| Deutsch English Français Italiano |
|
<vsel2f$l4ih$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Stephen Fuld <sfuld@alumni.cmu.edu.invalid> Newsgroups: comp.arch Subject: Re: Constant Stack Canaries Date: Mon, 31 Mar 2025 10:57:35 -0700 Organization: A noiseless patient Spider Lines: 67 Message-ID: <vsel2f$l4ih$1@dont-email.me> References: <vsbcnl$1d4m5$1@dont-email.me> <vsc058$20pih$1@dont-email.me> <4cf60b5fd8b785feb07a67a823cc349d@www.novabbs.org> <vseeen$l4ig$1@dont-email.me> <vseiq9$qndj$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Mon, 31 Mar 2025 19:57:36 +0200 (CEST) Injection-Info: dont-email.me; posting-host="c8648c9284880e9de4e5dd63c8ff0216"; logging-data="692817"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/Yx5N1ZOV92sIyxNEHV9BXshRKuKeAz5U=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:bw8aEpoL3Fdhg9Bf1HCwXb8vgsU= Content-Language: en-US In-Reply-To: <vseiq9$qndj$1@dont-email.me> Bytes: 3924 On 3/31/2025 10:17 AM, BGB wrote: > On 3/31/2025 11:04 AM, Stephen Fuld wrote: >> On 3/30/2025 1:14 PM, MitchAlsup1 wrote: >>> On Sun, 30 Mar 2025 17:47:59 +0000, BGB wrote: >>> >>>> On 3/30/2025 7:16 AM, Robert Finch wrote: >>>>> Just got to thinking about stack canaries. I was going to have a >>>>> special >>>>> purpose register holding the canary value for testing while the >>>>> program >>>>> was running. But I just realized today that it may not be needed. >>>>> Canary >>>>> values could be handled by the program loader as constants, >>>>> eliminating >>>>> the need for a register. Since the value is not changing while the >>>>> program is running, it could easily be a constant. This may require a >>>>> fixup record handled by the assembler / linker to indicate to the >>>>> loader >>>>> to place a canary value. >>>>> >>>>> Prolog code would just store an immediate to the stack. On return a >>>>> TRAP >>>>> instruction could check for the immediate value and trap if not >>>>> present. >>>>> But the process seems to require assembler / linker support. >>>>> >>>> >>>> They are mostly just a normal compiler feature IME: >>>> Prolog stores the value; >>>> Epilog loads it and verifies that the value is intact. >>> >>> Agreed. >> >> I'm glad you, Mitch, chimed in here. When I saw this, it occurred to >> me that this could be done automatically by the hardware (optionally, >> based on a bit in a control register). The CALL instruction would >> store magic value, and the RET instruction would test it. If there >> was not a match, an exception would be generated. The value itself >> could be something like the clock value when the program was >> initiated, thus guaranteeing uniqueness. >> >> The advantage over the software approach, of course, is the >> elimination of several instructions in each prolog/epilog, reducing >> footprint, and perhaps even time as it might be possible to overlap >> some of the processing with the other things these instructions do. >> The downside is more hardware and perhaps extra overhead. >> >> Does this make sense? What have I missed. >> > > This would seem to imply an ISA where CALL/RET push onto the stack or > similar, rather than the (more common for RISC's) strategy of copying PC > into a link register... Sorry, you're right. I should have said, in the context of Mitch's My 66000, the ENTER and EXIT instructions. > Another option being if it could be a feature of a Load/Store Multiple. The nice thing about the ENTER/EXIT is that they combine the store multiple (ENTER) and the load multiple and return control (EXIT). -- - Stephen Fuld (e-mail address disguised to prevent spam)