| commit | 95b8f16f0c0ceef491a2b776533935877829fe0d | |
| author | hjl <hjl@138bc75d-0d04-0410-961f-82ee72b054a4> | |
| Thu, 22 Feb 2018 17:09:06 +0000 (22 17:09 +0000) | ||
| committer | hjl <hjl@138bc75d-0d04-0410-961f-82ee72b054a4> | |
| Thu, 22 Feb 2018 17:09:06 +0000 (22 17:09 +0000) | ||
| tree | 74872a581bf4597a9147fbaf2d607e96f1bd5729 | treesnapshot (tar.gz zip) |
| parent | 7c4fed1a209893e34690cd1db979c3a67fe8cadc | commitdiff |
i386: Add __x86_indirect_thunk_nt_reg for -fcf-protection -mcet
nocf_check attribute can be used with -fcf-protection -mcet to disable
control-flow check by adding NOTRACK prefix before indirect branch.
When -mindirect-branch=thunk-extern -mindirect-branch-register is added,
indirect branch via register, "notrack call/jmp reg", is converted to
call/jmp __x86_indirect_thunk_nt_reg
When running on machines with CET enabled, __x86_indirect_thunk_nt_reg
can be updated to
notrack jmp reg
at run-time to restore NOTRACK prefix in the original indirect branch.
Since we don't support -mindirect-branch=thunk-extern, CET and MPX at
the same time, -mindirect-branch=thunk-extern is disallowed with
-fcf-protection=branch and -fcheck-pointer-bounds.
Tested on i686 and x86-64.
gcc/
PR target/84176
* config/i386/i386.c (ix86_set_indirect_branch_type): Issue an
error when -mindirect-branch=thunk-extern, -fcf-protection=branch
and -fcheck-pointer-bounds are used together.
(indirect_thunk_prefix): New enum.
(indirect_thunk_need_prefix): New function.
(indirect_thunk_name): Replace need_bnd_p with need_prefix. Use
"_nt" instead of "_bnd" for NOTRACK prefix.
(output_indirect_thunk): Replace need_bnd_p with need_prefix.
(output_indirect_thunk_function): Likewise.
(): Likewise.
(ix86_code_end): Update output_indirect_thunk_function calls.
(ix86_output_indirect_branch_via_reg): Replace
ix86_bnd_prefixed_insn_p with indirect_thunk_need_prefix.
(ix86_output_indirect_branch_via_push): Likewise.
(ix86_output_function_return): Likewise.
* doc/invoke.texi: Document -mindirect-branch=thunk-extern is
incompatible with -fcf-protection=branch and
-fcheck-pointer-bounds.
gcc/testsuite/
PR target/84176
* gcc.target/i386/indirect-thunk-11.c: New test.
* gcc.target/i386/indirect-thunk-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-13.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-14.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-15.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-16.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-10.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-8.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-9.c: Likewise.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@257909 138bc75d-0d04-0410-961f-82ee72b054a4
nocf_check attribute can be used with -fcf-protection -mcet to disable
control-flow check by adding NOTRACK prefix before indirect branch.
When -mindirect-branch=thunk-extern -mindirect-branch-register is added,
indirect branch via register, "notrack call/jmp reg", is converted to
call/jmp __x86_indirect_thunk_nt_reg
When running on machines with CET enabled, __x86_indirect_thunk_nt_reg
can be updated to
notrack jmp reg
at run-time to restore NOTRACK prefix in the original indirect branch.
Since we don't support -mindirect-branch=thunk-extern, CET and MPX at
the same time, -mindirect-branch=thunk-extern is disallowed with
-fcf-protection=branch and -fcheck-pointer-bounds.
Tested on i686 and x86-64.
gcc/
PR target/84176
* config/i386/i386.c (ix86_set_indirect_branch_type): Issue an
error when -mindirect-branch=thunk-extern, -fcf-protection=branch
and -fcheck-pointer-bounds are used together.
(indirect_thunk_prefix): New enum.
(indirect_thunk_need_prefix): New function.
(indirect_thunk_name): Replace need_bnd_p with need_prefix. Use
"_nt" instead of "_bnd" for NOTRACK prefix.
(output_indirect_thunk): Replace need_bnd_p with need_prefix.
(output_indirect_thunk_function): Likewise.
(): Likewise.
(ix86_code_end): Update output_indirect_thunk_function calls.
(ix86_output_indirect_branch_via_reg): Replace
ix86_bnd_prefixed_insn_p with indirect_thunk_need_prefix.
(ix86_output_indirect_branch_via_push): Likewise.
(ix86_output_function_return): Likewise.
* doc/invoke.texi: Document -mindirect-branch=thunk-extern is
incompatible with -fcf-protection=branch and
-fcheck-pointer-bounds.
gcc/testsuite/
PR target/84176
* gcc.target/i386/indirect-thunk-11.c: New test.
* gcc.target/i386/indirect-thunk-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-13.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-14.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-15.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-16.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-10.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-8.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-9.c: Likewise.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@257909 138bc75d-0d04-0410-961f-82ee72b054a4
14 files changed: