[PATCH 4/4] i386: Add _CET_ENDBR to indirect jump targets
H.J. Lu
hjl.tools at gmail.com
Sun Jan 19 15:42:56 CET 2020
On Sun, Jan 19, 2020 at 1:22 AM Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
>
> Hello,
>
> On 17.1.2020 19.29, H.J. Lu via Gcrypt-devel wrote:
> > i386 mpih-add1.S and mpih-sub1.S use a trick to implment jump tables
> > with LEA. We can't use conditional branches nor normal jump tables
> > since jump table entries use EFLAGS set by jump table index. This
> > patch adds _CET_ENDBR to indirect jump targets and adjust destination
> > for _CET_ENDBR.
> >
> > * mpi/i386/mpih-add1.S (_gcry_mpih_add_n): Save and restore
> > %ebx if IBT is enabed. Add _CET_ENDBR to indirect jump targets
> > and adjust jump destination for _CET_ENDBR.
> > * mpi/i386/mpih-sub1.S (_gcry_mpih_sub_n): Likewise.
> >
> > Signed-off-by: H.J. Lu <hjl.tools at gmail.com>
> > ---
> > mpi/i386/mpih-add1.S | 35 +++++++++++++++++++++++++++++++++++
> > mpi/i386/mpih-sub1.S | 35 +++++++++++++++++++++++++++++++++++
> > 2 files changed, 70 insertions(+)
> >
> > diff --git a/mpi/i386/mpih-add1.S b/mpi/i386/mpih-add1.S
> > index 32091f34..ef6423d9 100644
> > --- a/mpi/i386/mpih-add1.S
> > +++ b/mpi/i386/mpih-add1.S
> > @@ -55,6 +55,10 @@ C_SYMBOL_NAME(_gcry_mpih_add_n:)
> > movl 20(%esp),%edx /* s2_ptr */
> > movl 24(%esp),%ecx /* size */
> >
> > +#if defined __CET__ && (__CET__ & 1) != 0
> > + pushl %ebx
>
> Please add CFI_PUSH(%ebx) after each pushl and also CFI_POP after popl.
>
Done:
https://lists.gnupg.org/pipermail/gcrypt-devel/2020-January/004894.html
--
H.J.
More information about the Gcrypt-devel
mailing list