[PATCH] libphobos: Include to generate the CET marker for -fcf-protection

H.J. Lu via Gcc-patches Wed, 09 Sep 2020 10:09:48 -0700

On Mon, Sep 7, 2020 at 7:09 PM H.J. Lu <hjl.to...@gmail.com> wrote:
>
> On Mon, Sep 7, 2020 at 2:35 PM Iain Buclaw <ibuc...@gdcproject.org> wrote:
> >
> > Hi,
> >
> > This patch removes whatever CET support was in the switchContext routine
> > for x86 D runtime, and instead uses the ucontext fallback, which propely
> > handles shadow stack handling.
> >
> > Rather than implementing support within D runtime itself, use libc
> > getcontext/setcontext functions if CET is enabled instead.
> >
> > HJ, does this look reasonable before I commit it?  The detection has
> > been done at configure-time, rather than adding a predefined version
> > condition for CET within the compiler.
> >
> > Done regression testing on x86_64-linux-gnu/-m32/-mx32.
> >
> > Regards
> > Iain.
> >
> > ---
> > libphobos/ChangeLog:
> >
> >         PR d/95680
> >         * Makefile.in: Regenerate.
> >         * configure: Regenerate.
> >         * configure.ac (DCFG_ENABLE_CET): Substitute.
> >         * libdruntime/Makefile.in: Regenerate.
> >         * libdruntime/config/x86/switchcontext.S: Remove CET support code.
> >         * libdruntime/core/thread.d: Import gcc.config.  Don't set version
> >         AsmExternal when GNU_Enable_CET is true.
> >         * libdruntime/gcc/config.d.in (GNU_Enable_CET): Define.
> >         * src/Makefile.in: Regenerate.
> >         * testsuite/Makefile.in: Regenerate.
>
> Looks good.  I can try it on Tiger Lake after it has been checked in.
>


Here is the patch to enable the CET marker for -fcf-protection.
I saw some D run-time failures.  I will investigate them.

-- 
H.J.

From a6e0f81ceebb0fc8791340349b43270fce3d0bf1 Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.to...@gmail.com>
Date: Tue, 8 Sep 2020 05:54:56 -0700
Subject: [PATCH] libphobos: Include <cet.h> to generate the CET marker for
 -fcf-protection

Include <cet.h> to generate the CET marker for -fcf-protection to avoid

/bin/ld: ../libdruntime/.libs/libgdruntime_convenience.a(libgdruntime_convenience_la-switchcontext.o): error: missing IBT and SHSTK properties

when -z cet-report=error is passed to the linker to create libgphobos.so
and libgdruntime.so.

	PR d/95680
	* libdruntime/config/x86/switchcontext.S: Include <cet.h> to
	generate the CET marker for -fcf-protection.
---
 libphobos/libdruntime/config/x86/switchcontext.S | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libphobos/libdruntime/config/x86/switchcontext.S b/libphobos/libdruntime/config/x86/switchcontext.S
index 85f2e00d186..f2f8efa218e 100644
--- a/libphobos/libdruntime/config/x86/switchcontext.S
+++ b/libphobos/libdruntime/config/x86/switchcontext.S
@@ -24,6 +24,11 @@ see the files COPYING3 and COPYING.RUNTIME respectively.  If not, see
 
 #include "../common/threadasm.S"
 
+/* NB: Generate the CET marker for -fcf-protection.  */
+#ifdef __CET__
+# include <cet.h>
+#endif
+
 #if defined(__i386__) && !defined(__CET__)
 
     .text
-- 
2.26.2

[PATCH] libphobos: Include to generate the CET marker for -fcf-protection

Reply via email to