WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel][PATCH][RFC] _chk_fail and _chk canaries for minios and n

To: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>
Subject: Re: [Xen-devel][PATCH][RFC] _chk_fail and _chk canaries for minios and newlib
From: "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx>
Date: Mon, 09 Mar 2009 14:28:22 -0500
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 09 Mar 2009 11:29:10 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20090309181317.GR15127@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acmg5NOchhcve32mjESzpDpGcgfcew==
Thread-topic: [Xen-devel][PATCH][RFC] _chk_fail and _chk canaries for minios and newlib
User-agent: Microsoft-Entourage/12.15.0.081119


On 3/9/09 1:13 PM, "Samuel Thibault" <samuel.thibault@xxxxxxxxxxxx> wrote:

> Hello,
> 
> George S. Coker, II, le Mon 09 Mar 2009 13:08:04 -0500, a écrit :
>> This patch implements a minios version of the stack_chk_fail from glibc.
>> fprintf_chk and sprintf_chk functions have been added to newlib.
> 
> Cool!  That'd be useful indeed.  I'm however wondering whether
> your patch is enough for the stack protection: in my memory, gcc
> assumes that the glibc is used, and on e.g. i386, it uses gs:(0x14)
> for the stack canary (see a disassembly of a program compiled with
> -fstack-protector-all, there's a mov %gs:0x14,%eax lying in functions),
> and as a result we need to define a proper gs in MiniOS that follows
> glibc's tcbhead_t.
> 
It probably isn't enough.  It's more of a stub to make the linker and
libraries happy.  I can work on a more proper patch, but I was a little
uncertain about the split between minios and newlib.  It's just not clear
where to add new funcs because of the out-of-tree dependency on newlib.

> The fortified printfs should be fine.
> 
> Samuel

-- 
George S. Coker, II <gscoker@xxxxxxxxxxxxxx>



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel