On Thu, Sep 03, 2020 at 10:13:35AM -0700, Kees Cook wrote: > On Thu, Sep 03, 2020 at 09:29:54AM -0500, Qing Zhao wrote: > > On average, all the options starting with “used_…” (i.e, only the > > registers that are used in the routine will be zeroed) have very low > > runtime overheads, at most 1.72% for integer benchmarks, and 1.17% for FP > > benchmarks. > > If all the registers will be zeroed, the runtime overhead is bigger, > > all_arg is 5.7%, all_gpr is 3.5%, and all is 17.56% for integer benchmarks > > on average. > > Looks like the overhead of zeroing vector registers is much bigger. > > > > For ROP mitigation, -fzero-call-used-regs=used-gpr-arg should be enough, > > the runtime overhead with this is very small. > > That looks great; thanks for doing those tests! > > (And it seems like these benchmarks are kind of a "worst case" scenario > with regard to performance, yes? As in it's mostly tight call loops?)
I call this very expensive, already, and it is benchmarked on a target where this should be very cheap (it has few registers) :-/ Segher
