[Ping]: [RFC] [PATCH, AARCH64] : Using standard patterns for stack protection.

Venkataramanan Kumar venkataramanan.kumar@linaro.org
Fri Jan 31 08:25:00 GMT 2014


Can someone review this please.

regards,
Venkat.

On 22 January 2014 22:27, Venkataramanan Kumar
<venkataramanan.kumar@linaro.org> wrote:
> Hi Marcus,
>
> After we changed the frame growing direction (downwards) in Aarch64,
> the back-end now generates stack smashing set and test based on
> generic code available in GCC.
>
> But most of the ports (i386, spu, rs6000, s390, sh, sparc, tilepro and
> tilegx) define machine descriptions using standard pattern names
> 'stack_protect_set' and 'stack_protect_test'. This is done for both
> TLS model as well as global variable based stack guard model.
>
> Also all these ports in their machine descriptions,  have cleared the
> register that loaded the canary value using an additional instruction.
>
> (GCC internals)
> 'stack_protect_set'
> This pattern, if defined, moves a ptr_mode value from the memory in operand
> 1 to the memory in operand 0 without leaving the value in a register afterward.
> This is to avoid leaking the value some place that an attacker might use to
> rewrite the stack guard slot after having clobbered it.
> If this pattern is not defined, then a plain move pattern is generated.
> (GCC internals)
>
> I believe this is done for extra security.  Also each target can
> control the way of clearing the register that loaded the canary value.
>
> In the attached patch, I have written machine descriptions patterns
> for stack_protect_set and stack_protect_test for Aarch64.
> Also I am clearing the register by moving 0 to the register while
> setting the stack and using "eor" instruction while testing the stack.
>
> However this generates un-optimal code when compared to generic GCC code.
>
> While setting up stack canary ,
>
> Generic code
>
>         adrp    x19, __stack_chk_guard
>         ldr     x1, [x19,#:lo12:__stack_chk_guard]
>         str     x1, [x29,40]
>
>
> Patch
>
>         adrp    x19, __stack_chk_guard
>         add     x1, x19, :lo12:__stack_chk_guard
>         ldr     x2, [x1]
>        str     x1, [x29,40]
>        mov     x2, 0
>
> while testing stack canary
>
> generic code
>         ldr     x1, [x29,40]
>         ldr     x0, [x19,#:lo12:__stack_chk_guard]
>         cmp     x1, x0
>         bne     .L7
>
> patch
>         add     x19, x19, :lo12:__stack_chk_guard
>         ldr     x1, [x29,40]
>         ldr     x0, [x19]
>         eor     x0, x1, x0
>         cbnz    x0, .L7
>
> Please let me know if this change is fine for Aarch64.
>
> 2014-01-22 Venkataramanan Kumar  <venkataramanan.kumar@linaro.org>
>         * config/aarch64/aarch64.md (stack_protect_set, stack_protect_test)
>         (stack_protect_set_<mode>, stack_protect_test_<mode>): Add
>         machine descriptions for Stack Smashing Protector.
>
> 2014-01-22  Venkataramanan Kumar  <venkataramanan.kumar@linaro.org>
>         * lib/target-supports.exp
>           (check_effective_target_stack_protection): New procedure.
>         * g++.dg/fstack-protector-strong.C: Add target check for
>           stack protection.
>         * gcc.dg/fstack-protector-strong.c: Likewise.
>
>
> regards,
> Venkat.



More information about the Gcc-patches mailing list