[PATCH][middle-end][i386][version 6]Add -fzero-call-used-regs=[skip|used-gpr-arg|used-arg|all-gpr-arg|all-arg|used-gpr|all-gpr|used|all]

Qing Zhao QING.ZHAO@ORACLE.COM
Fri Oct 30 14:25:31 GMT 2020 


> On Oct 30, 2020, at 4:54 AM, Richard Sandiford <richard.sandiford@arm.com> wrote:
> 
> Qing Zhao <QING.ZHAO@ORACLE.COM> writes:
>> @@ -3996,22 +3996,19 @@ with a named @code{target} must be @code{static}.
>> @cindex @code{zero_call_used_regs} function attribute
>> 
>> The @code{zero_call_used_regs} attribute causes the compiler to zero
>> -a subset of all call-used registers at function return according to
>> -@var{choice}.
>> -This is used to increase the program security by either mitigating
>> -Return-Oriented Programming (ROP) or preventing information leak
>> +a subset of all call-used registers@footnote{A ``call-used'' register
>> +is a register whose contents can be changed by a function call;
>> +therefore, a caller cannot assume that the register has the same contents
>> +on return from the function as it had before calling the function.  Such
>> +registers are also called ``call-clobbered'', ``caller-saved'', or
>> +``volatile''.} at function return.
>> +This is used to increase program security by either mitigating
>> +Return-Oriented Programming (ROP) attacks or preventing information leakage
>> through registers.
>> 
>> -A ``call-used'' register is a register whose contents can be changed by
>> -a function call; therefore, a caller cannot assume that the register has
>> -the same contents on return from the function as it had before calling
>> -the function.  Such registers are also called ``call-clobbered'',
>> -``caller-saved'', or ``volatile''.
>> -
>> In order to satisfy users with different security needs and control the
>> -run-time overhead at the same time, GCC provides a flexible way to choose
>> -the subset of the call-used registers to be zeroed.
>> -
>> +run-time overhead at the same time, @var{choice} parameter provides a
> 
> I suggested “the @var{choice} parameter provides” in the review yesterday.
> The “the” is needed.
My bad, added it.
> 
>> +flexible way to choose the subset of the call-used registers to be zeroed.
>> The three basic values of @var{choice} are:
>> 
>> @itemize @bullet
>> @@ -4046,42 +4043,41 @@ together, they must appear in the order above.
>> 
>> The full list of @var{choice}s is therefore:
>> 
>> -@itemize @bullet
>> -@item
>> -@samp{skip} doesn't zero any call-used register.
>> +@table @code
>> +@item skip
>> +doesn't zero any call-used register.
>> 
>> -@item
>> -@samp{used} only zeros call-used registers that are used in the function.
>> +@item used
>> +only zeros call-used registers that are used in the function.
>> 
>> -@item
>> -@samp{all} zeros all call-used registers.
>> +@item used-gpr
>> +only zeros call-used general purpose registers that are used in the function.
>> 
>> -@item
>> -@samp{used-arg} only zeros used call-used registers that pass arguments.
>> +@item used-arg
>> +only zeros call-used registers that are used in the function and pass arguments.
>> 
>> -@item
>> -@samp{used-gpr} only zeros used call-used general purpose registers.
>> +@item used-gpr-arg
>> +only zeros call-used general purpose registers that are used in the function
>> +and pass arguments.
>> 
>> -@item
>> -@samp{used-gpr-arg} only zeros used call-used general purpose registers that
>> -pass arguments.
>> +@item all
>> +zeros all call-used registers.
>> 
>> -@item
>> -@samp{all-gpr-arg} zeros all call-used general purpose registers that pass
>> -arguments.
>> +@item all-gpr
>> +zeros all call-used general purpose registers.
>> 
>> -@item
>> -@samp{all-arg} zeros all call-used registers that pass arguments.
>> +@item all-arg
>> +zeros all call-used registers that pass arguments.
>> 
>> -@item
>> -@samp{all-gpr} zeros all call-used general purpose registers.
>> -@end itemize
>> +@item all-gpr-arg
>> +zeros all call-used general purpose registers that pass
>> +arguments.
>> +@end table
> 
> TBH I also think the order I suggested yesterday is more natural
> than this one, but either's OK.  The above certainly addresses
> the original concern I had about the order being inconsistent.

You suggested:

- skip
- used
- used-arg
- used-gpr
- used-gpr-arg
- all
- all-arg
- all-gpr
- all-gpr-arg

I changed to: (switched the order used-arg and used-gpr,    all-arg and all-gpr)

-skip
-used
-used-gpr
-used-arg
-used-gpr-arg
-all
-all-gpr
-all-arg
-all-gpr-arg

I intended to do this change in order to make “gpr” before “arg”.

> 
>> @@ -288,7 +288,7 @@ enum sanitize_code {
>> };
>> 
>> /* Different settings for zeroing subset of registers.  */
>> -namespace  zero_regs_code {
>> +namespace zero_regs_flag {
> 
> I suggested “zero_regs_flags” rather than “zero_reg_flag” yesterday;
> I think “zero_regs_flags” is better because the namespace contains
> more than one flag.

Okay.
> 
>> @@ -1776,7 +1776,7 @@ const struct sanitizer_opts_s coverage_sanitizer_opts[] =
>>   { NULL, 0U, 0UL, false }
>> };
>> 
>> -using namespace zero_regs_code;
>> +using namespace zero_regs_flag;
>> /* -fzero-call-used-regs= suboptions.  */
>> const struct zero_call_used_regs_opts_s zero_call_used_regs_opts[] =
>> {
> 
> Sorry, I didn't notice this yesterday.  The table should use
> fully-qualified names: zero_regs_flags::SKIP etc.  We shouldn't
> do a using namespace for the whole file here.
> 
> OK with those changes, and thanks for doing this.

