Hi, Richard,
Could you please check the following documentation change, and let me know any
suggestions?
Thanks.
Qing
>
>> +pass parameters. @samp{used-arg} zeros used call-used registers that
>> +pass parameters. @samp{arg} zeros all call-used registers that pass
>> +parameters. These 3 choices are used for ROP mitigation.
>> +
>> +@samp{used-gpr} zeros call-used general purpose registers
>> +which are used in function. @samp{all-gpr} zeros all
>> +call-used registers. @samp{used} zeros call-used registers which
>> +are used in function. @samp{all} zeros all call-used registers.
>> +These 4 choices are used for preventing information leak through
>> +registers.
>
> The description for all-gpr doesn't look right. I think it would
> be easier to describe (and hopefully to follow) if we start with
> the three basic choices: “skip”, “used” and “all”. Then describe
> how “used” and “all” can be modified by adding “-gpr” to limit the
> clearing to general-purpose registers and “-arg” to limit the
> clearing to argument registers.
>
> We need to say what “call-used” and “used” mean in this context.
> In particular, “call-used” is also known as “call-clobbered”,
> “caller-saved“ and “volatile”, so it would be good to list those
> as alternatives. We need to say what “used” registers are.
@item -fzero-call-used-regs=@var{choice}
@opindex fzero-call-used-regs
Zero call-used registers at function return to increase the program
security by either mitigating Return-Oriented Programming (ROP) or
preventing information leak through registers.
A "call-used" register is a register that is clobbered by function calls,
as a result, the caller has to save and restore it before or after a
function call. It is also called as "call-clobbered", "caller-saved", or
"volatile".
In order to satisfy users with different security needs and control the
run-time overhead at the same time, GCC provides a flexible way to choose
the subset of the call-used registers to be zeroed.
@samp{skip}, which is the default, doesn't zero any call-used registers.
@samp{used} zeros call-used registers which are used in the function. A "used"
register is one whose content has been set or referenced in the function.
@samp{all} zeros all call-used registers.
In addition to the above three basic choices, the register set can be further
limited by adding "-gpr" (i.e., general purpose register), "-arg" (i.e.,
argument register), or both as following:
@samp{used-gpr-arg} zeros used call-used general purpose registers that
pass parameters.
@samp{used-arg} zeros used call-used registers that pass parameters.
@samp{all-gpr-arg} zeros all call-used general purpose registers that pass
parameters.
@samp{all-arg} zeros all call-used registers that pass parameters.
@samp{used-gpr} zeros call-used general purpose registers which are used in the
function.
@samp{all-gpr} zeros all call-used general purpose registers.
Among this list, "used-gpr-arg", "used-arg", "all-gpr-arg", and "all-arg" are
mainly used for ROP mitigation.
You can control this behavior for a specific function by using the function
attribute @code{zero_call_used_regs}. @xref{Function Attributes}.
