Message ID | 20221219055431.22596-1-ashimida.1990@gmail.com |
---|---|
Headers |
Return-Path: <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 9CAC33B714CC for <patchwork@sourceware.org>; Mon, 19 Dec 2022 07:27:37 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9CAC33B714CC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1671434857; bh=rHzEIi0IzwDcW6qehabkUJ0tP11qKINwVZkQDVdKT0Q=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=T0xc2KU+vKJafe2GqSipCFJ57JLBMbBv+P3XfZj+oTLiyAE0fX7MAsAOiRzNJdUBC pIifaUNAL9NwLcYeOaQA2ieWYmWNF7LB2Z2kvOd50gL2XlpHOV2MdK3YWlWfPQ1hPr 2KVRGwTTyv8GzMaXaACpmNaC8VGoWwOPcW+G0noc= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by sourceware.org (Postfix) with ESMTPS id 572873A02D46 for <gcc-patches@gcc.gnu.org>; Mon, 19 Dec 2022 05:55:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 572873A02D46 Received: by mail-pj1-x102b.google.com with SMTP id v23so2752610pju.3 for <gcc-patches@gcc.gnu.org>; Sun, 18 Dec 2022 21:55:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rHzEIi0IzwDcW6qehabkUJ0tP11qKINwVZkQDVdKT0Q=; b=01fqKkR2i3UMVz1RN9/d9QG2h3t9i5ox8f4nFcUydOeOpZ2lPkZpTSEPTu0Aa8x6+P CLoeZxZWJTPQd6Z7iM3JjbQNdhbgZUXEbL5ySkfdGU90KbFXp6xiD5EkUbCvI8mgwYY0 j21bPzAmC87IeyNdj6w1DSjcUr1eMwGI7BHoGjccUXkttzrmcDT0mjYadn5Hx8001fNT 8tTSldE4RGD6Hg/vjhXKScA4HdB7nxg63INU6+8bOSR28oxgIbr9gjRM0DhMOnwVj5Iu yqhcFKks7HoRU2EAjyUrUwDauf09dgSyHffQpbo7SZ+v9i6dr4Nk4DboeZt+FQ5C4vOw ngxQ== X-Gm-Message-State: ANoB5pmt6kXcGba0sCjr3WkPD3ry4MxZtEQGzzGVHSjZB/T7hWiAY45Y NbQWBJqJXCy7LeAqHPjvlvxEhRblhZ8feQ== X-Google-Smtp-Source: AA0mqf4162d2wz/tcqPOfHcQD65f+tQLW8hGBDIuBRcx6CcMBX3aX0PwqQq3LS75LC/nDYoumCuJcg== X-Received: by 2002:a17:90b:1181:b0:219:c87a:6926 with SMTP id gk1-20020a17090b118100b00219c87a6926mr41765963pjb.26.1671429339065; Sun, 18 Dec 2022 21:55:39 -0800 (PST) Received: from localhost ([103.152.220.92]) by smtp.gmail.com with ESMTPSA id y10-20020a17090a1f4a00b001ef8ab65052sm4954640pjy.11.2022.12.18.21.55.38 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2022 21:55:38 -0800 (PST) To: gcc-patches@gcc.gnu.org, Richard Sandiford <richard.sandiford@arm.com>, Masahiro Yamada <masahiroy@kernel.org>, Michal Marek <michal.lkml@markovi.net>, Nick Desaulniers <ndesaulniers@google.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, Sami Tolvanen <samitolvanen@google.com>, Kees Cook <keescook@chromium.org>, Nathan Chancellor <nathan@kernel.org>, Tom Rix <trix@redhat.com>, Peter Zijlstra <peterz@infradead.org>, "Paul E. McKenney" <paulmck@kernel.org>, Mark Rutland <mark.rutland@arm.com>, Josh Poimboeuf <jpoimboe@kernel.org>, Frederic Weisbecker <frederic@kernel.org>, "Eric W. Biederman" <ebiederm@xmission.com>, Dan Li <ashimida.1990@gmail.com>, Marco Elver <elver@google.com>, Christophe Leroy <christophe.leroy@csgroup.eu>, Song Liu <song@kernel.org>, Andrew Morton <akpm@linux-foundation.org>, Uros Bizjak <ubizjak@gmail.com>, Kumar Kartikeya Dwivedi <memxor@gmail.com>, Juergen Gross <jgross@suse.com>, Luis Chamberlain <mcgrof@kernel.org>, Borislav Petkov <bp@suse.de>, Masami Hiramatsu <mhiramat@kernel.org>, Dmitry Torokhov <dmitry.torokhov@gmail.com>, Aaron Tomlin <atomlin@redhat.com>, Kalesh Singh <kaleshsingh@google.com>, Yuntao Wang <ytcoode@gmail.com>, Changbin Du <changbin.du@intel.com> Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev, linux-hardening@vger.kernel.org Subject: [RFC/RFT 0/3] Add compiler support for Control Flow Integrity Date: Sun, 18 Dec 2022 21:54:28 -0800 Message-Id: <20221219055431.22596-1-ashimida.1990@gmail.com> X-Mailer: git-send-email 2.17.1 X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, KAM_MANYTO, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org> List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe> List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/> List-Post: <mailto:gcc-patches@gcc.gnu.org> List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help> List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe> From: Dan Li via Gcc-patches <gcc-patches@gcc.gnu.org> Reply-To: Dan Li <ashimida.1990@gmail.com> Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Sender: "Gcc-patches" <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org> |
Series |
Add compiler support for Control Flow Integrity
|
|
Message
Dan Li
Dec. 19, 2022, 5:54 a.m. UTC
This series of patches is mainly used to support the control flow
integrity protection of the linux kernel [1], which is similar to
-fsanitize=kcfi in clang 16.0 [2,3].
