[llvm-dev] How to prevent registers from spilling?
Stephen Crane via llvm-dev
llvm-dev at lists.llvm.org
Mon Nov 2 15:24:26 PST 2015
Hi all,
I've been trying to figure out if there is a feasible way to prevent values
from ever spilling from registers to the stack. I've looked for code or
documentation on how to do this but haven't found anything, apologies if
this has already been done.
Recent security research has shown that protection schemes such as CFI
(that might otherwise be secure) are undermined by sensitive values
spilling to the stack. When security-critical values spill from registers
to the stack, they can be read and overwritten by an attacker with
arbitrary memory read or write capabilities. See "Losing Control" from CCS
2015 for more details on this sort of attack:
https://www.ics.uci.edu/~perl/ccs15_stackdefiler.pdf
I think it would be great if we could allow values or at least virtual regs
to be tagged as "security-sensitive" and disallow spilling of these values
across their lifetime. I expect that the best way to do this would be to
start at the virtual register level and push support up to IR values as
well if and only if machine IR turns out to be insufficient.
Is this a good idea? Does something to support register pinning already
exist? I'm unfortunately not familiar enough with the register allocators
to know how to best support this, although I'm willing to give it a try if
people can point me in the right direction.
Thanks,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20151102/df93d380/attachment.html>
More information about the llvm-dev
mailing list