From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2092) id EFA40385841D; Fri, 10 Mar 2023 16:20:52 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org EFA40385841D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1678465252; bh=zZZ4Ml3NpAz9gQmpTS59qLGZHRDJO4Q89obdrSgPs1E=; h=From:To:Subject:Date:From; b=kwO4T3NGsnbcz5ybIpfrTCi9oEjtt1B7uCljcdrWo+5oUlpoqFVNE3YGf1VtCalvY HsHJdUPygGXG54n1Ha0meVEjibozTw+cvnAmSfMvmqgLdqWKkDJicpwJ7KpXwZ7nlT jwNL1SBsSxcYKTBGbiQb+IKtEkAxCP7BmPP9ZCJE= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Andrea Corallo To: gcc-cvs@gcc.gnu.org Subject: [gcc(refs/vendors/ARM/heads/arm-12-m-pacbti)] [PATCH 3/15] arm: Add option -mbranch-protection X-Act-Checkin: gcc X-Git-Author: Andrea Corallo X-Git-Refname: refs/vendors/ARM/heads/arm-12-m-pacbti X-Git-Oldrev: 8c86f2c21b453e85ec4dec1ed64612a8ff834216 X-Git-Newrev: f9ed6deaecbf8a1beb366d867ea5ece7beef20f0 Message-Id: <20230310162052.EFA40385841D@sourceware.org> Date: Fri, 10 Mar 2023 16:20:52 +0000 (GMT) List-Id: https://gcc.gnu.org/g:f9ed6deaecbf8a1beb366d867ea5ece7beef20f0 commit f9ed6deaecbf8a1beb366d867ea5ece7beef20f0 Author: Andrea Corallo Date: Mon Dec 6 11:39:03 2021 +0100 [PATCH 3/15] arm: Add option -mbranch-protection Add -mbranch-protection option. This option enables the code-generation of pointer signing and authentication instructions in function prologues and epilogues. gcc/ChangeLog: * config/arm/arm.cc (arm_configure_build_target): Parse and validate -mbranch-protection option and initialize appropriate data structures. * config/arm/arm.opt (-mbranch-protection): New option. * doc/invoke.texi (Arm Options): Document it. Co-Authored-By: Tejas Belagod Co-Authored-By: Richard Earnshaw Diff: --- gcc/config/arm/arm.cc | 11 +++++++++++ gcc/config/arm/arm.opt | 4 ++++ gcc/doc/invoke.texi | 38 +++++++++++++++++++++++++++++++++++++- 3 files changed, 52 insertions(+), 1 deletion(-) diff --git a/gcc/config/arm/arm.cc b/gcc/config/arm/arm.cc index 9d94a8ca361..994b1f5d41f 100644 --- a/gcc/config/arm/arm.cc +++ b/gcc/config/arm/arm.cc @@ -3263,6 +3263,17 @@ arm_configure_build_target (struct arm_build_target *target, tune_opts = strchr (opts->x_arm_tune_string, '+'); } + if (opts->x_arm_branch_protection_string) + { + aarch_validate_mbranch_protection (opts->x_arm_branch_protection_string); + + if (aarch_ra_sign_key != AARCH_KEY_A) + { + warning (0, "invalid key type for %<-mbranch-protection=%>"); + aarch_ra_sign_key = AARCH_KEY_A; + } + } + if (arm_selected_arch) { arm_initialize_isa (target->isa, arm_selected_arch->common.isa_bits); diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt index 500ff06bed4..6b34725b6ea 100644 --- a/gcc/config/arm/arm.opt +++ b/gcc/config/arm/arm.opt @@ -323,6 +323,10 @@ mbranch-cost= Target RejectNegative Joined UInteger Var(arm_branch_cost) Init(-1) Cost to assume for a branch insn. +mbranch-protection= +Target RejectNegative Joined Var(arm_branch_protection_string) Save +Use branch-protection features. + mgeneral-regs-only Target RejectNegative Mask(GENERAL_REGS_ONLY) Save Generate code which uses the core registers only (r0-r14). diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 3f2e9781d05..4e052f5aab3 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -825,7 +825,9 @@ Objective-C and Objective-C++ Dialects}. -mcmse @gol -mfix-cmse-cve-2021-35465 @gol -mstack-protector-guard=@var{guard} -mstack-protector-guard-offset=@var{offset} @gol --mfdpic} +-mfdpic @gol +-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}] +[+@var{bti}]|@var{bti}[+@var{pac-ret}[+@var{leaf}]]} @emph{AVR Options} @gccoptlist{-mmcu=@var{mcu} -mabsdata -maccumulate-args @gol @@ -21530,6 +21532,40 @@ The opposite @option{-mno-fdpic} option is useful (and required) to build the Linux kernel using the same (@code{arm-*-uclinuxfdpiceabi}) toolchain as the one used to build the userland programs. +@item +-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}][+@var{bti}]|@var{bti}[+@var{pac-ret}[+@var{leaf}]] +@opindex mbranch-protection +Enable branch protection features (armv8.1-m.main only). +@samp{none} generate code without branch protection or return address +signing. +@samp{standard[+@var{leaf}]} generate code with all branch protection +features enabled at their standard level. +@samp{pac-ret[+@var{leaf}]} generate code with return address signing +set to its standard level, which is to sign all functions that save +the return address to memory. +@samp{leaf} When return address signing is enabled, also sign leaf +functions even if they do not write the return address to memory. ++@samp{bti} Add landing-pad instructions at the permitted targets of +indirect branch instructions. + +If the @samp{+pacbti} architecture extension is not enabled, then all +branch protection and return address signing operations are +constrained to use only the instructions defined in the +architectural-NOP space. The generated code will remain +backwards-compatible with earlier versions of the architecture, but +the additional security can be enabled at run time on processors that +support the @samp{PACBTI} extension. + +Branch target enforcement using BTI can only be enabled at runtime if +all code in the application has been compiled with at least +@samp{-mbranch-protection=bti}. + +Any setting other than @samp{none} is supported only on armv8-m.main +or later. + +The default is to generate code without branch protection or return +address signing. + @end table @node AVR Options