atrosinenko wrote: This is a proof-of-concept fix for #184660.
Searching for signing oracles in libunwind uncovered an issue in `UnwindCursor::setInfoForSigReturn`: ```cpp _info.start_ip = pc; _info.end_ip = pc + 4; ``` Here `_info` is of `unw_proc_info_t` type and has `__ptrauth`-qualified `start_ip` and `end_ip` fields among others. Turned out, this code doesn't seem to work, as `this->getReg(UNW_REG_IP)` returns a signed result that uses pac-ret-style signing schema. It should be possible to mostly fix oracles in this function by hardening the local variable and introducing resigning as needed. (Though, it is not currently possible to **reliably** harden code like `some_protected_var = some_other_protected_var + 4` at the LLVM IR level). The downside is that fixing `stepThroughSigReturn` requires signing an untrusted IP value stored by the kernel on the stack when the regular execution is interrupted by the signal - that is why this is a proof-of-concept patch so far (but #171717 should probably help someday). https://github.com/llvm/llvm-project/pull/184661 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
