On Thu, Apr 19, 2018 at 3:37 PM, Jakub Jelinek <ja...@redhat.com> wrote:
> On Thu, Apr 19, 2018 at 03:08:06PM -0700, H.J. Lu wrote:
>> > As -fcf-protection and -mcet/-mibt/-mshstk are are disjoint and
>> > control different parts I agree with
>> >
>> > + if ((isa_flag & OPTION_MASK_ISA_SHSTK))
>> > + def_or_undef (parse_in, "__SHSTK__");
>> > + if (flag_cf_protection != CF_NONE)
>> > + def_or_undef (parse_in, "__CET__");
>> >
>> > Why __CET_IBT__ and __CET_SHSTK__ are needed? Moreover the naming is
>> > confusing as 'IBT' and 'SHSTK' are related to HW features which are
>> > controlled
>> > by -m options. __CET__ seems to be enough.
>> >
>>
>> One needs to know if IBT and SHSTK are enabled by -fcf-protection. They will
>> be checked by <cet.h> and glibc.
>
> So can't you define __CET__ to 3 if CF_FULL, to 1 if CF_BRANCH and 2 if
> CF_RETURN? Then if code doesn't care which one it is, it can just #ifdef
> __CET__, otherwise it can test which of those is enabled.
> Implementation-wise it would probably need to be:
> if (flag_cf_protection != CF_NONE)
> {
> if (def_or_undef == cpp_undef)
> def_or_undef (parse_in, "__CET__");
> else if ((flag_cf_protection & CF_FULL) == CF_FULL)
> def_or_undef (parse_in, "__CET__=3");
> else if (flag_cf_protection & CF_BRANCH)
> def_or_undef (parse_in, "__CET__=1");
> else if (flag_cf_protection & CF_RETURN)
> def_or_undef (parse_in, "__CET__=2");
> }
> or so. Actually, because it doesn't depend on something that can change
> depending on target attributes, it probably doesn't even belong in this
> function, but to ix86_target_macros and there you can just cpp_define
> it, don't deal with cpp_undef at all.
Something like this?
--
H.J.
From 435b905d0dd60c3e6b00f42d7614a47972d69551 Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.to...@gmail.com>
Date: Thu, 19 Apr 2018 14:09:51 -0700
Subject: [PATCH] Define __CET__ with flag_cf_protection and remove -mibt
---
gcc/common/config/i386/i386-common.c | 17 -----------------
gcc/config/i386/cet.h | 6 +++---
gcc/config/i386/i386-c.c | 20 ++++++--------------
gcc/config/i386/i386.c | 2 --
gcc/config/i386/i386.md | 2 +-
gcc/config/i386/i386.opt | 12 ++++--------
gcc/doc/invoke.texi | 23 ++++++-----------------
7 files changed, 20 insertions(+), 62 deletions(-)
diff --git a/gcc/common/config/i386/i386-common.c b/gcc/common/config/i386/i386-common.c
index 0bb2783cfab..74a3490f7a3 100644
--- a/gcc/common/config/i386/i386-common.c
+++ b/gcc/common/config/i386/i386-common.c
@@ -147,7 +147,6 @@ along with GCC; see the file COPYING3. If not see
#define OPTION_MASK_ISA_PKU_SET OPTION_MASK_ISA_PKU
#define OPTION_MASK_ISA_RDPID_SET OPTION_MASK_ISA_RDPID
#define OPTION_MASK_ISA_GFNI_SET OPTION_MASK_ISA_GFNI
-#define OPTION_MASK_ISA_IBT_SET OPTION_MASK_ISA_IBT
#define OPTION_MASK_ISA_SHSTK_SET OPTION_MASK_ISA_SHSTK
#define OPTION_MASK_ISA_VAES_SET OPTION_MASK_ISA_VAES
#define OPTION_MASK_ISA_VPCLMULQDQ_SET OPTION_MASK_ISA_VPCLMULQDQ
@@ -224,7 +223,6 @@ along with GCC; see the file COPYING3. If not see
#define OPTION_MASK_ISA_PKU_UNSET OPTION_MASK_ISA_PKU
#define OPTION_MASK_ISA_RDPID_UNSET OPTION_MASK_ISA_RDPID
#define OPTION_MASK_ISA_GFNI_UNSET OPTION_MASK_ISA_GFNI
-#define OPTION_MASK_ISA_IBT_UNSET OPTION_MASK_ISA_IBT
#define OPTION_MASK_ISA_SHSTK_UNSET OPTION_MASK_ISA_SHSTK
#define OPTION_MASK_ISA_VAES_UNSET OPTION_MASK_ISA_VAES
