From: Yao Qi <yao@codesourcery.com>
To: Joel Brobecker <brobecker@adacore.com>
Cc: <gdb-patches@sourceware.org>
Subject: Re: over-permissive stack_chk_guard on ARM
Date: Thu, 23 Oct 2014 02:53:00 -0000 [thread overview]
Message-ID: <87y4s7h553.fsf@codesourcery.com> (raw)
In-Reply-To: <20141022142231.GF4786@adacore.com> (Joel Brobecker's message of "Wed, 22 Oct 2014 07:22:31 -0700")
Joel Brobecker <brobecker@adacore.com> writes:
> But the implementation seems to be going further than that.
> If the location of the first ldr points to data that's not
> the address of __stack_chk_guard, then it looks at the next
> two instructions, to see if they might following another
> pattern:
>
> /* Step 2: ldr Rd, [Rn, #immed], encoding T1. */
> /* Step 3: str Rd, [Rn, #immed], encoding T1. */
>
> Looking at the code and the function description, it seems to me
> that the normal situation would be what the comment alluded to,
> and that if it was the entire story, we wouldn't have needed
> the code doing steps 2 & 3. But, looking at the email archives
Sorry, I don't understand why do you think steps 2 & 3 are not needed?
Do you mean we don't have to go to step 2 & 3 if we can't find symbol
__stack_chk_guard in step 1?
> as well as the bug report initially referenced, I can't find
> really any explanation for what prompted you to add that code.
> I would need that in order to adjust the heuristics without
> breaking your situation.
Currently, we do so in order to handle the case symbol __stack_chk_guard
is removed, as the comments said:
/* If name of symbol doesn't start with '__stack_chk_guard', this
instruction sequence is not for stack protector. If symbol is
removed, we conservatively think this sequence is for stack
protector. */
However, I don't recall under what circumstance symbol
'__stack_chk_guard' can be removed. __stack_chk_guard is in .dynsym
section, so it can't be removed. (I presume symbols in .dynsym can't be
removed, correct me if I am wrong). If I am correct, we can restrict
the condition in step 1 that return early if the symbol name doesn't
start with '__stack_chk_guard'. Then, step 2 & 3 is not needed, or we
can keep them as a sanity check?
--
Yao (齐尧)
next prev parent reply other threads:[~2014-10-23 2:53 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-22 14:22 Joel Brobecker
2014-10-23 2:53 ` Yao Qi [this message]
2014-10-23 15:39 ` [RFA] ARM: stricter __stack_chk_guard check during prologue (was: "Re: over-permissive stack_chk_guard on ARM") Joel Brobecker
2014-10-24 8:29 ` [RFA] ARM: stricter __stack_chk_guard check during prologue Yao Qi
2014-10-24 12:23 ` Joel Brobecker
2014-10-24 12:48 ` Yao Qi
2014-10-27 6:26 ` Yao Qi
2014-10-29 5:48 ` Yao Qi
2014-10-29 13:12 ` Joel Brobecker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y4s7h553.fsf@codesourcery.com \
--to=yao@codesourcery.com \
--cc=brobecker@adacore.com \
--cc=gdb-patches@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox