From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 5B9B53858C2C for ; Fri, 1 Dec 2023 19:34:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5B9B53858C2C Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 5B9B53858C2C Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1701459255; cv=none; b=kKP9z19l7gzbufWaBQp1mA58Fx3xEccP8AjSwA5oKFFgXl0yKeX/BJJ+x4lV+lwNDob0K/rUtrxVfi8BSfj/xnZJbMhig8gVujxbap5eibhQJ+RIYZptNpRXHJvcbDP2JRnQ7j6b35f7iozLzRexixObWOhVciKYa7tGfjeOxvs= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1701459255; c=relaxed/simple; bh=wTwx9s99yM9jIKrWuuoSOaBvX6ozAxdZGAHOQnfw/z8=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=rhpF6lH5fksYtp+diZSMjXza1Y/Xi1vq7KG4rnoV3Dsm1Fwtb8zUcadeNOkROgCJW/0g1RlQugdaMVSjwYtv4BQSIEbob2rO/uaa1WJOzlNc8hmBrLPMTvAWvPvRINBkIV5SnjK0i89YjRt9//l2eeL/KWkP7ZCRDZm71owsZ/c= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1701459251; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=njgmTA82QnQL6zondju1InIY4nOGBgvGduCsC6xjh9c=; b=EQSKW+qzLpxBuikdd2NL0Kv975G8QlztNs2aRegJXOm5moCd4uPUc5fXdZ6bPNbqWiqjlB 5J2DdizGuKhGh7k2syS4VIvRsiZ1tcr/bB2DDCAQJnnEbHPKmAX9AmuZHOVpahYtiRpDyw skFa0nC5YaWDx7vChFEzoQViS+KkvUk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-671-9y1rqAbNMHOADQC0SY0iTQ-1; Fri, 01 Dec 2023 14:34:09 -0500 X-MC-Unique: 9y1rqAbNMHOADQC0SY0iTQ-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5FAF0101A52D for ; Fri, 1 Dec 2023 19:34:09 +0000 (UTC) Received: from pdp-11.redhat.com (unknown [10.22.33.92]) by smtp.corp.redhat.com (Postfix) with ESMTP id 46EA11C060B1 for ; Fri, 1 Dec 2023 19:34:09 +0000 (UTC) From: Marek Polacek To: GCC Patches Subject: [PATCH] gcc: Disallow trampolines when -fhardened Date: Fri, 1 Dec 2023 14:33:59 -0500 Message-ID: <20231201193359.108618-1-polacek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Bootstrapped/regtested on x86_64-pc-linux-gnu, ok for trunk? -- >8 -- It came up that a good hardening strategy is to disable trampolines which may require executable stack. Therefore the following patch adds -Werror=trampolines to -fhardened. gcc/ChangeLog: * common.opt (Wtrampolines): Enable by -fhardened. * doc/invoke.texi: Reflect that -fhardened enables -Werror=trampolines. * opts.cc (print_help_hardened): Add -Werror=trampolines. * toplev.cc (process_options): Enable -Werror=trampolines for -fhardened. gcc/testsuite/ChangeLog: * gcc.dg/fhardened-1.c: New test. * gcc.dg/fhardened-2.c: New test. * gcc.dg/fhardened-3.c: New test. * gcc.dg/fhardened-4.c: New test. * gcc.dg/fhardened-5.c: New test. --- gcc/common.opt | 2 +- gcc/doc/invoke.texi | 1 + gcc/opts.cc | 1 + gcc/testsuite/gcc.dg/fhardened-1.c | 27 +++++++++++++++++++++++++++ gcc/testsuite/gcc.dg/fhardened-2.c | 25 +++++++++++++++++++++++++ gcc/testsuite/gcc.dg/fhardened-3.c | 25 +++++++++++++++++++++++++ gcc/testsuite/gcc.dg/fhardened-4.c | 25 +++++++++++++++++++++++++ gcc/testsuite/gcc.dg/fhardened-5.c | 27 +++++++++++++++++++++++++++ gcc/toplev.cc | 8 +++++++- 9 files changed, 139 insertions(+), 2 deletions(-) create mode 100644 gcc/testsuite/gcc.dg/fhardened-1.c create mode 