From patchwork Tue May 10 16:20:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 1629270 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.a=rsa-sha256 header.s=default header.b=g0tU8/wn; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KyNZj0M1kz9sG5 for ; Wed, 11 May 2022 02:21:16 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A8829395445E for ; Tue, 10 May 2022 16:21:13 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A8829395445E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1652199673; bh=u/g700e2athbJEMjzyD0BYTPelU23Ls3lj1/vP1yV8g=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=g0tU8/wnf7pzakw8KD8K9xE/WNzuq5do9awbXluLwaiQsDzFSl+Hv1MTY6RzoM7Mp jSMF6J2phRJp5Q9/ibof3qMistSOCtV1J3LYIpKfvpyYV4XKMgOXikw43Jv3U2Cy6x fhAtKm2HsJ7qzDjm+iLfPW2MjE3jpfDICLnXq+j4= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) by sourceware.org (Postfix) with ESMTPS id 556F7385DC3B for ; Tue, 10 May 2022 16:20:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 556F7385DC3B Received: by mail-pg1-x52f.google.com with SMTP id r192so10863216pgr.6 for ; Tue, 10 May 2022 09:20:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=u/g700e2athbJEMjzyD0BYTPelU23Ls3lj1/vP1yV8g=; b=okGYhOLYqopBEXWb23OzmKynsCWFevd7V6pKSrHzCDVG+cjmy3B/hO3d5bHxdNYuwF SjIJid4KoitlME0rrFGzh/Z78D7wYwwajcNGWFGZtXaKP8YnuKwrfEXLezyu9gTb3RaS xgVN24OkiahMJ5qPJznBN9wHH8Nuz8VQCNeUNYoh98VwcYj3qInlRWpHUZmSSYbVqsuu oIqnqoe82RUMhf2ZFQjhKNKKDO9Aae+q2eHNLAN2ACEyV/UriqZ0QowX7Kif3/0jACSC jyVxp1NHVJcnw2LEfSzO8lwIwoO/2/NXnp51uzMPwtLYn2SWl9raN+ZPrxkTfNp8dqh6 h5Ag== X-Gm-Message-State: AOAM531uF4UqJX8+YMtjR5MoKfDfte41qd+Zr6e/vqizjqpd7gFIEbVs nqbUsbPTPqR3TmGAov3EBbbNTgPiFOg= X-Google-Smtp-Source: ABdhPJzioe1G1YwhiYwCVqDHnmGeYXuU2S+pqqp5zi2Gp4az3bw8QahMypiOyQHtFcDH7zhf72PU9g== X-Received: by 2002:a62:e117:0:b0:510:c651:229a with SMTP id q23-20020a62e117000000b00510c651229amr2566908pfh.67.1652199651825; Tue, 10 May 2022 09:20:51 -0700 (PDT) Received: from gnu-tgl-3.localdomain ([172.58.88.122]) by smtp.gmail.com with ESMTPSA id b6-20020a170902a9c600b0015e8d4eb1desm2295591plr.40.2022.05.10.09.20.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 May 2022 09:20:51 -0700 (PDT) Received: from gnu-tgl-3.. (localhost [IPv6:::1]) by gnu-tgl-3.localdomain (Postfix) with ESMTP id CB75FC03A6; Tue, 10 May 2022 09:20:49 -0700 (PDT) To: gcc-patches@gcc.gnu.org Subject: [PATCH] x86: Document -mno-cet-switch Date: Tue, 10 May 2022 09:20:49 -0700 Message-Id: <20220510162049.2686945-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Spam-Status: No, score=-3028.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: "H.J. Lu via Gcc-patches" From: "H.J. Lu" Reply-To: "H.J. Lu" Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org Sender: "Gcc-patches" When -fcf-protection=branch is used, the compiler will generate jump tables where the indirect jump is prefixed with the NOTRACK prefix, so it can jump to non-ENDBR targets. Yet, for NOTRACK prefixes to work, the NOTRACK specific enable bit must be set, what renders the binary broken on any environment where this is not the case. In fact, having NOTRACK disabled was a design choice for the Linux kernel CET support. Generate jump tables with ENDBR and skip the NOTRACK prefix for indirect jump. Document -mno-cet-switch to turn off CET instrumentation on jump tables for switch statements. gcc/ PR target/104816 * config/i386/i386.opt: Turn on -mcet-switch by default. * doc/invoke.texi: Document -mno-cet-switch. gcc/testsuite/ * gcc.target/i386/cet-switch-1.c: Add -mno-cet-switch. * gcc.target/i386/cet-switch-2.c: Remove -mcet-switch. * gcc.target/i386/cet-switch-3.c: Likewise. --- gcc/config/i386/i386.opt | 2 +- gcc/doc/invoke.texi | 9 ++++++++- gcc/testsuite/gcc.target/i386/cet-switch-1.c | 2 +- gcc/testsuite/gcc.target/i386/cet-switch-2.c | 2 +- gcc/testsuite/gcc.target/i386/cet-switch-3.c | 2 +- 5 files changed, 12 insertions(+), 5 deletions(-) diff --git a/gcc/config/i386/i386.opt b/gcc/config/i386/i386.opt index a6b0e28f238..96b4a433e44 100644 --- a/gcc/config/i386/i386.opt +++ b/gcc/config/i386/i386.opt @@ -1047,7 +1047,7 @@ Enable shadow stack built-in functions from Control-flow Enforcement Technology (CET). mcet-switch -Target Undocumented Var(flag_cet_switch) Init(0) +Target Var(flag_cet_switch) Init(1) Turn on CET instrumentation for switch statements that use a jump table and an indirect jump. diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 7a35d9613a4..8bb96c5938a 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -1420,7 +1420,8 @@ See RS/6000 and PowerPC Options. -msse4a -m3dnow -m3dnowa -mpopcnt -mabm -mbmi -mtbm -mfma4 -mxop @gol -madx -mlzcnt -mbmi2 -mfxsr -mxsave -mxsaveopt -mrtm -mhle -mlwp @gol -mmwaitx -mclzero -mpku -mthreads -mgfni -mvaes -mwaitpkg @gol --mshstk -mmanual-endbr -mforce-indirect-call -mavx512vbmi2 -mavx512bf16 -menqcmd @gol +-mshstk -mmanual-endbr -mno-cet-switch -mforce-indirect-call @gol +-mavx512vbmi2 -mavx512bf16 -menqcmd @gol -mvpclmulqdq -mavx512bitalg -mmovdiri -mmovdir64b -mavx512vpopcntdq @gol -mavx5124fmaps -mavx512vnni -mavx5124vnniw -mprfchw -mrdpid @gol -mrdseed -msgx -mavx512vp2intersect -mserialize -mtsxldtrk@gol @@ -32641,6 +32642,12 @@ function attribute. This is useful when used with the option @option{-fcf-protection=branch} to control ENDBR insertion at the function entry. +@item -mno-cet-switch +@opindex mno-cet-switch +@opindex mcet-switch +Turn off CET instrumentation for switch statements that use a jump table +and an indirect jump. The default is @option{mcet-switch}. + @item -mcall-ms2sysv-xlogues @opindex mcall-ms2sysv-xlogues @opindex mno-call-ms2sysv-xlogues diff --git a/gcc/testsuite/gcc.target/i386/cet-switch-1.c b/gcc/testsuite/gcc.target/i386/cet-switch-1.c index afe5adc2f3d..4931c3ad1d2 100644 --- a/gcc/testsuite/gcc.target/i386/cet-switch-1.c +++ b/gcc/testsuite/gcc.target/i386/cet-switch-1.c @@ -1,6 +1,6 @@ /* Verify that CET works. */ /* { dg-do compile } */ -/* { dg-options "-O -fcf-protection" } */ +/* { dg-options "-O -fcf-protection -mno-cet-switch" } */ /* { dg-final { scan-assembler-times "endbr32" 1 { target ia32 } } } */ /* { dg-final { scan-assembler-times "endbr64" 1 { target { ! ia32 } } } } */ /* { dg-final { scan-assembler-times "notrack jmp\[ \t]+\[*]" 1 } } */ diff --git a/gcc/testsuite/gcc.target/i386/cet-switch-2.c b/gcc/testsuite/gcc.target/i386/cet-switch-2.c index 69ddc6fd5b7..11578d1a30c 100644 --- a/gcc/testsuite/gcc.target/i386/cet-switch-2.c +++ b/gcc/testsuite/gcc.target/i386/cet-switch-2.c @@ -1,6 +1,6 @@ /* Verify that CET works. */ /* { dg-do compile } */ -/* { dg-options "-O -fcf-protection -mcet-switch" } */ +/* { dg-options "-O -fcf-protection" } */ /* { dg-final { scan-assembler-times "endbr32" 12 { target ia32 } } } */ /* { dg-final { scan-assembler-times "endbr64" 12 { target { ! ia32 } } } } */ /* { dg-final { scan-assembler-times "\[ \t]+jmp\[ \t]+\[*]" 1 } } */ diff --git a/gcc/testsuite/gcc.target/i386/cet-switch-3.c b/gcc/testsuite/gcc.target/i386/cet-switch-3.c index 0d9ed4488dd..a4e2e4dfc16 100644 --- a/gcc/testsuite/gcc.target/i386/cet-switch-3.c +++ b/gcc/testsuite/gcc.target/i386/cet-switch-3.c @@ -1,6 +1,6 @@ /* Verify that CET works. */ /* { dg-do compile } */ -/* { dg-options "-O -fcf-protection -mcet-switch" } */ +/* { dg-options "-O -fcf-protection" } */ /* { dg-final { scan-assembler-times "endbr32" 12 { target ia32 } } } */ /* { dg-final { scan-assembler-times "endbr64" 12 { target { ! ia32 } } } } */ /* { dg-final { scan-assembler-times "\[ \t]+jmp\[ \t]+\[*]" 1 } } */