From patchwork Wed Jul 18 15:37:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 945769 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-481811-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="IjwoByXt"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41W1WH67Y2z9s21 for ; Thu, 19 Jul 2018 01:38:03 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:reply-to:mime-version :content-type; q=dns; s=default; b=kDgTX8GRzk0Bt7p3mRvYLRemGNRmT ALEx6Cvr3OvHrFDdds7qk3uHRDwmZ5NcgNL5rCy1fL1eJ+vwR1IZdC4Ja2rbZcYW 7ArebJxQUrsg+l/0eHE/0FpoB4njKOURZS2V+j+Z4riYDvZf8VZZXFTvD6HfgDiS ra+dEBCzpcPRhE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:reply-to:mime-version :content-type; s=default; bh=oUc8szLbhapfuLBiP8L/RDnG5RE=; b=Ijw oByXt8VqDhvc8KbssV+KFhl6A9+fUeWNDhycMeuTsSOmXlOamir5I8DsqdYq4BjT JGlA/j/lsp6G39zYxhogQxhBGqQ8TTaNHOOzlIgJyoShs9eQcKM5sMz4v9XMgCXv IBDHCIrwPfblpfUKpddBptgb2FjYA/5wUrY1v7B4= Received: (qmail 50375 invoked by alias); 18 Jul 2018 15:37:56 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 50359 invoked by uid 89); 18 Jul 2018 15:37:55 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-25.4 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_LAZY_DOMAIN_SECURITY, KAM_NUMSUBJECT, KAM_SHORT, NO_DNS_FOR_FROM autolearn=ham version=3.3.2 spammy=Hx-languages-length:1862, 26713 X-HELO: mga07.intel.com Received: from mga07.intel.com (HELO mga07.intel.com) (134.134.136.100) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 18 Jul 2018 15:37:54 +0000 Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Jul 2018 08:37:52 -0700 Received: from gnu-4.sc.intel.com ([172.25.70.231]) by fmsmga002.fm.intel.com with ESMTP; 18 Jul 2018 08:37:52 -0700 Received: by gnu-4.sc.intel.com (Postfix, from userid 1000) id 62BB71C015E; Wed, 18 Jul 2018 08:37:52 -0700 (PDT) Date: Wed, 18 Jul 2018 08:37:52 -0700 From: "H.J. Lu" To: gcc-patches@gcc.gnu.org Cc: Jakub Jelinek , Kostya Serebryany , Dmitry Vyukov Subject: [PATCH] Call REAL(swapcontext) with indirect_return attribute on x86 Message-ID: <20180718153752.GB13951@intel.com> Reply-To: "H.J. Lu" MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.10.0 (2018-05-17) asan/asan_interceptors.cc has ... int res = REAL(swapcontext)(oucp, ucp); ... REAL(swapcontext) is a function pointer to swapcontext in libc. Since swapcontext may return via indirect branch on x86 when shadow stack is enabled, we need to call REAL(swapcontext) with indirect_return attribute on x86 so that compiler can insert ENDBR after REAL(swapcontext) call. I opened an LLVM bug: https://bugs.llvm.org/show_bug.cgi?id=38207 But it won't get fixed before indirect_return attribute is added to LLVM. I'd like to get it fixed in GCC first. Tested on i386 and x86-64. OK for trunk after https://gcc.gnu.org/ml/gcc-patches/2018-07/msg01007.html is approved? Thanks. H.J. --- PR target/86560 * asan/asan_interceptors.cc (swapcontext): Call REAL(swapcontext) with indirect_return attribute on x86. --- libsanitizer/asan/asan_interceptors.cc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libsanitizer/asan/asan_interceptors.cc b/libsanitizer/asan/asan_interceptors.cc index a8f4b72723f..b8dde4f19c5 100644 --- a/libsanitizer/asan/asan_interceptors.cc +++ b/libsanitizer/asan/asan_interceptors.cc @@ -267,7 +267,13 @@ INTERCEPTOR(int, swapcontext, struct ucontext_t *oucp, uptr stack, ssize; ReadContextStack(ucp, &stack, &ssize); ClearShadowMemoryForContextStack(stack, ssize); +#if defined(__x86_64__) || defined(__i386__) + int (*real_swapcontext) (struct ucontext_t *, struct ucontext_t *) + __attribute__((__indirect_return__)) = REAL(swapcontext); + int res = real_swapcontext(oucp, ucp); +#else int res = REAL(swapcontext)(oucp, ucp); +#endif // swapcontext technically does not return, but program may swap context to // "oucp" later, that would look as if swapcontext() returned 0. // We need to clear shadow for ucp once again, as it may be in arbitrary