Re: [PATCH V2] Provide -fcf-protection=branch,return.
On Wed, Jul 12, 2023 at 3:27 PM Hongtao Liu wrote:
>
> ping.
>
> On Mon, May 22, 2023 at 4:08 PM Hongtao Liu wrote:
> >
> > ping.
> >
> > On Sat, May 13, 2023 at 5:20 PM liuhongt wrote:
> > >
> > > > I think this could be simplified if you use either EnumSet or
> > > > EnumBitSet instead in common.opt for `-fcf-protection=`.
> > >
> > > Use EnumSet instead of EnumBitSet since CF_FULL is not power of 2.
> > > It is a bit tricky for sets classification, cf_branch and cf_return
> > > should be in different sets, but they both "conflicts" cf_full,
> > > cf_none. And current EnumSet don't handle this well.
> > >
> > > So in the current implementation, only cf_full,cf_none are exclusive
> > > to each other, but they can be combined with any cf_branch, cf_return,
> > > cf_check. It's not perfect, but still an improvement than original
> > > one.
> > >
I'm going to commit this patch if there's no objection, it's just a
refactor of option -fcf-protection=.
If there's any regression observed, I will fix(or revert the patch).
> > > gcc/ChangeLog:
> > >
> > > * common.opt: (fcf-protection=): Add EnumSet attribute to
> > > support combination of params.
> > >
> > > gcc/testsuite/ChangeLog:
> > >
> > > * c-c++-common/fcf-protection-10.c: New test.
> > > * c-c++-common/fcf-protection-11.c: New test.
> > > * c-c++-common/fcf-protection-12.c: New test.
> > > * c-c++-common/fcf-protection-8.c: New test.
> > > * c-c++-common/fcf-protection-9.c: New test.
> > > * gcc.target/i386/pr89701-1.c: New test.
> > > * gcc.target/i386/pr89701-2.c: New test.
> > > * gcc.target/i386/pr89701-3.c: New test.
> > > ---
> > > gcc/common.opt | 12 ++--
> > > gcc/testsuite/c-c++-common/fcf-protection-10.c | 2 ++
> > > gcc/testsuite/c-c++-common/fcf-protection-11.c | 2 ++
> > > gcc/testsuite/c-c++-common/fcf-protection-12.c | 2 ++
> > > gcc/testsuite/c-c++-common/fcf-protection-8.c | 2 ++
> > > gcc/testsuite/c-c++-common/fcf-protection-9.c | 2 ++
> > > gcc/testsuite/gcc.target/i386/pr89701-1.c | 4
> > > gcc/testsuite/gcc.target/i386/pr89701-2.c | 4
> > > gcc/testsuite/gcc.target/i386/pr89701-3.c | 4
> > > 9 files changed, 28 insertions(+), 6 deletions(-)
> > > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-10.c
> > > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-11.c
> > > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-12.c
> > > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-8.c
> > > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-9.c
> > > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-1.c
> > > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-2.c
> > > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-3.c
> > >
> > > diff --git a/gcc/common.opt b/gcc/common.opt
> > > index a28ca13385a..02f2472959a 100644
> > > --- a/gcc/common.opt
> > > +++ b/gcc/common.opt
> > > @@ -1886,7 +1886,7 @@ fcf-protection
> > > Common RejectNegative Alias(fcf-protection=,full)
> > >
> > > fcf-protection=
> > > -Common Joined RejectNegative Enum(cf_protection_level)
> > > Var(flag_cf_protection) Init(CF_NONE)
> > > +Common Joined RejectNegative Enum(cf_protection_level) EnumSet
> > > Var(flag_cf_protection) Init(CF_NONE)
> > > -fcf-protection=[full|branch|return|none|check]Instrument
> > > functions with checks to verify jump/call/return control-flow transfer
> > > instructions have valid targets.
