On Wed, Dec 12, 2018 at 10:04:11PM +0000, Wilco Dijkstra wrote:
> Hi Martin,
>
> > Does a non-executable stack actually improve security?
>
> Absolutely, it's like closing your front door rather than just leave it open
> for anyone.
On many Linux systems, if you use trampolines anywhere then the whole
stack will be mapped executable during the whole lifetime of the process.
*That* is not so good, of course. But there is nothing wrong with having
some executable code on the stack, in principle.
> > For the alternative implementation using (custom) function
> > descriptors (-fno-trampolines) the static chain becomes
> > part of the ABI or not?
>
> I've not seen such an alternative implementation (-fno-trampolines is
> ignored on all targets I tried), but it wouldn't affect the ABI since you can
> only take the address of a nested function when you're the parent function.
Also if you are in a (later) sibling:
===
void *p;
void f(void)
{
void g(void)
{
}
void h(void)
{
p = g;
}
h();
}
===
Segher
