This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Compiler support for erasure of sensitive data
- From: Richard Biener <richard dot guenther at gmail dot com>
- To: Marcos Diaz <marcos dot diaz at tallertechnologies dot com>
- Cc: zackw at panix dot com, andres dot tiraboschi at tallertechnologies dot com, GCC Development <gcc at gcc dot gnu dot org>, daniel dot gutson at tallertechnologies dot com
- Date: Tue, 1 Mar 2016 10:27:00 +0100
- Subject: Re: Compiler support for erasure of sensitive data
- Authentication-results: sourceware.org; auth=none
- References: <55F0653C dot 9010903 at panix dot com> <1456780462-7500-1-git-send-email-marcos dot diaz at tallertechnologies dot com>
On Mon, Feb 29, 2016 at 10:14 PM, Marcos Diaz
<marcos.diaz@tallertechnologies.com> wrote:
> Hi, we are facing the same issue. This bugzilla was opened:
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69976
>
> We were thinking on making a function attribute that ensures that non necessary registers, or stack frames used by the function will be correctly cleared before returning.
> We think in implementing for x86_64 as a first work.
> For this we are trying to modify the epilogue generation. Here we should have the information of which registers this function used, and the size of the stack frame to clean. The downside of this is that will be architecture dependent.
> Do you think this is a good idea? Do you suggest something else?
I think you can't avoid doing architecture specific changes here.
Note that on x86_64 you probably want to force
-maccumulate-outgoing-args
to avoid the use of push/pop and have the stack frame freeing fully in
the epilogue.
Richard.
> Thanks.