> > >
> > > @@ -1894,19 +1894,19 @@ Enum
> > > Name(cf_protection_level) Type(enum cf_protection_level)
> > > UnknownError(unknown Control-Flow Protection Level %qs)
> > >
> > > EnumValue
> > > -Enum(cf_protection_level) String(full) Value(CF_FULL)
> > > +Enum(cf_protection_level) String(full) Value(CF_FULL) Set(1)
> > >
> > > EnumValue
> > > -Enum(cf_protection_level) String(branch) Value(CF_BRANCH)
> > > +Enum(cf_protection_level) String(branch) Value(CF_BRANCH) Set(2)
> > >
> > > EnumValue
> > > -Enum(cf_protection_level) String(return) Value(CF_RETURN)
> > > +Enum(cf_protection_level) String(return) Value(CF_RETURN) Set(3)
> > >
> > > EnumValue
> > > -Enum(cf_protection_level) String(check) Value(CF_CHECK)
> > > +Enum(cf_protection_level) String(check) Value(CF_CHECK) Set(4)
> > >
> > > EnumValue
> > > -Enum(cf_protection_level) String(none) Value(CF_NONE)
> > > +Enum(cf_protection_level) String(none) Value(CF_NONE) Set(1)
> > >
> > > finstrument-functions
> > > Common Var(flag_instrument_function_entry_exit,1)
> > > diff --git a/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > > b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > > new file mode 100644
> > > index 000..b271d134e52
> > > --- /dev/null
> > > +++ b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > > @@ -0,0 +1,2 @@
> > > +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> > > +/* {
Re: [PATCH V2] Provide -fcf-protection=branch,return.
ping.
On Mon, May 22, 2023 at 4:08 PM Hongtao Liu wrote:
>
> ping.
>
> On Sat, May 13, 2023 at 5:20 PM liuhongt wrote:
> >
> > > I think this could be simplified if you use either EnumSet or
> > > EnumBitSet instead in common.opt for `-fcf-protection=`.
> >
> > Use EnumSet instead of EnumBitSet since CF_FULL is not power of 2.
> > It is a bit tricky for sets classification, cf_branch and cf_return
> > should be in different sets, but they both "conflicts" cf_full,
> > cf_none. And current EnumSet don't handle this well.
> >
> > So in the current implementation, only cf_full,cf_none are exclusive
> > to each other, but they can be combined with any cf_branch, cf_return,
> > cf_check. It's not perfect, but still an improvement than original
> > one.
> >
> > gcc/ChangeLog:
> >
> > * common.opt: (fcf-protection=): Add EnumSet attribute to
> > support combination of params.
> >
> > gcc/testsuite/ChangeLog:
> >
> > * c-c++-common/fcf-protection-10.c: New test.
> > * c-c++-common/fcf-protection-11.c: New test.
> > * c-c++-common/fcf-protection-12.c: New test.
> > * c-c++-common/fcf-protection-8.c: New test.
> > * c-c++-common/fcf-protection-9.c: New test.
> > * gcc.target/i386/pr89701-1.c: New test.
> > * gcc.target/i386/pr89701-2.c: New test.
> > * gcc.target/i386/pr89701-3.c: New test.
> > ---
> > gcc/common.opt | 12 ++--
> > gcc/testsuite/c-c++-common/fcf-protection-10.c | 2 ++
> > gcc/testsuite/c-c++-common/fcf-protection-11.c | 2 ++
> > gcc/testsuite/c-c++-common/fcf-protection-12.c | 2 ++
> > gcc/testsuite/c-c++-common/fcf-protection-8.c | 2 ++
> > gcc/testsuite/c-c++-common/fcf-protection-9.c | 2 ++
> > gcc/testsuite/gcc.target/i386/pr89701-1.c | 4
> > gcc/testsuite/gcc.target/i386/pr89701-2.c | 4
> > gcc/testsuite/gcc.target/i386/pr89701-3.c | 4
> > 9 files changed, 28 insertions(+), 6 deletions(-)
> > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-10.c
> > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-11.c
> > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-12.c
> > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-8.c
> > create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-9.c
> > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-1.c
> > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-2.c
> > create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-3.c
> >
> > diff --git a/gcc/common.opt b/gcc/common.opt
> > index a28ca13385a..02f2472959a 100644
> > --- a/gcc/common.opt
> > +++ b/gcc/common.opt
> > @@ -1886,7 +1886,7 @@ fcf-protection
> > Common RejectNegative Alias(fcf-protection=,full)
> >
> > fcf-protection=
> > -Common Joined RejectNegative Enum(cf_protection_level)
> > Var(flag_cf_protection) Init(CF_NONE)
> > +Common Joined RejectNegative Enum(cf_protection_level) EnumSet
> > Var(flag_cf_protection) Init(CF_NONE)
> > -fcf-protection=[full|branch|return|none|check]Instrument
> > functions with checks to verify jump/call/return control-flow transfer
> > instructions have valid targets.
