On Thu, Apr 19, 2018 at 3:30 PM, H.J. Lu <hjl.to...@gmail.com> wrote:
> On Wed, Apr 18, 2018 at 01:35:33PM +0200, Richard Biener wrote:
>> On Wed, Apr 18, 2018 at 1:24 PM, H.J. Lu <hjl.to...@gmail.com> wrote:
>> > On Tue, Apr 17, 2018 at 12:25 PM, H.J. Lu <hjl.to...@gmail.com> wrote:
>> >> On Tue, Apr 17, 2018 at 12:25 PM, H.J. Lu <hjl.to...@gmail.com> wrote:
>> >>> On Tue, Apr 17, 2018 at 12:03 PM, H.J. Lu <hjl.to...@gmail.com> wrote:
>> >>>> On Tue, Apr 17, 2018 at 11:55 AM, Uros Bizjak <ubiz...@gmail.com> wrote:
>> >>>>> On Tue, Apr 17, 2018 at 8:42 PM, H.J. Lu <hongjiu...@intel.com> wrote:
>> >>>>>> -fcf-protection -mcet can't be used with IFUNC features, like symbol
>> >>>>>> multiversioning or target clone, since IBT/SHSTK are applied to the
>> >>>>>> whole
>> >>>>>> program and they may be disabled in some functions. But
>> >>>>>> -fcf-protection
>> >>>>>> is implemented with multi-byte NOPs on all 64-bit processors as well
>> >>>>>> as
>> >>>>>> 32-bit processors starting with Pentium Pro. If -fcf-protection
>> >>>>>> requires
>> >>>>>> -mcet, IFUNC features can't be used on Linux when -fcf-protection is
>> >>>>>> enabled by default.
>> >>>>>>
>> >>>>>> This patch changes -fcf-protection to to enable the NOP portion of CET
>> >>>>>> ISAs unless IBT and/or SHSTK are disabled explicitly. The rest of CET
>> >>>>>> ISAs, including intrinsics, still requires -mcet, -mibt or -mshstk.
>> >>>>>>
>> >>>>>> OK for trunk?
>> >>>>>
>> >>>>> As said in the PR, NOP sequences have non-zero cost in the executable
>> >>>>> (they enlarge the executable), so I don't think this feature should be
>> >>>>> enabled by default.
>> >>>>>
>> >>>>> There is always a configure option if someone wants their compiler to
>> >>>>> always emit relevant multi-byte nops.
>> >>>>
>> >>>> What we need is an option to enable -fcf-function with multi-byte NOPs
>> >>>> without -mcet which enables the full CET ISAs. A configure option
>> >>>> without the corresponding the command-line option makes test and
>> >>>> debug difficult. I can add
>> >>>>
>> >>>> --enable-cf-function-nop or --with-cf-function-nop
>> >>>>
>> >>>> with
>> >>>>
>> >>>> -fct-function-nop
>> >>>>
>> >>>
>> >>> How about adding -mno-cet, which enables the NOP portion of CET
>> >>
>> >> I meant -mnop-cet, not -mno-cet.
>> >>
>> >
>> > Here is a patch to add -mnop and use it with -fcf-protection.
>>
>> +mnop
>> +Target Report Var(flag_nop) Init(0)
>> +Support multi-byte NOP code generation.
>>
>> the option name is incredibly bad and the documentation doesn't make it
>> better either. The invoke.texi docs refer to duplicate {-mcet}.
>>
>> Isn't there a -fcf-protection sub-set that can be used to automatically
>> enable this? Or simply do this mode by default when
>> -fcf-protection is used but neither -mcet nor -mibt is enabled?
>>
>
> Since multi-byte NOPs are used to implement -fcf-protection on x86, we
> propose a new design for -fcf-protection:
>
> 1. -fcf-protection option will report the unsupported error on non-x86
> platform. On x86 platform it's supported and inserts endbr-nop
> instructions and properties, depending on its value (full/branch/return)
> 2. -mcet/-mibt/-mshstk options control intrinsics only.
> 3. These options are independent and do not influence each other so no
> need for cross checking between them.
>
> OK for trunk?
This patch touches only CET related code, so Igor's OK should be enough.
Uros.
