https://gcc.gnu.org/bugzilla/show_bug.cgi?id=125894
Bug ID: 125894
Summary: RFE: Fill unreachable function alignment padding with
poison
Product: gcc
Version: 17.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: hpa at zytor dot com
Target Milestone: ---
When aligning functions, gas fills them with nops. Under unfavorable
circumstances, those can be used as a "nop slide", which is a technique to
increase the attack surface of a piece of code.
gas cannot by itself know if an alignment statement may be traversed or not.
However, gcc *does* (presumably) have that information, and could pass it along
to gas.
For example, on x86, one option is to use the breakpoint instruction (0xcc):
.balign 64, 0xcc
On x86-64, the UDB instruction (0xd6) is another alternative.
On many other architectures an instruction alignment datum that is either all
00 or all FF generate traps and are thus also suitable.