I hope that this feature will also support user-mode CFI in the
future (at least for developers who can recompile the runtime),
so I use -fsanitize=cfi as a compilation option here.
Any suggestion please let me know :).
Thanks, Dan.
[1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/
[2] https://clang.llvm.org/docs/ControlFlowIntegrity.html
[3] https://reviews.llvm.org/D119296
Dan Li (3):
[PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to
64 bits to support more features
[PR102768] Support CFI: Add new pass for Control Flow Integrity
[PR102768] aarch64: Add support for Control Flow Integrity
Signed-off-by: Dan Li <ashimida.1990@gmail.com>
---
gcc/Makefile.in | 1 +
gcc/asan.h | 4 +-
gcc/c-family/c-attribs.cc | 10 +-
gcc/c-family/c-common.h | 2 +-
gcc/c/c-parser.cc | 4 +-
gcc/cgraphunit.cc | 34 +++
gcc/common.opt | 4 +-
gcc/config/aarch64/aarch64.cc | 106 ++++++++
gcc/cp/typeck.cc | 2 +-
gcc/doc/invoke.texi | 35 +++
gcc/doc/passes.texi | 10 +
gcc/doc/tm.texi | 27 +++
gcc/doc/tm.texi.in | 8 +
gcc/dwarf2asm.cc | 2 +-
gcc/flag-types.h | 67 ++---
gcc/opt-suggestions.cc | 2 +-
gcc/opts.cc | 26 +-
gcc/opts.h | 8 +-
gcc/output.h | 3 +
gcc/passes.def | 1 +
gcc/target.def | 39 +++
.../aarch64/control_flow_integrity_1.c | 14 ++
.../aarch64/control_flow_integrity_2.c | 25 ++
.../aarch64/control_flow_integrity_3.c | 23 ++
gcc/toplev.cc | 4 +
gcc/tree-cfg.cc | 2 +-
gcc/tree-cfi.cc | 229 ++++++++++++++++++
gcc/tree-pass.h | 1 +
gcc/tree.cc | 144 +++++++++++
gcc/tree.h | 1 +
gcc/varasm.cc | 29 +++
31 files changed, 803 insertions(+), 64 deletions(-)
create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c
create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c
create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c
create mode 100644 gcc/tree-cfi.cc
Comments
On Mon, Dec 19, 2022 at 3:59 PM Dan Li via Gcc-patches <gcc-patches@gcc.gnu.org> wrote: > > This series of patches is mainly used to support the control flow > integrity protection of the linux kernel [1], which is similar to > -fsanitize=kcfi in clang 16.0 [2,3]. > > I hope that this feature will also support user-mode CFI in the > future (at least for developers who can recompile the runtime), > so I use -fsanitize=cfi as a compilation option here. > > Any suggestion please let me know :). Do you have this series as a branch somewhere that we could also try for x86? > > Thanks, Dan. > > [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/ > [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html > [3] https://reviews.llvm.org/D119296 > > Dan Li (3): > [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to > 64 bits to support more features > [PR102768] Support CFI: Add new pass for Control Flow Integrity > [PR102768] aarch64: Add support for Control Flow Integrity > > Signed-off-by: Dan Li <ashimida.1990@gmail.com> > > --- > gcc/Makefile.in | 1 + > gcc/asan.h | 4 +- > gcc/c-family/c-attribs.cc | 10 +- > gcc/c-family/c-common.h | 2 +- > gcc/c/c-parser.cc | 4 +- > gcc/cgraphunit.cc | 34 +++ > gcc/common.opt | 4 +- > gcc/config/aarch64/aarch64.cc | 106 ++++++++ > gcc/cp/typeck.cc | 2 +- > gcc/doc/invoke.texi | 35 +++ > gcc/doc/passes.texi | 10 + > gcc/doc/tm.texi | 27 +++ > gcc/doc/tm.texi.in | 8 + > gcc/dwarf2asm.cc | 2 +- > gcc/flag-types.h | 67 ++--- > gcc/opt-suggestions.cc | 2 +- > gcc/opts.cc | 26 +- > gcc/opts.h | 8 +- > gcc/output.h | 3 + > gcc/passes.def | 1 + > gcc/target.def | 39 +++ > .../aarch64/control_flow_integrity_1.c | 14 ++ > .../aarch64/control_flow_integrity_2.c | 25 ++ > .../aarch64/control_flow_integrity_3.c | 23 ++ > gcc/toplev.cc | 4 + > gcc/tree-cfg.cc | 2 +- > gcc/tree-cfi.cc | 229 ++++++++++++++++++ > gcc/tree-pass.h | 1 + > gcc/tree.cc | 144 +++++++++++ > gcc/tree.h | 1 + > gcc/varasm.cc | 29 +++ > 31 files changed, 803 insertions(+), 64 deletions(-) > create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c > create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c > create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c > create mode 100644 gcc/tree-cfi.cc > > -- > 2.17.1 > -- BR, Hongtao
