On Wed, 2023-06-21 at 16:05 -0700, H.J. Lu wrote: > > Which makes me think if we did want to make a more compatible > > longjmp() > > a better the way to do it might be an arch_prctl that emits a token > > at > > the current SSP. This would be loosening up the security somewhat > > (have > > to be an opt-in), but less so then enabling WRSS. But it would also > > be > > way simpler, work for all cases (I think), and be faster (maybe?) > > than > > INCSSPing through a bunch of stacks. > > Since longjmp isn't required to be called after setjmp, leaving a > restore > token doesn't work when longjmp isn't called. Oh good point. Hmm.