From: Marek Polacek <polacek@redhat.com>
To: GCC Patches <gcc-patches@gcc.gnu.org>
Subject: [PATCH] gcc: Disallow trampolines when -fhardened
Date: Fri, 1 Dec 2023 14:33:59 -0500 [thread overview]
Message-ID: <20231201193359.108618-1-polacek@redhat.com> (raw)
Bootstrapped/regtested on x86_64-pc-linux-gnu, ok for trunk?
-- >8 --
It came up that a good hardening strategy is to disable trampolines
which may require executable stack. Therefore the following patch
adds -Werror=trampolines to -fhardened.
gcc/ChangeLog:
* common.opt (Wtrampolines): Enable by -fhardened.
* doc/invoke.texi: Reflect that -fhardened enables -Werror=trampolines.
* opts.cc (print_help_hardened): Add -Werror=trampolines.
* toplev.cc (process_options): Enable -Werror=trampolines for
-fhardened.
gcc/testsuite/ChangeLog:
* gcc.dg/fhardened-1.c: New test.
* gcc.dg/fhardened-2.c: New test.
* gcc.dg/fhardened-3.c: New test.
* gcc.dg/fhardened-4.c: New test.
* gcc.dg/fhardened-5.c: New test.
---
gcc/common.opt | 2 +-
gcc/doc/invoke.texi | 1 +
gcc/opts.cc | 1 +
gcc/testsuite/gcc.dg/fhardened-1.c | 27 +++++++++++++++++++++++++++
gcc/testsuite/gcc.dg/fhardened-2.c | 25 +++++++++++++++++++++++++
gcc/testsuite/gcc.dg/fhardened-3.c | 25 +++++++++++++++++++++++++
gcc/testsuite/gcc.dg/fhardened-4.c | 25 +++++++++++++++++++++++++
gcc/testsuite/gcc.dg/fhardened-5.c | 27 +++++++++++++++++++++++++++
gcc/toplev.cc | 8 +++++++-
9 files changed, 139 insertions(+), 2 deletions(-)
create mode 100644 gcc/testsuite/gcc.dg/fhardened-1.c
create mode 100644 gcc/testsuite/gcc.dg/fhardened-2.c
create mode 100644 gcc/testsuite/gcc.dg/fhardened-3.c
create mode 100644 gcc/testsuite/gcc.dg/fhardened-4.c
create mode 100644 gcc/testsuite/gcc.dg/fhardened-5.c
diff --git a/gcc/common.opt b/gcc/common.opt
index 161a035d736..9b09c7cb3df 100644
--- a/gcc/common.opt
+++ b/gcc/common.opt
@@ -807,7 +807,7 @@ Common Var(warn_system_headers) Warning
Do not suppress warnings from system headers.
Wtrampolines
-Common Var(warn_trampolines) Warning
+Common Var(warn_trampolines) Warning EnabledBy(fhardened)
Warn whenever a trampoline is generated.
Wtrivial-auto-var-init
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 2fab4c5d71f..c1664a1a0f1 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -17745,6 +17745,7 @@ may change between major releases of GCC, but are currently:
-fstack-protector-strong
-fstack-clash-protection
-fcf-protection=full @r{(x86 GNU/Linux only)}
+-Werror=trampolines
}
The list of options enabled by @option{-fhardened} can be generated using
diff --git a/gcc/opts.cc b/gcc/opts.cc
index 5d5efaf1b9e..aa062b87cef 100644
--- a/gcc/opts.cc
+++ b/gcc/opts.cc
@@ -2517,6 +2517,7 @@ print_help_hardened ()
printf (" %s\n", "-fstack-protector-strong");
printf (" %s\n", "-fstack-clash-protection");
printf (" %s\n", "-fcf-protection=full");
+ printf (" %s\n", "-Werror=trampolines");
putchar ('\n');
}
diff --git a/gcc/testsuite/gcc.dg/fhardened-1.c b/gcc/testsuite/gcc.dg/fhardened-1.c
new file mode 100644
index 00000000000..8710959b6f1
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/fhardened-1.c
@@ -0,0 +1,27 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target trampolines } */
+/* { dg-options "-fhardened -O" } */
+
+static void
+baz (int (*bar) (void))
+{
+ bar ();
+}
+
+int
+main (void)
+{
+ int a = 6;
+
+ int
+ bar (void) // { dg-error "trampoline" }
+ {
+ return a;
+ }
+
+ baz (bar);
+
+ return 0;
+}
+
+/* { dg-prune-output "some warnings being treated as errors" } */
diff --git a/gcc/testsuite/gcc.dg/fhardened-2.c b/gcc/testsuite/gcc.dg/fhardened-2.c
new file mode 100644
index 00000000000..d47512aa47f
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/fhardened-2.c
@@ -0,0 +1,25 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target trampolines } */
+/* { dg-options "-fhardened -O -Wno-trampolines" } */
+
+static void
+baz (int (*bar) (void))
+{
+ bar ();
+}
+
+int
+main (void)
+{
+ int a = 6;
+
+ int
+ bar (void) // { dg-bogus "trampoline" }
+ {
+ return a;
+ }
+
+ baz (bar);
+
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.dg/fhardened-3.c b/gcc/testsuite/gcc.dg/fhardened-3.c
new file mode 100644
index 00000000000..cebae13d8be
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/fhardened-3.c
@@ -0,0 +1,25 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target trampolines } */
+/* { dg-options "-fhardened -O -Wno-error" } */
+
+static void
+baz (int (*bar) (void))
+{
+ bar ();
+}
+
+int
+main (void)
+{
+ int a = 6;
+
+ int
+ bar (void) // { dg-warning "trampoline" }
+ {
+ return a;
+ }
+
+ baz (bar);
+
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.dg/fhardened-4.c b/gcc/testsuite/gcc.dg/fhardened-4.c
new file mode 100644
index 00000000000..7e62ed3385d
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/fhardened-4.c
@@ -0,0 +1,25 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target trampolines } */
+/* { dg-options "-fhardened -O -Wno-error=trampolines" } */
+
+static void
+baz (int (*bar) (void))
+{
+ bar ();
+}
+
+int
+main (void)
+{
+ int a = 6;
+
+ int
+ bar (void) // { dg-warning "trampoline" }
+ {
+ return a;
+ }
+
+ baz (bar);
+
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.dg/fhardened-5.c b/gcc/testsuite/gcc.dg/fhardened-5.c
new file mode 100644
index 00000000000..5d3f0dcae8e
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/fhardened-5.c
@@ -0,0 +1,27 @@
+/* { dg-do compile { target *-*-linux* *-*-gnu* } } */
+/* { dg-require-effective-target trampolines } */
+/* { dg-options "-fhardened -O -Wtrampolines" } */
+
+static void
+baz (int (*bar) (void))
+{
+ bar ();
+}
+
+int
+main (void)
+{
+ int a = 6;
+
+ int
+ bar (void) // { dg-error "trampoline" }
+ {
+ return a;
+ }
+
+ baz (bar);
+
+ return 0;
+}
+
+/* { dg-prune-output "some warnings being treated as errors" } */
diff --git a/gcc/toplev.cc b/gcc/toplev.cc
index 85450d97a1a..2f0ac74dee0 100644
--- a/gcc/toplev.cc
+++ b/gcc/toplev.cc
@@ -1682,7 +1682,7 @@ process_options ()
flag_ipa_ra = 0;
/* Enable -Werror=coverage-mismatch when -Werror and -Wno-error
- have not been set. */
+ have not been set. Also enable -Werror=trampolines for -fhardened. */
if (!OPTION_SET_P (warnings_are_errors))
{
if (warn_coverage_mismatch
@@ -1693,6 +1693,12 @@ process_options ()
&& option_unspecified_p (OPT_Wcoverage_invalid_line_number))
diagnostic_classify_diagnostic (global_dc, OPT_Wcoverage_invalid_line_number,
DK_ERROR, UNKNOWN_LOCATION);
+
+ if (flag_hardened
+ && warn_trampolines
+ && option_unspecified_p (OPT_Wtrampolines))
+ diagnostic_classify_diagnostic (global_dc, OPT_Wtrampolines,
+ DK_ERROR, UNKNOWN_LOCATION);
}
/* Save the current optimization options. */
base-commit: b8edb812ff4934c609fdfafe2e1c7f932bc18305
--
2.42.0
next reply other threads:[~2023-12-01 19:34 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-01 19:33 Marek Polacek [this message]
2023-12-01 19:44 ` Andrew Pinski
2023-12-01 20:53 ` Marek Polacek
2023-12-01 21:14 ` Jakub Jelinek
2023-12-07 15:34 ` Eric Botcazou
2023-12-02 9:42 ` Martin Uecker
2023-12-02 10:24 ` Iain Sandoe
2023-12-04 16:26 ` Siddhesh Poyarekar
2023-12-04 16:39 ` Andreas Schwab
2023-12-04 16:45 ` Jakub Jelinek
2023-12-04 16:46 ` Siddhesh Poyarekar
2023-12-04 17:21 ` Martin Uecker
2023-12-04 18:27 ` [gcc15] nested functions in C Siddhesh Poyarekar
2023-12-04 18:48 ` Martin Uecker
2023-12-04 20:35 ` Siddhesh Poyarekar
2023-12-04 21:31 ` Martin Uecker
2023-12-05 12:32 ` Siddhesh Poyarekar
2023-12-04 21:33 ` Joseph Myers
2023-12-04 22:31 ` Martin Uecker
2023-12-05 21:08 ` Joseph Myers
2023-12-05 21:15 ` Martin Uecker
2023-12-06 7:39 ` Richard Biener
2023-12-04 18:51 ` Jakub Jelinek
2023-12-04 19:13 ` Martin Uecker
2023-12-04 20:15 ` Siddhesh Poyarekar
2023-12-07 15:42 ` Eric Botcazou
2023-12-07 15:50 ` Siddhesh Poyarekar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231201193359.108618-1-polacek@redhat.com \
--to=polacek@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).