From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 46562 invoked by alias); 30 Nov 2015 21:38:40 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 46550 invoked by uid 89); 30 Nov 2015 21:38:40 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Mon, 30 Nov 2015 21:38:39 +0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (Postfix) with ESMTPS id CB423C0B7ADA; Mon, 30 Nov 2015 21:38:37 +0000 (UTC) Received: from localhost.localdomain (vpn1-7-193.ams2.redhat.com [10.36.7.193]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id tAULcaGt008747; Mon, 30 Nov 2015 16:38:36 -0500 Subject: Re: regrename/i386: ROP vs df and stack-regs To: GCC Patches References: <56581C2F.9070300@redhat.com> Cc: Uros Bizjak From: Bernd Schmidt Message-ID: <565CC1DC.2000508@redhat.com> Date: Mon, 30 Nov 2015 21:47:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <56581C2F.9070300@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2015-11/txt/msg03525.txt.bz2 On 11/27/2015 10:02 AM, Bernd Schmidt wrote: > This is a patch for PRs 68471 and 68472, which show problems with the > ROP mitigation: > * reg-stack doesn't call df_insn_update when it makes changes, and > if df checking is enabled, any subsequent df_analyze call will > abort > * Using -mcmodel=medium fails because of a pattern that has lea type > and needs its modrm_class overridden. > > Both of these are fixed in the i386 backend. As a further safety > measure, I've added some extra code to regrename to ignore stack regs > after regstack_complete - they can't be dealt with anymore. > > Bootstrapped and tested on x86_64-linux, with -mmitigate-rop forced on. Ok? > PR target/68471 > PR target/68472 > * config/i386/i386.c (ix86_mitigate_rop): Don't call > compute_bb_for_insn again. Call df_insn_rescan_all. > * config/i386/i386.md (set_got_rex64): Override modrm_class. > > * regrename.c (build_def_use): Ignore stack regs if regstack_completed. > > testsuite/ > * gcc.target/i386/rop1.c: New test. > > diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c > index 2ac6c25..14c99eb 100644 > --- a/gcc/config/i386/i386.c > +++ b/gcc/config/i386/i386.c > @@ -45243,8 +45243,9 @@ ix86_mitigate_rop (void) > COPY_HARD_REG_SET (inout_risky, input_risky); > IOR_HARD_REG_SET (inout_risky, output_risky); > > - compute_bb_for_insn (); > df_note_add_problem (); > + /* Fix up what stack-regs did. */ > + df_insn_rescan_all (); > df_analyze (); > > regrename_init (true); > diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md > index a57d165..671580d 100644 > --- a/gcc/config/i386/i386.md > +++ b/gcc/config/i386/i386.md > @@ -12418,6 +12418,7 @@ > "lea{q}\t{_GLOBAL_OFFSET_TABLE_(%%rip), %0|%0, _GLOBAL_OFFSET_TABLE_[rip]}" > [(set_attr "type" "lea") > (set_attr "length_address" "4") > + (set_attr "modrm_class" "unknown") > (set_attr "mode" "DI")]) > > (define_insn "set_rip_rex64" > --- /dev/null 2015-11-23 12:05:22.553607702 +0100 > +++ gcc/testsuite/gcc.target/i386/rop1.c 2015-11-24 15:40:04.381086953 +0100 > @@ -0,0 +1,7 @@ > +/* { dg-do compile } */ > +/* { dg-require-effective-target lp64 } */ > +/* { dg-options "-mcmodel=medium -mmitigate-rop" } */ > +void > +foo (void) > +{ > +} Ccing Uros for the i386 bits. Bernd