> >
> > @@ -1894,19 +1894,19 @@ Enum
> > Name(cf_protection_level) Type(enum cf_protection_level)
> > UnknownError(unknown Control-Flow Protection Level %qs)
> >
> > EnumValue
> > -Enum(cf_protection_level) String(full) Value(CF_FULL)
> > +Enum(cf_protection_level) String(full) Value(CF_FULL) Set(1)
> >
> > EnumValue
> > -Enum(cf_protection_level) String(branch) Value(CF_BRANCH)
> > +Enum(cf_protection_level) String(branch) Value(CF_BRANCH) Set(2)
> >
> > EnumValue
> > -Enum(cf_protection_level) String(return) Value(CF_RETURN)
> > +Enum(cf_protection_level) String(return) Value(CF_RETURN) Set(3)
> >
> > EnumValue
> > -Enum(cf_protection_level) String(check) Value(CF_CHECK)
> > +Enum(cf_protection_level) String(check) Value(CF_CHECK) Set(4)
> >
> > EnumValue
> > -Enum(cf_protection_level) String(none) Value(CF_NONE)
> > +Enum(cf_protection_level) String(none) Value(CF_NONE) Set(1)
> >
> > finstrument-functions
> > Common Var(flag_instrument_function_entry_exit,1)
> > diff --git a/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > new file mode 100644
> > index 000..b271d134e52
> > --- /dev/null
> > +++ b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> > @@ -0,0 +1,2 @@
> > +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> > +/* { dg-options "-fcf-protection=branch,check" } */
> > diff --git a/gcc/testsuite/c-c++-common/fcf-protection-11.c
> > b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> > new file mode 100644
> > index 000..2e566350ccd
> > --- /dev/null
> > +++ b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> > @@ -0,0 +1,2 @@
> > +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> > +/* { dg-options "-fcf-protection=branch,return" } */
Re: [PATCH V2] Provide -fcf-protection=branch,return.
ping.
On Sat, May 13, 2023 at 5:20 PM liuhongt wrote:
>
> > I think this could be simplified if you use either EnumSet or
> > EnumBitSet instead in common.opt for `-fcf-protection=`.
>
> Use EnumSet instead of EnumBitSet since CF_FULL is not power of 2.
> It is a bit tricky for sets classification, cf_branch and cf_return
> should be in different sets, but they both "conflicts" cf_full,
> cf_none. And current EnumSet don't handle this well.
>
> So in the current implementation, only cf_full,cf_none are exclusive
> to each other, but they can be combined with any cf_branch, cf_return,
> cf_check. It's not perfect, but still an improvement than original
> one.
>
> gcc/ChangeLog:
>
> * common.opt: (fcf-protection=): Add EnumSet attribute to
> support combination of params.
>
> gcc/testsuite/ChangeLog:
>
> * c-c++-common/fcf-protection-10.c: New test.
> * c-c++-common/fcf-protection-11.c: New test.
> * c-c++-common/fcf-protection-12.c: New test.
> * c-c++-common/fcf-protection-8.c: New test.
> * c-c++-common/fcf-protection-9.c: New test.
> * gcc.target/i386/pr89701-1.c: New test.
> * gcc.target/i386/pr89701-2.c: New test.
> * gcc.target/i386/pr89701-3.c: New test.
> ---
> gcc/common.opt | 12 ++--
> gcc/testsuite/c-c++-common/fcf-protection-10.c | 2 ++
> gcc/testsuite/c-c++-common/fcf-protection-11.c | 2 ++
> gcc/testsuite/c-c++-common/fcf-protection-12.c | 2 ++
> gcc/testsuite/c-c++-common/fcf-protection-8.c | 2 ++
> gcc/testsuite/c-c++-common/fcf-protection-9.c | 2 ++
> gcc/testsuite/gcc.target/i386/pr89701-1.c | 4
> gcc/testsuite/gcc.target/i386/pr89701-2.c | 4
> gcc/testsuite/gcc.target/i386/pr89701-3.c | 4
> 9 files changed, 28 insertions(+), 6 deletions(-)
> create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-10.c
> create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-11.c
> create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-12.c
> create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-8.c
> create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-9.c
> create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-1.c
> create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-2.c
> create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-3.c
>
> diff --git a/gcc/common.opt b/gcc/common.opt
> index a28ca13385a..02f2472959a 100644
> --- a/gcc/common.opt
> +++ b/gcc/common.opt
> @@ -1886,7 +1886,7 @@ fcf-protection
> Common RejectNegative Alias(fcf-protection=,full)
>
> fcf-protection=
> -Common Joined RejectNegative Enum(cf_protection_level)
> Var(flag_cf_protection) Init(CF_NONE)
> +Common Joined RejectNegative Enum(cf_protection_level) EnumSet
> Var(flag_cf_protection) Init(CF_NONE)
> -fcf-protection=[full|branch|return|none|check]Instrument functions
> with checks to verify jump/call/return control-flow transfer
> instructions have valid targets.
>
> @@ -1894,19 +1894,19 @@ Enum
> Name(cf_protection_level) Type(enum cf_protection_level)
> UnknownError(unknown Control-Flow Protection Level %qs)
>
> EnumValue
> -Enum(cf_protection_level) String(full) Value(CF_FULL)
> +Enum(cf_protection_level) String(full) Value(CF_FULL) Set(1)
>
> EnumValue
> -Enum(cf_protection_level) String(branch) Value(CF_BRANCH)
> +Enum(cf_protection_level) String(branch) Value(CF_BRANCH) Set(2)
>
> EnumValue
> -Enum(cf_protection_level) String(return) Value(CF_RETURN)
> +Enum(cf_protection_level) String(return) Value(CF_RETURN) Set(3)
>
> EnumValue
> -Enum(cf_protection_level) String(check) Value(CF_CHECK)
> +Enum(cf_protection_level) String(check) Value(CF_CHECK) Set(4)
>
> EnumValue
> -Enum(cf_protection_level) String(none) Value(CF_NONE)
> +Enum(cf_protection_level) String(none) Value(CF_NONE) Set(1)
>
> finstrument-functions
> Common Var(flag_instrument_function_entry_exit,1)
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-10.c
> b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> new file mode 100644
> index 000..b271d134e52
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,check" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-11.c
> b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> new file mode 100644
> index 000..2e566350ccd
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,return" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-12.c
> b/gcc/testsuite/c-c++-common/fcf-protection-12.c
> new file mode 100644
> index 000..b39c2f8e25d
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-12.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile {
[PATCH V2] Provide -fcf-protection=branch,return.
> I think this could be simplified if you use either EnumSet or
> EnumBitSet instead in common.opt for `-fcf-protection=`.
Use EnumSet instead of EnumBitSet since CF_FULL is not power of 2.
It is a bit tricky for sets classification, cf_branch and cf_return
should be in different sets, but they both "conflicts" cf_full,
cf_none. And current EnumSet don't handle this well.
So in the current implementation, only cf_full,cf_none are exclusive
to each other, but they can be combined with any cf_branch, cf_return,
cf_check. It's not perfect, but still an improvement than original
one.
gcc/ChangeLog:
* common.opt: (fcf-protection=): Add EnumSet attribute to
support combination of params.
gcc/testsuite/ChangeLog:
* c-c++-common/fcf-protection-10.c: New test.
* c-c++-common/fcf-protection-11.c: New test.
* c-c++-common/fcf-protection-12.c: New test.
* c-c++-common/fcf-protection-8.c: New test.
* c-c++-common/fcf-protection-9.c: New test.
* gcc.target/i386/pr89701-1.c: New test.
* gcc.target/i386/pr89701-2.c: New test.
* gcc.target/i386/pr89701-3.c: New test.
---
gcc/common.opt | 12 ++--
gcc/testsuite/c-c++-common/fcf-protection-10.c | 2 ++
gcc/testsuite/c-c++-common/fcf-protection-11.c | 2 ++
gcc/testsuite/c-c++-common/fcf-protection-12.c | 2 ++
gcc/testsuite/c-c++-common/fcf-protection-8.c | 2 ++
gcc/testsuite/c-c++-common/fcf-protection-9.c | 2 ++
gcc/testsuite/gcc.target/i386/pr89701-1.c | 4
gcc/testsuite/gcc.target/i386/pr89701-2.c | 4
gcc/testsuite/gcc.target/i386/pr89701-3.c | 4
9 files changed, 28 insertions(+), 6 deletions(-)
create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-10.c
create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-11.c
create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-12.c
create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-8.c
create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-9.c
create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-1.c
create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-2.c
create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-3.c
diff --git a/gcc/common.opt b/gcc/common.opt
index a28ca13385a..02f2472959a 100644
--- a/gcc/common.opt
+++ b/gcc/common.opt
@@ -1886,7 +1886,7 @@ fcf-protection
Common RejectNegative Alias(fcf-protection=,full)
fcf-protection=
-Common Joined RejectNegative Enum(cf_protection_level) Var(flag_cf_protection)
Init(CF_NONE)
+Common Joined RejectNegative Enum(cf_protection_level) EnumSet
Var(flag_cf_protection) Init(CF_NONE)
-fcf-protection=[full|branch|return|none|check]Instrument functions
with checks to verify jump/call/return control-flow transfer
instructions have valid targets.
@@ -1894,19 +1894,19 @@ Enum
Name(cf_protection_level) Type(enum cf_protection_level) UnknownError(unknown
Control-Flow Protection Level %qs)
EnumValue
-Enum(cf_protection_level) String(full) Value(CF_FULL)
+Enum(cf_protection_level) String(full) Value(CF_FULL) Set(1)
EnumValue
-Enum(cf_protection_level) String(branch) Value(CF_BRANCH)
+Enum(cf_protection_level) String(branch) Value(CF_BRANCH) Set(2)
EnumValue
-Enum(cf_protection_level) String(return) Value(CF_RETURN)
+Enum(cf_protection_level) String(return) Value(CF_RETURN) Set(3)
EnumValue
-Enum(cf_protection_level) String(check) Value(CF_CHECK)
+Enum(cf_protection_level) String(check) Value(CF_CHECK) Set(4)
EnumValue
-Enum(cf_protection_level) String(none) Value(CF_NONE)
+Enum(cf_protection_level) String(none) Value(CF_NONE) Set(1)
finstrument-functions
Common Var(flag_instrument_function_entry_exit,1)
diff --git a/gcc/testsuite/c-c++-common/fcf-protection-10.c
b/gcc/testsuite/c-c++-common/fcf-protection-10.c
new file mode 100644
index 000..b271d134e52
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/fcf-protection-10.c
@@ -0,0 +1,2 @@
+/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
+/* { dg-options "-fcf-protection=branch,check" } */
diff --git a/gcc/testsuite/c-c++-common/fcf-protection-11.c
b/gcc/testsuite/c-c++-common/fcf-protection-11.c
new file mode 100644
index 000..2e566350ccd
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/fcf-protection-11.c
@@ -0,0 +1,2 @@
+/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
+/* { dg-options "-fcf-protection=branch,return" } */
diff --git a/gcc/testsuite/c-c++-common/fcf-protection-12.c
b/gcc/testsuite/c-c++-common/fcf-protection-12.c
new file mode 100644
index 000..b39c2f8e25d
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/fcf-protection-12.c
@@ -0,0 +1,2 @@
+/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
+/* { dg-options "-fcf-protection=return,branch" } */
diff --git a/gcc/testsuite/c-c++-common/fcf-protection-8.c
b/gcc/testsuite/c-c++-common/fcf-protection-8.c
new file mode 100644
index 000..3b97095a92c
--- /dev/null
