This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[rfc] reimplementation of ibm stack-smashing protector


The following is a functional re-implementation of the IBM stack
smashing protection patch described here:

  http://www.research.ibm.com/trl/projects/security/ssp/

This version is *much* less intrusive than the IBM version:

 Makefile.in         |   10 +-
 c-cppbuiltin.c      |    6 +
 cfgexpand.c         |  217 ++++++++++++++++++++++++++++++++++++++++++++++-
 common.opt          |   12 ++
 config/i386/i386.c  |    3
 config/i386/i386.md |  122 ++++++++++++++++++-----------
 doc/md.texi         |   24 +++++
 doc/tm.texi         |   26 ++++++
 function.c          |  115 ++++++++++++++++++++++++++-
 function.h          |   14 +--
 libgcc-std.ver      |    7 +
 libgcc2.c           |  138 +++++++++++++++++++++++++++++++++
 libgcc2.h           |    5 +
 mklibgcc.in         |    2
 params.def          |    5 +
 target-def.h        |    5 +
 target.h            |   11 ++
 targhooks.c         |   84 ++++++++++++++++++++
 targhooks.h         |    4
 toplev.c            |   12 ++
 tree.h              |    1
 21 files changed, 757 insertions(+), 66 deletions(-)

vs

 Makefile.in       |    8
 c-cppbuiltin.c    |    6
 calls.c           |    8
 combine.c         |   36
 common.opt        |   12
 config/arm/arm.md |    8
 config/t-linux    |    2
 configure         |   16
 cse.c             |   17
 doc/invoke.texi   |   25
 explow.c          |   28
 expr.c            |   41
 flags.h           |   12
 function.c        |   32
 gcse.c            |    8
 integrate.c       |   11
 libgcc-std.ver    |    6
 libgcc2.c         |  121 ++
 loop.c            |    8
 mklibgcc.in       |    2
 optabs.c          |   21
 opts.c            |   15
 protector.c       | 2730 +++++++++++++++++++++++++++++++++++++++++++++++++
 protector.h       |   55 +
 reload1.c         |   17
 rtl.h             |   21
 simplify-rtx.c    |   81 +
 toplev.c          |   27
 tree.h            |    4
 29 files changed, 3197 insertions(+), 181 modifications(!)

To achieve this -- and IMO to be workable at all -- I dispense with
the notion of keeping frame addresses in some magic form (which
included not folding (plus (reg) (const_int 0)) to (reg)).

Instead I layout all variables up front (easy with tree-ssa) and 
require that new stack slots be placed at lower addresses.  Which
does mean that FRAME_GROWS_DOWNWARD must be defined by the target
in order for this pass to be enabled.  Which does mean that at
present only i386 and x86_64 can use this new code.

But supposing that a target already defines a soft frame-pointer,
then in theory one can convert the port to FRAME_GROWS_DOWNWARD
with merely some arithmetic adjustments in INITIAL_ELIMINATION_OFFSET.
If the target doesn't already have a soft frame pointer, then the
transformation is a bit more complex, but still not too bad.

I've started on adjusting powerpc and ia64 for this.  Backend
patches will be posted separately.

The ABI presented in libgcc is a bit different than the IBM patch.
It should be a bit more efficient.  There are target hooks available
so that an OpenBSD maintainer can use the old ABI, which I believe
has made its way into their libc.

On a Red Hat internal list, there's been talk about putting the 
global guard variable into thread-local storage.  The primary purpose
is that we can avoid loading the GOT pointer in shared library functions
that do not otherwise use it.  But of course one could also think about
using different random values for different threads.  All that said,
nothing's been finalized for that wrt an ABI so I've left that code out.

I've bootstrapped gcc with both -fstack-protector{,-all} on i686-linux.


r~

Attachment: d-ssp-6
Description: Text document


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]