This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Stack protector: leak of guard's address on stack
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Thomas Preudhomme <thomas dot preudhomme at linaro dot org>
- Cc: gcc at gcc dot gnu dot org
- Date: Fri, 27 Apr 2018 14:16:01 +0200
- Subject: Re: Stack protector: leak of guard's address on stack
- References: <CAKnkMGsEPiRoKBHEJVrnHbGLNx-7gZk0Kt7uqJRMZgQD1Uh=Wg@mail.gmail.com>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Thu, Apr 19, 2018 at 06:17:26PM +0100, Thomas Preudhomme wrote:
> For stack protector to be robust, at no point in time the guard against
> which the canari is compared must be spilled to the stack. This is achieved
> by having dedicated insn pattern for setting the canari and comparing it
> against the guard which doesn't reflect at RTL what is happening. However
> computing the address of the guard is done using standard movsi pattern and
> can thus be spilled (see PR85434). I'm reaching out to the community for
> ideas on how to avoid this.
Usually targets just put the canary into TLS area, then there is nothing to
spill.
Jakub