeps/i386/dl-trampoline.S index 6e7f3ae..648841c 100644 --- a/sysdeps/i386/dl-trampoline.S +++ b/sysdeps/i386/dl-trampoline.S @@ -34,19 +34,17 @@ _dl_runtime_resolve: cfi_adjust_cfa_offset (8) pushl %eax # Preserve registers otherwise clobbered. cfi_adjust_cfa_offset (4) - pushl %ecx - cfi_adjust_cfa_offset (4) pushl %edx cfi_adjust_cfa_offset (4) - movl 16(%esp), %edx # Copy args pushed by PLT in register. Note - movl 12(%esp), %eax # that `fixup' takes its parameters in regs. + movl 12(%esp), %edx # Copy args pushed by PLT in register. Note + movl 8(%esp), %eax # that `fixup' takes its parameters in regs. call _dl_fixup # Call resolver. - popl %edx # Get register content back. - cfi_adjust_cfa_offset (-4) - movl (%esp), %ecx - movl %eax, (%esp) # Store the function address. - movl 4(%esp), %eax - ret $12 # Jump to function address. + movl (%esp), %edx # Get register content back. + movl %eax, %ecx # Store the function address. + movl 4(%esp), %eax # Get register content back. + addl $16, %esp # Adjust stack(PLT did 2 pushes) + cfi_adjust_cfa_offset (-16) + jmp *%ecx # Jump to function address. cfi_endproc .size _dl_runtime_resolve, .-_dl_runtime_resolve @@ -85,14 +83,14 @@ _dl_runtime_profile: movl (%esp), %edx testl %edx, %edx jns 1f - popl %edx - cfi_adjust_cfa_offset (-4) - popl %edx # Get register content back. - cfi_adjust_cfa_offset (-4) - movl (%esp), %ecx - movl %eax, (%esp) # Store the function address. - movl 4(%esp), %eax - ret $20 # Jump to function address. + movl 4(%esp), %edx # Get register content back. + movl %eax, %ecx # Store the function address. + movl 12(%esp), %eax # Get register content back. + # Adjust stack: PLT1 + PLT2 + %esp + %ebp + %eax + %ecx + %edx + # + free. + addl $32, %esp + cfi_adjust_cfa_offset (-32) + jmp *%ecx # Jump to function address. /* +32 return address