#define OPTION_MASK_ISA_VPCLMULQDQ_UNSET OPTION_MASK_ISA_VPCLMULQDQ
@@ -546,21 +544,6 @@ ix86_handle_option (struct gcc_options *opts,
return true;
case OPT_mcet:
- case OPT_mibt:
- if (value)
- {
- opts->x_ix86_isa_flags2 |= OPTION_MASK_ISA_IBT_SET;
- opts->x_ix86_isa_flags2_explicit |= OPTION_MASK_ISA_IBT_SET;
- }
- else
- {
- opts->x_ix86_isa_flags2 &= ~OPTION_MASK_ISA_IBT_UNSET;
- opts->x_ix86_isa_flags2_explicit |= OPTION_MASK_ISA_IBT_UNSET;
- }
- if (code != OPT_mcet)
- return true;
- /* fall through. */
-
case OPT_mshstk:
if (value)
{
diff --git a/gcc/config/i386/cet.h b/gcc/config/i386/cet.h
index 9dca41bad2d..c38e594ad92 100644
--- a/gcc/config/i386/cet.h
+++ b/gcc/config/i386/cet.h
@@ -32,7 +32,7 @@
#ifdef __ASSEMBLER__
-# ifdef __IBT__
+# if (__CET__ & 1) != 0
# ifdef __x86_64__
# define _CET_ENDBR endbr64
# else
@@ -44,14 +44,14 @@
# ifdef __ELF__
# ifdef __CET__
-# ifdef __IBT__
+# if (__CET__ & 1) != 0
/* GNU_PROPERTY_X86_FEATURE_1_IBT. */
# define __PROPERTY_IBT 0x1
# else
# define __PROPERTY_IBT 0x0
# endif
-# ifdef __SHSTK__
+# if (__CET__ & 2) != 0
/* GNU_PROPERTY_X86_FEATURE_1_SHSTK. */
# define __PROPERTY_SHSTK 0x2
# else
diff --git a/gcc/config/i386/i386-c.c b/gcc/config/i386/i386-c.c
index fa8b3682b0c..ae7d678e77e 100644
--- a/gcc/config/i386/i386-c.c
+++ b/gcc/config/i386/i386-c.c
@@ -499,20 +499,8 @@ ix86_target_macros_internal (HOST_WIDE_INT isa_flag,
def_or_undef (parse_in, "__RDPID__");
if (isa_flag & OPTION_MASK_ISA_GFNI)
def_or_undef (parse_in, "__GFNI__");
- if ((isa_flag2 & OPTION_MASK_ISA_IBT)
- || (flag_cf_protection & CF_BRANCH))
- {
- def_or_undef (parse_in, "__IBT__");
- if (flag_cf_protection != CF_NONE)
- def_or_undef (parse_in, "__CET__");
- }
- if ((isa_flag & OPTION_MASK_ISA_SHSTK)
- || (flag_cf_protection & CF_RETURN))
- {
- def_or_undef (parse_in, "__SHSTK__");
- if (flag_cf_protection != CF_NONE)
- def_or_undef (parse_in, "__CET__");
- }
+ if ((isa_flag & OPTION_MASK_ISA_SHSTK))
+ def_or_undef (parse_in, "__SHSTK__");
if (isa_flag2 & OPTION_MASK_ISA_VAES)
def_or_undef (parse_in, "__VAES__");
if (isa_flag & OPTION_MASK_ISA_VPCLMULQDQ)
@@ -680,6 +668,10 @@ ix86_target_macros (void)
cpp_define (parse_in, "__SEG_FS");
cpp_define (parse_in, "__SEG_GS");
+
+ if (flag_cf_protection != CF_NONE)
+ cpp_define_formatted (parse_in, "__CET__=%d",
+ flag_cf_protection & ~CF_SET);
}
�
diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index a0435377872..dc80b34f302 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -2766,7 +2766,6 @@ ix86_target_string (HOST_WIDE_INT isa, HOST_WIDE_INT isa2,
{ "-msgx", OPTION_MASK_ISA_SGX },
{ "-mavx5124vnniw", OPTION_MASK_ISA_AVX5124VNNIW },
{ "-mavx5124fmaps", OPTION_MASK_ISA_AVX5124FMAPS },
- { "-mibt", OPTION_MASK_ISA_IBT },
{ "-mhle", OPTION_MASK_ISA_HLE },
{ "-mmovbe", OPTION_MASK_ISA_MOVBE },
{ "-mclzero", OPTION_MASK_ISA_CLZERO },
@@ -5377,7 +5376,6 @@ ix86_valid_target_attribute_inner_p (tree args, char *p_strings[],
IX86_ATTR_ISA ("clwb", OPT_mclwb),
IX86_ATTR_ISA ("rdpid", OPT_mrdpid),
IX86_ATTR_ISA ("gfni", OPT_mgfni),
- IX86_ATTR_ISA ("ibt", OPT_mibt),
IX86_ATTR_ISA ("shstk", OPT_mshstk),
IX86_ATTR_ISA ("vaes", OPT_mvaes),
IX86_ATTR_ISA ("vpclmulqdq", OPT_mvpclmulqdq),
diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md
index 33e8060fa56..a134ca88014 100644
--- a/gcc/config/i386/i386.md
+++ b/gcc/config/i386/i386.md
