re PR target/80180 (Incorrect codegen from rdseed intrinsic use (CVE-2017-11671))

	PR target/80180
	* config/i386/i386.c (ix86_expand_builtin)
	<IX86_BUILTIN_RDSEED{16,32,64}_STEP>: Do not expand arg0 between
	flags reg setting and flags reg using instructions.
	<IX86_BUILTIN_RDRAND{16,32,64}_STEP>: Ditto.  Use non-flags reg
	clobbering instructions to zero extend op2.

From-SVN: r246475

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index b8af4b6..1e4df00 100644 (file)
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,12 @@
+2017-03-25  Uros Bizjak  <ubizjak@gmail.com>
+
+       PR target/80180
+       * config/i386/i386.c (ix86_expand_builtin)
+       <IX86_BUILTIN_RDSEED{16,32,64}_STEP>: Do not expand arg0 between
+       flags reg setting and flags reg using instructions.
+       <IX86_BUILTIN_RDRAND{16,32,64}_STEP>: Ditto.  Use non-flags reg
+       clobbering instructions to zero extend op2.
+
 2017-03-25  Gerald Pfeifer  <gerald@pfeifer.com>
 
        * doc/install.texi (Configuration) <--with-aix-soname>:

diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index 0f7e029..bb0debf 100644 (file)
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -37572,9 +37572,6 @@ ix86_expand_builtin (tree exp, rtx target, rtx subtarget,
       mode0 = DImode;
 
 rdrand_step:
-      op0 = gen_reg_rtx (mode0);
-      emit_insn (GEN_FCN (icode) (op0));
-
       arg0 = CALL_EXPR_ARG (exp, 0);
       op1 = expand_normal (arg0);
       if (!address_operand (op1, VOIDmode))
@@ -37582,6 +37579,10 @@ rdrand_step:
          op1 = convert_memory_address (Pmode, op1);
          op1 = copy_addr_to_reg (op1);
        }
+
+      op0 = gen_reg_rtx (mode0);
+      emit_insn (GEN_FCN (icode) (op0));
+
       emit_move_insn (gen_rtx_MEM (mode0, op1), op0);
 
       op1 = gen_reg_rtx (SImode);
@@ -37590,8 +37591,20 @@ rdrand_step:
       /* Emit SImode conditional move.  */
       if (mode0 == HImode)
        {
-         op2 = gen_reg_rtx (SImode);
-         emit_insn (gen_zero_extendhisi2 (op2, op0));
+         if (TARGET_ZERO_EXTEND_WITH_AND
+             && optimize_function_for_speed_p (cfun))
+           {
+             op2 = force_reg (SImode, const0_rtx);
+
+             emit_insn (gen_movstricthi
+                        (gen_lowpart (HImode, op2), op0));
+           }
+         else
+           {
+             op2 = gen_reg_rtx (SImode);
+
+             emit_insn (gen_zero_extendhisi2 (op2, op0));
+           }
        }
       else if (mode0 == SImode)
        op2 = op0;
@@ -37623,9 +37636,6 @@ rdrand_step:
       mode0 = DImode;
 
 rdseed_step:
-      op0 = gen_reg_rtx (mode0);
-      emit_insn (GEN_FCN (icode) (op0));
-
       arg0 = CALL_EXPR_ARG (exp, 0);
       op1 = expand_normal (arg0);
       if (!address_operand (op1, VOIDmode))
@@ -37633,6 +37643,10 @@ rdseed_step:
          op1 = convert_memory_address (Pmode, op1);
          op1 = copy_addr_to_reg (op1);
        }
+
+      op0 = gen_reg_rtx (mode0);
+      emit_insn (GEN_FCN (icode) (op0));
+
       emit_move_insn (gen_rtx_MEM (mode0, op1), op0);
 
       op2 = gen_reg_rtx (QImode);