From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,
	RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 5036 invoked from network); 8 Nov 2021 08:30:26 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 8 Nov 2021 08:30:26 -0000
Received: (qmail 13619 invoked by uid 550); 8 Nov 2021 08:30:23 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 13599 invoked from network); 8 Nov 2021 08:30:22 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1636360210;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=l989t7aRQygiuWf0Ic8QKnUtoCitWX/vW68Y7HJeSTo=;
	b=Jyx0lrjKb31qwJw++fB+b9r3EWstWM4Eo6DAY9U2NLB6p+3NWYNjUkGDU9Ko4iNsTZt00C
	FDgda0XsbF/g/Kus0LD44dc/H+JjS+3cDzeSYZFLYwWNvyku1/kkuQBVwUbym5u+n2EoFb
	pRMEfNvPrXjWOk9CERqTNkHdhCHal1I=
X-MC-Unique: 2ZNFabh-POiDtfbHhvMDow-1
From: Florian Weimer <fweimer@redhat.com>
To: Markus Wichmann <nullplan@gmx.net>
Cc: musl@lists.openwall.com
References: <CH2PR02MB6522E190C4CF7FC0C1E4FC53B28F9@CH2PR02MB6522.namprd02.prod.outlook.com>
	<CAOUYtQA1w2Zun+yzt43Moxjy_QGwpdqt0pyYJkcZDy-FX3isMA@mail.gmail.com>
	<YYbL/2nQje5Cj7pk@wirbelwind.zhasha.com>
	<CAA2zVHqHTh9OZfxPRo0XAL0npnDrMbebaYasZfMsuTArrN40eQ@mail.gmail.com>
	<87lf1z6d5m.fsf@oldenburg.str.redhat.com>
	<20211107195601.GA2713@voyager>
Date: Mon, 08 Nov 2021 09:30:03 +0100
In-Reply-To: <20211107195601.GA2713@voyager> (Markus Wichmann's message of
	"Sun, 7 Nov 2021 20:56:01 +0100")
Message-ID: <87bl2vnj78.fsf@oldenburg.str.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=fweimer@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain
Subject: Re: [musl] add noexcept to all functions please

* Markus Wichmann:

> On Sun, Nov 07, 2021 at 07:20:21PM +0100, Florian Weimer wrote:
>> I believe the musl cancellation implementation does not use DWARF
>> unwinding.  I do not know if it cancellation handlers have the same
>> hardening gap as glibc's with setjmp-based unwinding.

> I presume you mean the cancel cleanup handling. In that case, musl uses
> a simple linked list, with nodes allocated on stack. No gaps of any
> kind.

The __f function pointer is stored in the node on the stack, along with
the __x argument that is passed by _pthread_cleanup_pop.  This looks
like a convenient on-stack gadget for exploitation purposes.  In musl,
the invocation is in the library itself, so there isn't much choice
there.  In glibc, with -fno-exceptions, we try to avoid this by inlining
the non-cancellation path at the pthread_cleanup_pop point.  But even if
the function pointer is constant, current GCC is no longer able to
produce a direct call.  But with -fexceptions, we do get a direct call.

Thanks,
Florian