[PATCH 4/4] i386: Add _CET_ENDBR to indirect jump targets
Jussi Kivilinna
jussi.kivilinna at iki.fi
Sun Jan 19 10:22:52 CET 2020
Hello,
On 17.1.2020 19.29, H.J. Lu via Gcrypt-devel wrote:
> i386 mpih-add1.S and mpih-sub1.S use a trick to implment jump tables
> with LEA. We can't use conditional branches nor normal jump tables
> since jump table entries use EFLAGS set by jump table index. This
> patch adds _CET_ENDBR to indirect jump targets and adjust destination
> for _CET_ENDBR.
>
> * mpi/i386/mpih-add1.S (_gcry_mpih_add_n): Save and restore
> %ebx if IBT is enabed. Add _CET_ENDBR to indirect jump targets
> and adjust jump destination for _CET_ENDBR.
> * mpi/i386/mpih-sub1.S (_gcry_mpih_sub_n): Likewise.
>
> Signed-off-by: H.J. Lu <hjl.tools at gmail.com>
> ---
> mpi/i386/mpih-add1.S | 35 +++++++++++++++++++++++++++++++++++
> mpi/i386/mpih-sub1.S | 35 +++++++++++++++++++++++++++++++++++
> 2 files changed, 70 insertions(+)
>
> diff --git a/mpi/i386/mpih-add1.S b/mpi/i386/mpih-add1.S
> index 32091f34..ef6423d9 100644
> --- a/mpi/i386/mpih-add1.S
> +++ b/mpi/i386/mpih-add1.S
> @@ -55,6 +55,10 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
> movl 20(%esp),%edx /* s2_ptr */
> movl 24(%esp),%ecx /* size */
>
> +#if defined __CET__ && (__CET__ & 1) != 0
> + pushl %ebx
Please add CFI_PUSH(%ebx) after each pushl and also CFI_POP after popl.
-Jussi
More information about the Gcrypt-devel
mailing list