CVSROOT: /cvs
Module name: src
Changes by: morti...@cvs.openbsd.org 2017/11/20 20:01:58
Modified files:
gnu/llvm/lib/Target/X86: X86RegisterInfo.td
Log message:
The compiler is generally free to allocate general purpose registers in whatever
order it chooses. Reasons for choosing one register before another usually incl
ude compiled instruction size (avoidance of REX prefixes, etc.) or usage convent
ions, but somehow haven't included security implications in the compiled bytecod
e. Some bytecode is more useful in polymorphic ROP sequences than others, so it
seems prudent to try to avoid that bytecode when possible.
This patch moves EBX/RBX towards the end of the allocation preference for 32 and
64 bit general purpose registers. Some instructions using RBX/EBX/BX/BL as a de
stination register end up with a ModR/M byte of C3 or CB, which is often useful
in ROP gadgets. Because these gadgets often occur in the middle of functions, th
ey exhibit somewhat higher diversity than some other C3/CB terminated gadgets. T
his change removes about 3% of total gadgets from the kernel, but about 6% of un
ique gadgets.
There are other possible changes in this direction. BX/BL are obvious next targe
ts for avoidance, and MM3/XMM3 may also be useful to try to avoid if possible.
ok deraadt@