On Sun, Dec 18, 2022 at 10:06 PM Dan Li <ashimida.1990@gmail.com> wrote: > > This series of patches is mainly used to support the control flow > integrity protection of the linux kernel [1], which is similar to > -fsanitize=kcfi in clang 16.0 [2,3]. > > I hope that this feature will also support user-mode CFI in the > future (at least for developers who can recompile the runtime), > so I use -fsanitize=cfi as a compilation option here. Please don't. The various CFI-related build flags are confusing enough without also having this inconsistency between Clang and GCC. Peter
On 02/09, Hongtao Liu wrote: > On Mon, Dec 19, 2022 at 3:59 PM Dan Li via Gcc-patches > <gcc-patches@gcc.gnu.org> wrote: > > > > This series of patches is mainly used to support the control flow > > integrity protection of the linux kernel [1], which is similar to > > -fsanitize=kcfi in clang 16.0 [2,3]. > > > > I hope that this feature will also support user-mode CFI in the > > future (at least for developers who can recompile the runtime), > > so I use -fsanitize=cfi as a compilation option here. > > > > Any suggestion please let me know :). > Do you have this series as a branch somewhere that we could also try for x86? Hi Hongtao, I haven't tried this feature on the x86 platform, if possible, I will try it in the next version. Thanks, Dan. > -- > BR, > Hongtao
On 02/08, Peter Collingbourne wrote: > On Sun, Dec 18, 2022 at 10:06 PM Dan Li <ashimida.1990@gmail.com> wrote: > > > > This series of patches is mainly used to support the control flow > > integrity protection of the linux kernel [1], which is similar to > > -fsanitize=kcfi in clang 16.0 [2,3]. > > > > I hope that this feature will also support user-mode CFI in the > > future (at least for developers who can recompile the runtime), > > so I use -fsanitize=cfi as a compilation option here. > > Please don't. The various CFI-related build flags are confusing enough > without also having this inconsistency between Clang and GCC. Hi Peter, Got it, as discussed before[1], in the next version I will use the same compile option. [1]. https://patchwork.kernel.org/project/linux-arm-kernel/patch/20221219061758.23321-1-ashimida.1990@gmail.com/ Thanks, Dan. > > Peter
On Sat, Feb 11, 2023 at 12:18 AM Dan Li <ashimida.1990@gmail.com> wrote: > > On 02/09, Hongtao Liu wrote: > > On Mon, Dec 19, 2022 at 3:59 PM Dan Li via Gcc-patches > > <gcc-patches@gcc.gnu.org> wrote: > > > > > > This series of patches is mainly used to support the control flow > > > integrity protection of the linux kernel [1], which is similar to > > > -fsanitize=kcfi in clang 16.0 [2,3]. > > > > > > I hope that this feature will also support user-mode CFI in the > > > future (at least for developers who can recompile the runtime), > > > so I use -fsanitize=cfi as a compilation option here. > > > > > > Any suggestion please let me know :). > > Do you have this series as a branch somewhere that we could also try for x86? > > Hi Hongtao, > > I haven't tried this feature on the x86 platform, if possible, I will try it in > the next version. Thanks. > > Thanks, > Dan. > > > -- > > BR, > > Hongtao -- BR, Hongtao