[cfe-dev] [llvm-dev] [RFC] Zeroing Caller Saved Regs

Kees Cook via cfe-dev cfe-dev at lists.llvm.org
Fri Aug 7 15:28:32 PDT 2020


On Fri, Aug 7, 2020 at 1:18 AM David Chisnall
<David.Chisnall at cl.cam.ac.uk> wrote:
> I think it would be useful for the discussion to have a clear threat model that this intends to defend against and a rough analysis of the security benefits that this is believed to bring.

I view this as being even more about a ROP defense. Dealing with spill
slots is, IMO, a separate issue, more related to the auto-var-init
work (though that would be stack erasure on function exit, rather than
entry, which addresses a different set of issues). I think this thread
from the GCC list has some good details on the ROP defense:

https://gcc.gnu.org/pipermail/gcc-patches/2020-August/551607.html

-- 
Kees Cook


More information about the cfe-dev mailing list