Re: regrename/i386: ROP vs df and stack-regs

Mon, 30 Nov 2015 13:47:27 -0800 

On Mon, Nov 30, 2015 at 10:38 PM, Bernd Schmidt <bschm...@redhat.com> wrote:
> On 11/27/2015 10:02 AM, Bernd Schmidt wrote:
>>
>> This is a patch for PRs 68471 and 68472, which show problems with the
>> ROP mitigation:
>>   * reg-stack doesn't call df_insn_update when it makes changes, and
>>     if df checking is enabled, any subsequent df_analyze call will
>>     abort
>>   * Using -mcmodel=medium fails because of a pattern that has lea type
>>     and needs its modrm_class overridden.
>>
>> Both of these are fixed in the i386 backend. As a further safety
>> measure, I've added some extra code to regrename to ignore stack regs
>> after regstack_complete - they can't be dealt with anymore.
>>
>> Bootstrapped and tested on x86_64-linux, with -mmitigate-rop forced on.
>> Ok?
>
>
>>         PR target/68471
>>         PR target/68472
>>         * config/i386/i386.c (ix86_mitigate_rop): Don't call
>>         compute_bb_for_insn again.  Call df_insn_rescan_all.
>>         * config/i386/i386.md (set_got_rex64): Override modrm_class.
>>
>>         * regrename.c (build_def_use): Ignore stack regs if
>> regstack_completed.
>>
>> testsuite/
>>         * gcc.target/i386/rop1.c: New test.
>>
>> diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
>> index 2ac6c25..14c99eb 100644
>> --- a/gcc/config/i386/i386.c
>> +++ b/gcc/config/i386/i386.c
>> @@ -45243,8 +45243,9 @@ ix86_mitigate_rop (void)
>>    COPY_HARD_REG_SET (inout_risky, input_risky);
>>    IOR_HARD_REG_SET (inout_risky, output_risky);
>>
>> -  compute_bb_for_insn ();
>>    df_note_add_problem ();
>> +  /* Fix up what stack-regs did.  */
>> +  df_insn_rescan_all ();
>>    df_analyze ();
>>
>>    regrename_init (true);
>> diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md
>> index a57d165..671580d 100644
>> --- a/gcc/config/i386/i386.md
>> +++ b/gcc/config/i386/i386.md
>> @@ -12418,6 +12418,7 @@
>>    "lea{q}\t{_GLOBAL_OFFSET_TABLE_(%%rip), %0|%0,
>> _GLOBAL_OFFSET_TABLE_[rip]}"
>>    [(set_attr "type" "lea")
>>     (set_attr "length_address" "4")
>> +   (set_attr "modrm_class" "unknown")
>>     (set_attr "mode" "DI")])
>>
>>  (define_insn "set_rip_rex64"
>> --- /dev/null   2015-11-23 12:05:22.553607702 +0100
>> +++ gcc/testsuite/gcc.target/i386/rop1.c        2015-11-24
>> 15:40:04.381086953 +0100
>> @@ -0,0 +1,7 @@
>> +/* { dg-do compile } */
>> +/* { dg-require-effective-target lp64 } */
>> +/* { dg-options "-mcmodel=medium -mmitigate-rop" } */
>> +void
>> +foo (void)
>> +{
>> +}
>
>
> Ccing Uros for the i386 bits.

These are OK.

Thanks,
Uros.

Reply via email to