Carlos O'Donell <codonell@xxxxxxxxxx> writes: > On 4/5/19 5:16 AM, Florian Weimer wrote: >> * Carlos O'Donell: >>> It is valuable that it be a trap, particularly for constant pools because >>> it means that a jump into the constant pool will trap. >> >> Sorry, I don't understand why this matters in this context. Would you >> please elaborate? > > Sorry, I wasn't very clear. > > My point is only that any accidental jumps, either with off-by-one (like you > fixed in gcc/glibc's signal unwinding most recently), result in a process fault > rather than executing RSEQ_SIG as a valid instruction *and then* continuing > onwards to the handler. > > A process fault is achieved either by a trap, or an invalid instruction, or > a privileged insn (like suggested for MIPS in this thread). In that case, mtmsr (Move to Machine State Register) seems a good candidate. mtmsr is available both on 32 and 64 bits since their first implementations. It's a privileged instruction and should never appear in userspace code (causes SIGILL). Any comments? -- Tulio Magno
