From c113b59ef52593818bcd207521fd490ba3deeaea Mon Sep 17 00:00:00 2001 From: Kristof Beyls Date: Mon, 25 May 2020 15:48:22 +0100 Subject: [PATCH] [AArch64] Add clang command line support for -mharden-sls= The accepted options to -mharden-sls= are: * all: enable all mitigations against Straight Line Speculation that are implemented. * none: disable all mitigations against Straight Line Speculation. * retbr: enable the mitigation against Straight Line Speculation for RET and BR instructions. * blr: enable the mitigation against Straight Line Speculation for BLR instructions. Differential Revision: https://reviews.llvm.org/D81404 --- clang/include/clang/Basic/DiagnosticDriverKinds.td | 2 + clang/include/clang/Driver/Options.td | 3 ++ clang/lib/Driver/ToolChains/Arch/AArch64.cpp | 33 ++++++++++++++++ clang/test/Driver/aarch64-sls-hardening-options.c | 45 ++++++++++++++++++++++ 4 files changed, 83 insertions(+) create mode 100644 clang/test/Driver/aarch64-sls-hardening-options.c diff --git a/clang/include/clang/Basic/DiagnosticDriverKinds.td b/clang/include/clang/Basic/DiagnosticDriverKinds.td index 28747e8..dcb3b96 100644 --- a/clang/include/clang/Basic/DiagnosticDriverKinds.td +++ b/clang/include/clang/Basic/DiagnosticDriverKinds.td @@ -334,6 +334,8 @@ def warn_drv_object_size_disabled_O0 : Warning< InGroup, DefaultWarnNoWerror; def err_invalid_branch_protection: Error < "invalid branch protection option '%0' in '%1'">; +def err_invalid_sls_hardening : Error< + "invalid sls hardening option '%0' in '%1'">; def note_drv_command_failed_diag_msg : Note< "diagnostic msg: %0">; diff --git a/clang/include/clang/Driver/Options.td b/clang/include/clang/Driver/Options.td index 86d8936..7ee59e5 100644 --- a/clang/include/clang/Driver/Options.td +++ b/clang/include/clang/Driver/Options.td @@ -2313,6 +2313,9 @@ def msign_return_address_EQ : Joined<["-"], "msign-return-address=">, def mbranch_protection_EQ : Joined<["-"], "mbranch-protection=">, HelpText<"Enforce targets of indirect branches and function returns">; +def mharden_sls_EQ : Joined<["-"], "mharden-sls=">, + HelpText<"Select straight-line speculation hardening scope">; + def msimd128 : Flag<["-"], "msimd128">, Group; def munimplemented_simd128 : Flag<["-"], "munimplemented-simd128">, Group; def mno_unimplemented_simd128 : Flag<["-"], "mno-unimplemented-simd128">, Group; diff --git a/clang/lib/Driver/ToolChains/Arch/AArch64.cpp b/clang/lib/Driver/ToolChains/Arch/AArch64.cpp index e71655b..4c198a6 100644 --- a/clang/lib/Driver/ToolChains/Arch/AArch64.cpp +++ b/clang/lib/Driver/ToolChains/Arch/AArch64.cpp @@ -218,6 +218,39 @@ void aarch64::getAArch64TargetFeatures(const Driver &D, D.Diag(diag::err_drv_invalid_mtp) << A->getAsString(Args); } + // Enable/disable straight line speculation hardening. + if (Arg *A = Args.getLastArg(options::OPT_mharden_sls_EQ)) { + StringRef Scope = A->getValue(); + bool EnableRetBr = false; + bool EnableBlr = false; + if (Scope != "none" && Scope != "all") { + SmallVector Opts; + Scope.split(Opts, ","); + for (auto Opt : Opts) { + Opt = Opt.trim(); + if (Opt == "retbr") { + EnableRetBr = true; + continue; + } + if (Opt == "blr") { + EnableBlr = true; + continue; + } + D.Diag(diag::err_invalid_sls_hardening) + << Scope << A->getAsString(Args); + break; + } + } else if (Scope == "all") { + EnableRetBr = true; + EnableBlr = true; + } + + if (EnableRetBr) + Features.push_back("+harden-sls-retbr"); + if (EnableBlr) + Features.push_back("+harden-sls-blr"); + } + // En/disable crc if (Arg *A = Args.getLastArg(options::OPT_mcrc, options::OPT_mnocrc)) { if (A->getOption().matches(options::OPT_mcrc)) diff --git a/clang/test/Driver/aarch64-sls-hardening-options.c b/clang/test/Driver/aarch64-sls-hardening-options.c new file mode 100644 index 0000000..250007a --- /dev/null +++ b/clang/test/Driver/aarch64-sls-hardening-options.c @@ -0,0 +1,45 @@ +// Check the -mharden-sls= option, which has a required argument to select +// scope. +// RUN: %clang -target aarch64--none-eabi -c %s -### 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-OFF --check-prefix=BLR-OFF + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=none 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-OFF --check-prefix=BLR-OFF + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=retbr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-ON --check-prefix=BLR-OFF + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=blr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-OFF --check-prefix=BLR-ON + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=blr -mharden-sls=none 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-OFF --check-prefix=BLR-OFF + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=blr -mharden-sls=retbr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-ON --check-prefix=BLR-OFF + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=retbr,blr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-ON --check-prefix=BLR-ON + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=all 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-ON --check-prefix=BLR-ON + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=retbr,blr,retbr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=RETBR-ON --check-prefix=BLR-ON + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=retbr,blr,r 2>&1 | \ +// RUN: FileCheck %s --check-prefix=BAD-SLS-SPEC + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=none,blr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=BAD-SLS-SPEC + +// RUN: %clang -target aarch64--none-eabi -c %s -### -mharden-sls=all,-blr 2>&1 | \ +// RUN: FileCheck %s --check-prefix=BAD-SLS-SPEC + +// RETBR-OFF-NOT: "harden-sls-retbr" +// RETBR-ON: "+harden-sls-retbr" + +// BLR-OFF-NOT: "harden-sls-blr" +// BLR-ON: "+harden-sls-blr" + +// BAD-SLS-SPEC: invalid sls hardening option '{{[^']+}}' in '-mharden-sls= -- 2.7.4