[Cryptography] How to lock registers with GCC?

[Jerry Leichter]

> On May 8, 2014, at 7:56 PM, tpb-crypto at laposte.net wrote:
> 
> While making an encryption routine I stumbled upon the possibility of using a register to keep the key, while erasing it from memory.
> 
> By using assembly it is possible to keep that register unchanged and use others to do stuff. That would make easy to build routines, if not by the bare metal programming part, lol.
> 
> Is it possible to give a directive to GCC while compiling and/or does it support some macro/routine/directive/library/whatever, that would allow to load values into processor registers and then lock one or two registers, which would become unchangeable? 
This used to be possible. I recall some experimental languages that generated C but somehow reserved a register. It may have been as simple as creating a fake target description for the back end that didn't know about one of the registers. Of course then you have to use assembler somehow to get at that register.  Or it could have been so long ago that the compiler on question actually implemented the C register storage class in a simple and predictable fashion. 

I can't imagine any way to do this in an even vaguely portable fashion unless you specifically designed you compiler to allow it - unlikely as the demand is so limited. 

It's also not clear this will help you much. Any time the OS deschedules your process, it will spill the registers into memory - in fact, into memory you know nothing about and can't do anything with. 

People have played around with encryption kernel algorithms that keep all state in registers, but this only seems possible with complete control of the hardware - assembler code within the OS running on non-virtualized hardware. Might make sense for embedded code, maybe a hardware crypto module. 

                                            -- Jerry