From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-456459-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 90552 invoked by alias); 21 Jun 2017 08:46:49 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 90430 invoked by uid 89); 21 Jun 2017 08:46:48 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=rare
X-HELO: foss.arm.com
Received: from foss.arm.com (HELO foss.arm.com) (217.140.101.70) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 21 Jun 2017 08:46:46 +0000
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249])	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 1949780D;	Wed, 21 Jun 2017 01:46:45 -0700 (PDT)
Received: from e105689-lin.cambridge.arm.com (e105689-lin.cambridge.arm.com [10.2.207.32])	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 041803F3E1;	Wed, 21 Jun 2017 01:46:43 -0700 (PDT)
Subject: Re: RFC: stack/heap collision vulnerability and mitigation with GCC
From: "Richard Earnshaw (lists)" <Richard.Earnshaw@arm.com>
To: Andreas Schwab <schwab@suse.de>
Cc: Wilco Dijkstra <Wilco.Dijkstra@arm.com>, Jeff Law <law@redhat.com>, GCC Patches <gcc-patches@gcc.gnu.org>, nd <nd@arm.com>
References: <AM5PR0802MB2610C07342688AA9A63FB3BA83C50@AM5PR0802MB2610.eurprd08.prod.outlook.com> <71e54fa7-0763-fe20-4720-40574f46f2e6@arm.com> <mvm4lv9bugz.fsf@suse.de> <1786dd10-03de-0c1c-90c1-38288f949350@arm.com>
Message-ID: <ea965bcd-8596-8b05-54d2-e0e11c0a1bbc@arm.com>
Date: Wed, 21 Jun 2017 08:46:00 -0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <1786dd10-03de-0c1c-90c1-38288f949350@arm.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-SW-Source: 2017-06/txt/msg01554.txt.bz2

On 21/06/17 09:46, Richard Earnshaw (lists) wrote:
> On 21/06/17 09:44, Andreas Schwab wrote:
>> On Jun 21 2017, "Richard Earnshaw (lists)" <Richard.Earnshaw@arm.com> wrote:
>>
>>> A mere 256 bytes for the caller would permit 32 x 8byte arguments on the
>>> stack which, with at least 8 parameters passed in registers, would allow
>>> for calls with 40 parameters.  There can't be many in that space.  Any
>>> function making calls with more than that might need additional probes,
>>> but that's going to be exceedingly rare.
>>
>> With passing structures by value you can have arbitrary large
>> parameters.
>>
>> Andreas.
>>
> 
> 
> No.  Those are passed by copies which appear in the locals portion of
* pointers to copies *
R.

> the frame (so are covered by normal allocation priniciples).  Only
> structures of less than 16 bytes are passed by direct copy.
> 
> R.
>