@@ -20332,7 +20332,7 @@
(define_insn "nop_endbr"
[(unspec_volatile [(const_int 0)] UNSPECV_NOP_ENDBR)]
- "TARGET_IBT || (flag_cf_protection & CF_BRANCH)"
+ "(flag_cf_protection & CF_BRANCH)"
"*
{ return (TARGET_64BIT)? \"endbr64\" : \"endbr32\"; }"
[(set_attr "length" "4")
diff --git a/gcc/config/i386/i386.opt b/gcc/config/i386/i386.opt
index 646cfcbbd3b..815eceb713d 100644
--- a/gcc/config/i386/i386.opt
+++ b/gcc/config/i386/i386.opt
@@ -1008,17 +1008,13 @@ Generate code which uses only the general registers.
mcet
Target Report Var(flag_cet) Init(0)
-Support Control-flow Enforcement Technology (CET) built-in functions.
-
-mibt
-Target Report Mask(ISA_IBT) Var(ix86_isa_flags2) Save
-Specifically enable indirect branch tracking built-in functions from
-Control-flow Enforcement Technology (CET).
+Enable shadow stack built-in functions from Control-flow Enforcement
+Technology (CET).
mshstk
Target Report Mask(ISA_SHSTK) Var(ix86_isa_flags) Save
-Specifically enable shadow stack built-in functions from Control-flow
-Enforcement Technology (CET).
+Enable shadow stack built-in functions from Control-flow Enforcement
+Technology (CET).
mcet-switch
Target Report Undocumented Var(flag_cet_switch) Init(0)
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 0f2c83964f4..43eded693ec 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -1261,7 +1261,7 @@ See RS/6000 and PowerPC Options.
-msse4a -m3dnow -m3dnowa -mpopcnt -mabm -mbmi -mtbm -mfma4 -mxop @gol
-mlzcnt -mbmi2 -mfxsr -mxsave -mxsaveopt -mrtm -mlwp -mmpx @gol
-mmwaitx -mclzero -mpku -mthreads -mgfni -mvaes @gol
--mcet -mibt -mshstk -mforce-indirect-call -mavx512vbmi2 @gol
+-mcet -mshstk -mforce-indirect-call -mavx512vbmi2 @gol
-mvpclmulqdq -mavx512bitalg -mmovdiri -mmovdir64b -mavx512vpopcntdq @gol
-mms-bitfields -mno-align-stringops -minline-all-stringops @gol
-minline-stringops-dynamically -mstringop-strategy=@var{alg} @gol
@@ -27349,11 +27349,6 @@ supported architecture, using the appropriate flags. In particular,
the file containing the CPU detection code should be compiled without
these options.
-The @option{-mcet} option turns on the @option{-mibt} and @option{-mshstk}
-options. The compiler provides a number of built-in functions for
-fine-grained control in a CET-based application. See
-@xref{x86 Built-in Functions}, for more information.
-
@item -mdump-tune-features
@opindex mdump-tune-features
This option instructs GCC to dump the names of the x86 performance
@@ -27446,19 +27441,13 @@ see @ref{Other Builtins} for details.
This option enables use of the @code{movbe} instruction to implement
@code{__builtin_bswap32} and @code{__builtin_bswap64}.
-@item -mibt
-@opindex mibt
-This option enables indirect branch tracking built-in functions from
-x86 Control-flow Enforcement Technology (CET). The option
-@option{-mibt} is on by default when the @code{-mcet} option is
-specified.
-
@item -mshstk
+@itemx -mcet
@opindex mshstk
-This option enables shadow stack built-in functions from x86
-Control-flow Enforcement Technology (CET). The option
-@option{-mshstk} is on by default when the @option{-mcet} option is
-specified.
+@opindex mcet
+The @option{-mshstk} option enables shadow stack built-in functions
+from x86 Control-flow Enforcement Technology (CET). The @option{-mcet}
+option is an alias for the @option{-mshstk} option.
@item -mcrc32
@opindex mcrc32
--
2.14.3
