This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Stack protector: leak of guard's address on stack

From: Jakub Jelinek <jakub at redhat dot com>
To: Thomas Preudhomme <thomas dot preudhomme at linaro dot org>
Cc: gcc at gcc dot gnu dot org
Date: Fri, 27 Apr 2018 14:16:01 +0200
Subject: Re: Stack protector: leak of guard's address on stack
References: <CAKnkMGsEPiRoKBHEJVrnHbGLNx-7gZk0Kt7uqJRMZgQD1Uh=Wg@mail.gmail.com>
Reply-to: Jakub Jelinek <jakub at redhat dot com>

On Thu, Apr 19, 2018 at 06:17:26PM +0100, Thomas Preudhomme wrote:
> For stack protector to be robust, at no point in time the guard against
> which the canari is compared must be spilled to the stack. This is achieved
> by having dedicated insn pattern for setting the canari and comparing it
> against the guard which doesn't reflect at RTL what is happening. However
> computing the address of the guard is done using standard movsi pattern and
> can thus be spilled (see PR85434). I'm reaching out to the community for
> ideas on how to avoid this.

Usually targets just put the canary into TLS area, then there is nothing to
spill.

	Jakub

Follow-Ups:
- Re: Stack protector: leak of guard's address on stack
  - From: Thomas Preudhomme

References:
- Stack protector: leak of guard's address on stack
  - From: Thomas Preudhomme

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]