Shadow stack is part of Intel's Control-Flow Enforcement Technology.
Whenever a function is called, the return address is pushed onto both
the regular stack and the shadow stack. When that function returns, the
return addresses are popped off both stacks and compared; if they fail
to match, #CP raised.
Backport this commit from https://github.com/php/php-src/pull/9283
With this commit, we create shadow stack with syscall map_shadow_stack
(no.451) for each fiber context and switch the shadow stack accordingly
during fcontext switch.
Signed-off-by: PeterYang12 <yuhan.yang@intel.com>
Signed-off-by: chen-hu-97 <hu1.chen@intel.com>
Indirect Branch Tracking(IBT) is part of Intel's Control-Flow
Enforcement Technology(CET). IBT is hardware based, forward edge
Control-Flow-Integrity mechanism where any indirect CALL/JMP must
target an ENDBR instruction or suffer #CP.
This commit inserts endbr64 instruction in assembly to support IBT.
AIX assembler is a bit more strict than GNU assembler. Thus, adjust
the XCOFF asm files to be able to accept both assembler.
For PPC64 jump and make files, most of the work have already been
made recently, only the functions' header needs to be updated.
For PPC64 ontop and PPC32 files, the algorithms where also wrong.
So the whole files have been reworked.
The PPC32 stack layout is based on AIX documentation:
https://www.ibm.com/docs/en/aix/7.2?topic=overview-runtime-process-stack
For PPC64, as it seems to work fine and is already being used in php,
I've kept the current layout based on PPC64 Linux version.
Tested with boost/context, boost/fiber and boost/coroutine2.
Note that the test_sscanf is still failing in ppc32 because of
float precision. (3.13999 is returned instead of 3.14).
Without this, asm files passed to gcc with "-c" option (without preprocessing).
It leads to "linker input file unused because linking not done" warnings and
"make_x86_64_ms_pe_gas.asm.obj: No such file or directory" error.
Use CMAKE_SYSTEM_PROCESSOR at first step and if it matches to any
Boost.Context arch option, then we will use it as default arch.
Otherwise we try to detect the known arm names depending on current
bitness.
Fixes#182.
issue 181
The copy elision of `caught` in throw expression is not mandatory,
and when it doesn't happen, forced_unwind::caught remains false
when the temporary is destroyed, which incorrectly triggers the assert.
