[libc-commits] [libc] [libc] fortify jmp buffer for x86-64 (PR #112769)
Nick Desaulniers via libc-commits
libc-commits at lists.llvm.org
Mon Dec 2 13:23:23 PST 2024
================
@@ -103,6 +103,10 @@
"LIBC_CONF_SETJMP_AARCH64_RESTORE_PLATFORM_REGISTER": {
"value": true,
"doc": "Make setjmp save the value of x18, and longjmp restore it. The AArch64 ABI delegates this register to platform ABIs, which can choose whether to make it caller-saved."
+ },
+ "LIBC_CONF_SETJMP_FORTIFICATION": {
+ "value": false,
+ "doc": "Protect jmp_buf by masking its contents and storing a simple checksum, to make it harder for an attacker to read meaningful information from a jmp_buf or to modify it. This is only supported on x86-64 Linux."
----------------
nickdesaulniers wrote:
We will eventually need to support shadow stacks (part of Intel's CET): https://libc-alpha.sourceware.narkive.com/KcCIyBg9/patch-linux-x86-support-shadow-stack-pointer-in-setjmp-longjmp. It's perhaps worth discussing if we'll want to have 2 or 3 configs for fortification.
For instance, I'd imaging we'd want full fortification or no fortification. But I wonder if shadow stacks make checksumming irrelevant? Hmm...I'll need to think about that more.
https://github.com/llvm/llvm-project/pull/112769
More information about the libc-commits
mailing list