diff options
author | H.J. Lu <hjl.tools@gmail.com> | 2018-07-24 05:20:48 -0700 |
---|---|---|
committer | H.J. Lu <hjl.tools@gmail.com> | 2018-07-24 05:21:07 -0700 |
commit | 3650e1d9284926be67e368707a9a2276fb77a167 (patch) | |
tree | e278a6deadd6d347e1446104bbea53144045ba7a /stdlib | |
parent | ca027e0f62789a0958b69dac4133616a90de6f7c (diff) | |
download | glibc-3650e1d9284926be67e368707a9a2276fb77a167.tar glibc-3650e1d9284926be67e368707a9a2276fb77a167.tar.gz glibc-3650e1d9284926be67e368707a9a2276fb77a167.tar.bz2 glibc-3650e1d9284926be67e368707a9a2276fb77a167.zip |
x86: Update vfork to pop shadow stack
The shadow stack prevents us from pushing the saved return PC onto
the stack and returning normally. Instead we pop the shadow stack
and return directly. This is the safest way to return and ensures
any stack manipulations done by the vfork'd child doesn't cause the
parent to terminate when CET is enabled.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* sysdeps/unix/sysv/linux/i386/vfork.S (SYSCALL_ERROR_HANDLER):
Redefine if shadow stack is enabled.
(SYSCALL_ERROR_LABEL): Likewise.
(__vfork): Pop shadow stack and jump back to to caller directly
when shadow stack is in use.
* sysdeps/unix/sysv/linux/x86_64/vfork.S (SYSCALL_ERROR_HANDLER):
Redefine if shadow stack is enabled.
(SYSCALL_ERROR_LABEL): Likewise.
(__vfork): Pop shadow stack and jump back to to caller directly
when shadow stack is in use.
Diffstat (limited to 'stdlib')
0 files changed, 0 insertions, 0 deletions