projects / platform / upstream / gcc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eae52f3) | patch
i386: Add __x86_indirect_thunk_nt_reg for -fcf-protection -mcet
authorH.J. Lu <hongjiu.lu@intel.com>
Thu, 22 Feb 2018 17:09:06 +0000 (17:09 +0000)
committerH.J. Lu <hjl@gcc.gnu.org>
Thu, 22 Feb 2018 17:09:06 +0000 (09:09 -0800)
commit73b8b82295fb286c2d5b01c200fcd6732a96c2a8
tree74872a581bf4597a9147fbaf2d607e96f1bd5729tree | snapshot
parenteae52f300e0f1c71ac69b83495bc9a170330e95bcommit | diff
i386: Add __x86_indirect_thunk_nt_reg for -fcf-protection -mcet

nocf_check attribute can be used with -fcf-protection -mcet to disable
control-flow check by adding NOTRACK prefix before indirect branch.
When -mindirect-branch=thunk-extern -mindirect-branch-register is added,
indirect branch via register, "notrack call/jmp reg", is converted to

    call/jmp __x86_indirect_thunk_nt_reg

When running on machines with CET enabled, __x86_indirect_thunk_nt_reg
can be updated to

    notrack jmp reg

at run-time to restore NOTRACK prefix in the original indirect branch.

Since we don't support -mindirect-branch=thunk-extern, CET and MPX at
the same time, -mindirect-branch=thunk-extern is disallowed with
-fcf-protection=branch and -fcheck-pointer-bounds.

Tested on i686 and x86-64.

gcc/

PR target/84176
* config/i386/i386.c (ix86_set_indirect_branch_type): Issue an
error when -mindirect-branch=thunk-extern, -fcf-protection=branch
and -fcheck-pointer-bounds are used together.
(indirect_thunk_prefix): New enum.
(indirect_thunk_need_prefix): New function.
(indirect_thunk_name): Replace need_bnd_p with need_prefix.  Use
"_nt" instead of "_bnd" for NOTRACK prefix.
(output_indirect_thunk): Replace need_bnd_p with need_prefix.
(output_indirect_thunk_function): Likewise.
(): Likewise.
(ix86_code_end): Update output_indirect_thunk_function calls.
(ix86_output_indirect_branch_via_reg): Replace
ix86_bnd_prefixed_insn_p with indirect_thunk_need_prefix.
(ix86_output_indirect_branch_via_push): Likewise.
(ix86_output_function_return): Likewise.
* doc/invoke.texi: Document -mindirect-branch=thunk-extern is
incompatible with -fcf-protection=branch and
-fcheck-pointer-bounds.

gcc/testsuite/

PR target/84176
* gcc.target/i386/indirect-thunk-11.c: New test.
* gcc.target/i386/indirect-thunk-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-12.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-13.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-14.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-15.c: Likewise.
* gcc.target/i386/indirect-thunk-attr-16.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-10.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-8.c: Likewise.
* gcc.target/i386/indirect-thunk-extern-9.c: Likewise.

From-SVN: r257909
14 files changed:
gcc/ChangeLog diff | blob | history
gcc/config/i386/i386.c diff | blob | history
gcc/doc/invoke.texi diff | blob | history
gcc/testsuite/ChangeLog diff | blob | history
gcc/testsuite/gcc.target/i386/indirect-thunk-11.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-12.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-attr-12.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-attr-13.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-attr-14.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-attr-15.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-attr-16.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-extern-10.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-extern-8.c [new file with mode: 0644] blob
gcc/testsuite/gcc.target/i386/indirect-thunk-extern-9.c [new file with mode: 0644] blob
Domain: System / Toolchain;