From patchwork Mon Dec 19 05:54:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Li X-Patchwork-Id: 55371 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 9CAC33B714CC for ; Mon, 19 Dec 2022 07:27:37 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9CAC33B714CC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1671434857; bh=rHzEIi0IzwDcW6qehabkUJ0tP11qKINwVZkQDVdKT0Q=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=T0xc2KU+vKJafe2GqSipCFJ57JLBMbBv+P3XfZj+oTLiyAE0fX7MAsAOiRzNJdUBC pIifaUNAL9NwLcYeOaQA2ieWYmWNF7LB2Z2kvOd50gL2XlpHOV2MdK3YWlWfPQ1hPr 2KVRGwTTyv8GzMaXaACpmNaC8VGoWwOPcW+G0noc= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by sourceware.org (Postfix) with ESMTPS id 572873A02D46 for ; Mon, 19 Dec 2022 05:55:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 572873A02D46 Received: by mail-pj1-x102b.google.com with SMTP id v23so2752610pju.3 for ; Sun, 18 Dec 2022 21:55:40 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rHzEIi0IzwDcW6qehabkUJ0tP11qKINwVZkQDVdKT0Q=; b=01fqKkR2i3UMVz1RN9/d9QG2h3t9i5ox8f4nFcUydOeOpZ2lPkZpTSEPTu0Aa8x6+P CLoeZxZWJTPQd6Z7iM3JjbQNdhbgZUXEbL5ySkfdGU90KbFXp6xiD5EkUbCvI8mgwYY0 j21bPzAmC87IeyNdj6w1DSjcUr1eMwGI7BHoGjccUXkttzrmcDT0mjYadn5Hx8001fNT 8tTSldE4RGD6Hg/vjhXKScA4HdB7nxg63INU6+8bOSR28oxgIbr9gjRM0DhMOnwVj5Iu yqhcFKks7HoRU2EAjyUrUwDauf09dgSyHffQpbo7SZ+v9i6dr4Nk4DboeZt+FQ5C4vOw ngxQ== X-Gm-Message-State: ANoB5pmt6kXcGba0sCjr3WkPD3ry4MxZtEQGzzGVHSjZB/T7hWiAY45Y NbQWBJqJXCy7LeAqHPjvlvxEhRblhZ8feQ== X-Google-Smtp-Source: AA0mqf4162d2wz/tcqPOfHcQD65f+tQLW8hGBDIuBRcx6CcMBX3aX0PwqQq3LS75LC/nDYoumCuJcg== X-Received: by 2002:a17:90b:1181:b0:219:c87a:6926 with SMTP id gk1-20020a17090b118100b00219c87a6926mr41765963pjb.26.1671429339065; Sun, 18 Dec 2022 21:55:39 -0800 (PST) Received: from localhost ([103.152.220.92]) by smtp.gmail.com with ESMTPSA id y10-20020a17090a1f4a00b001ef8ab65052sm4954640pjy.11.2022.12.18.21.55.38 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 18 Dec 2022 21:55:38 -0800 (PST) To: gcc-patches@gcc.gnu.org, Richard Sandiford , Masahiro Yamada , Michal Marek , Nick Desaulniers , Catalin Marinas , Will Deacon , Sami Tolvanen , Kees Cook , Nathan Chancellor , Tom Rix , Peter Zijlstra , "Paul E. McKenney" , Mark Rutland , Josh Poimboeuf , Frederic Weisbecker , "Eric W. Biederman" , Dan Li , Marco Elver , Christophe Leroy , Song Liu , Andrew Morton , Uros Bizjak , Kumar Kartikeya Dwivedi , Juergen Gross , Luis Chamberlain , Borislav Petkov , Masami Hiramatsu , Dmitry Torokhov , Aaron Tomlin , Kalesh Singh , Yuntao Wang , Changbin Du Cc: linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev, linux-hardening@vger.kernel.org Subject: [RFC/RFT 0/3] Add compiler support for Control Flow Integrity Date: Sun, 18 Dec 2022 21:54:28 -0800 Message-Id: <20221219055431.22596-1-ashimida.1990@gmail.com> X-Mailer: git-send-email 2.17.1 X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, KAM_MANYTO, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Dan Li via Gcc-patches From: Dan Li Reply-To: Dan Li Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Sender: "Gcc-patches" This series of patches is mainly used to support the control flow integrity protection of the linux kernel [1], which is similar to -fsanitize=kcfi in clang 16.0 [2,3]. I hope that this feature will also support user-mode CFI in the future (at least for developers who can recompile the runtime), so I use -fsanitize=cfi as a compilation option here. Any suggestion please let me know :). Thanks, Dan. [1] https://lore.kernel.org/all/20220908215504.3686827-1-samitolvanen@google.com/ [2] https://clang.llvm.org/docs/ControlFlowIntegrity.html [3] https://reviews.llvm.org/D119296 Dan Li (3): [PR102768] flag-types.h (enum sanitize_code): Extend sanitize_code to 64 bits to support more features [PR102768] Support CFI: Add new pass for Control Flow Integrity [PR102768] aarch64: Add support for Control Flow Integrity Signed-off-by: Dan Li --- gcc/Makefile.in | 1 + gcc/asan.h | 4 +- gcc/c-family/c-attribs.cc | 10 +- gcc/c-family/c-common.h | 2 +- gcc/c/c-parser.cc | 4 +- gcc/cgraphunit.cc | 34 +++ gcc/common.opt | 4 +- gcc/config/aarch64/aarch64.cc | 106 ++++++++ gcc/cp/typeck.cc | 2 +- gcc/doc/invoke.texi | 35 +++ gcc/doc/passes.texi | 10 + gcc/doc/tm.texi | 27 +++ gcc/doc/tm.texi.in | 8 + gcc/dwarf2asm.cc | 2 +- gcc/flag-types.h | 67 ++--- gcc/opt-suggestions.cc | 2 +- gcc/opts.cc | 26 +- gcc/opts.h | 8 +- gcc/output.h | 3 + gcc/passes.def | 1 + gcc/target.def | 39 +++ .../aarch64/control_flow_integrity_1.c | 14 ++ .../aarch64/control_flow_integrity_2.c | 25 ++ .../aarch64/control_flow_integrity_3.c | 23 ++ gcc/toplev.cc | 4 + gcc/tree-cfg.cc | 2 +- gcc/tree-cfi.cc | 229 ++++++++++++++++++ gcc/tree-pass.h | 1 + gcc/tree.cc | 144 +++++++++++ gcc/tree.h | 1 + gcc/varasm.cc | 29 +++ 31 files changed, 803 insertions(+), 64 deletions(-) create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_1.c create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_2.c create mode 100644 gcc/testsuite/gcc.target/aarch64/control_flow_integrity_3.c create mode 100644 gcc/tree-cfi.cc