Velko wrote:
Back to the topic about stacks. I'm not getting why would one want to inject code into stack for returns from signal handler. Can not that be handled by having a bit of prologue and epilogue code in libc / glue library? Instead of registering the address of signal handler directly with kernel, store the signal handler callback in userspace variable and register the beginning of the prologue code instead.
Yes, that can indeed be done and it's the VDSO code that nullplan was referring to (and on Linux, sigaction() has a SA_RESTORER flag for this purpose). The stack-based solution is done by Linux for uncooperative libcs (which were presumably used at some point in the past).