Thanks a lot, I will commit the patch with this set of changes you suggested. 

Really appreciate for all your help and patience. 

> 
> The new tests are likely to fail on some targets with the sorry()
> message, but I think target maintainers are best placed to decide
> whether (a) that's a fundamental restriction of the target and the
> tests should just be skipped or (b) the target needs to implement
> the new hook.

Okay. 

I will commit the patch with the following new change:

Thanks.

Qing

The new diff is:
diff --git a/gcc/doc/extend.texi b/gcc/doc/extend.texi
index 25b39094410..9091b72f5c3 100644
--- a/gcc/doc/extend.texi
+++ b/gcc/doc/extend.texi
@@ -4007,7 +4007,7 @@ Return-Oriented Programming (ROP) attacks or preventing information leakage
 through registers.
 
 In order to satisfy users with different security needs and control the
-run-time overhead at the same time, @var{choice} parameter provides a
+run-time overhead at the same time, the @var{choice} parameter provides a
 flexible way to choose the subset of the call-used registers to be zeroed.
 The three basic values of @var{choice} are:
 
diff --git a/gcc/flag-types.h b/gcc/flag-types.h
index 51c7e5f369b..9ef629b28af 100644
--- a/gcc/flag-types.h
+++ b/gcc/flag-types.h
@@ -288,7 +288,7 @@ enum sanitize_code {
 };
 
 /* Different settings for zeroing subset of registers.  */
-namespace zero_regs_flag {
+namespace zero_regs_flags {
   const unsigned int UNSET = 0;
   const unsigned int SKIP = 1UL << 0;
   const unsigned int ONLY_USED = 1UL << 1;
diff --git a/gcc/function.c b/gcc/function.c
index 76a503728e8..15249450592 100644
--- a/gcc/function.c
+++ b/gcc/function.c
@@ -5842,7 +5842,7 @@ gen_call_used_regs_seq (rtx_insn *ret, unsigned int zero_regs_type)
      if only_arg is true, only zero call-used registers that pass
      parameters defined by the flatform's calling conversion.  */
 
-  using namespace zero_regs_flag;
+  using namespace zero_regs_flags;
 
   only_gpr = zero_regs_type & ONLY_GPR;
   only_used = zero_regs_type & ONLY_USED;
@@ -6616,7 +6616,7 @@ public:
 unsigned int
 pass_zero_call_used_regs::execute (function *fun)
 {
-  using namespace zero_regs_flag;
+  using namespace zero_regs_flags;
   unsigned int zero_regs_type = UNSET;
 
   tree attr_zero_regs = lookup_attribute ("zero_call_used_regs",
diff --git a/gcc/opts.c b/gcc/opts.c
index 8c439e4006f..7e91c6c5a82 100644
--- a/gcc/opts.c
+++ b/gcc/opts.c
@@ -1776,21 +1776,20 @@ const struct sanitizer_opts_s coverage_sanitizer_opts[] =
   { NULL, 0U, 0UL, false }
 };
 
-using namespace zero_regs_flag;
 /* -fzero-call-used-regs= suboptions.  */
 const struct zero_call_used_regs_opts_s zero_call_used_regs_opts[] =
 {
 #define ZERO_CALL_USED_REGS_OPT(name, flags) \
     { #name, flags }
-  ZERO_CALL_USED_REGS_OPT (skip, SKIP),
-  ZERO_CALL_USED_REGS_OPT (used-gpr-arg, USED_GPR_ARG),
-  ZERO_CALL_USED_REGS_OPT (used-gpr, USED_GPR),
-  ZERO_CALL_USED_REGS_OPT (used-arg, USED_ARG),
-  ZERO_CALL_USED_REGS_OPT (used, USED),
-  ZERO_CALL_USED_REGS_OPT (all-gpr-arg, ALL_GPR_ARG),
-  ZERO_CALL_USED_REGS_OPT (all-gpr, ALL_GPR),
-  ZERO_CALL_USED_REGS_OPT (all-arg, ALL_ARG),
-  ZERO_CALL_USED_REGS_OPT (all, ALL),
+  ZERO_CALL_USED_REGS_OPT (skip, zero_regs_flags::SKIP),
+  ZERO_CALL_USED_REGS_OPT (used-gpr-arg, zero_regs_flags::USED_GPR_ARG),
+  ZERO_CALL_USED_REGS_OPT (used-gpr, zero_regs_flags::USED_GPR),
+  ZERO_CALL_USED_REGS_OPT (used-arg, zero_regs_flags::USED_ARG),
+  ZERO_CALL_USED_REGS_OPT (used, zero_regs_flags::USED),
+  ZERO_CALL_USED_REGS_OPT (all-gpr-arg, zero_regs_flags::ALL_GPR_ARG),
+  ZERO_CALL_USED_REGS_OPT (all-gpr, zero_regs_flags::ALL_GPR),
+  ZERO_CALL_USED_REGS_OPT (all-arg, zero_regs_flags::ALL_ARG),
+  ZERO_CALL_USED_REGS_OPT (all, zero_regs_flags::ALL),
 #undef ZERO_CALL_USED_REGS_OPT
   {NULL, 0U}
 };

> 
> Richard

More information about the Gcc-patches mailing list