100644 gcc/testsuite/gcc.dg/fhardened-2.c create mode 100644 gcc/testsuite/gcc.dg/fhardened-3.c create mode 100644 gcc/testsuite/gcc.dg/fhardened-4.c create mode 100644 gcc/testsuite/gcc.dg/fhardened-5.c diff --git a/gcc/common.opt b/gcc/common.opt index 161a035d736..9b09c7cb3df 100644 --- a/gcc/common.opt +++ b/gcc/common.opt @@ -807,7 +807,7 @@ Common Var(warn_system_headers) Warning Do not suppress warnings from system headers. Wtrampolines -Common Var(warn_trampolines) Warning +Common Var(warn_trampolines) Warning EnabledBy(fhardened) Warn whenever a trampoline is generated. Wtrivial-auto-var-init diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 2fab4c5d71f..c1664a1a0f1 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -17745,6 +17745,7 @@ may change between major releases of GCC, but are currently: -fstack-protector-strong -fstack-clash-protection -fcf-protection=full @r{(x86 GNU/Linux only)} +-Werror=trampolines } The list of options enabled by @option{-fhardened} can be generated using diff --git a/gcc/opts.cc b/gcc/opts.cc index 5d5efaf1b9e..aa062b87cef 100644 --- a/gcc/opts.cc +++ b/gcc/opts.cc @@ -2517,6 +2517,7 @@ print_help_hardened () printf (" %s\n", "-fstack-protector-strong"); printf (" %s\n", "-fstack-clash-protection"); printf (" %s\n", "-fcf-protection=full"); + printf (" %s\n", "-Werror=trampolines"); putchar ('\n'); } diff --git a/gcc/testsuite/gcc.dg/fhardened-1.c b/gcc/testsuite/gcc.dg/fhardened-1.c new file mode 100644 index 00000000000..8710959b6f1 --- /dev/null +++ b/gcc/testsuite/gcc.dg/fhardened-1.c @@ -0,0 +1,27 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target trampolines } */ +/* { dg-options "-fhardened -O" } */ + +static void +baz (int (*bar) (void)) +{ + bar (); +} + +int +main (void) +{ + int a = 6; + + int + bar (void) // { dg-error "trampoline" } + { + return a; + } + + baz (bar); + + return 0; +} + +/* { dg-prune-output "some warnings being treated as errors" } */ diff --git a/gcc/testsuite/gcc.dg/fhardened-2.c b/gcc/testsuite/gcc.dg/fhardened-2.c new file mode 100644 index 00000000000..d47512aa47f --- /dev/null +++ b/gcc/testsuite/gcc.dg/fhardened-2.c @@ -0,0 +1,25 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target trampolines } */ +/* { dg-options "-fhardened -O -Wno-trampolines" } */ + +static void +baz (int (*bar) (void)) +{ + bar (); +} + +int +main (void) +{ + int a = 6; + + int + bar (void) // { dg-bogus "trampoline" } + { + return a; + } + + baz (bar); + + return 0; +} diff --git a/gcc/testsuite/gcc.dg/fhardened-3.c b/gcc/testsuite/gcc.dg/fhardened-3.c new file mode 100644 index 00000000000..cebae13d8be --- /dev/null +++ b/gcc/testsuite/gcc.dg/fhardened-3.c @@ -0,0 +1,25 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target trampolines } */ +/* { dg-options "-fhardened -O -Wno-error" } */ + +static void +baz (int (*bar) (void)) +{ + bar (); +} + +int +main (void) +{ + int a = 6; + + int + bar (void) // { dg-warning "trampoline" } + { + return a; + } + + baz (bar); + + return 0; +} diff --git a/gcc/testsuite/gcc.dg/fhardened-4.c b/gcc/testsuite/gcc.dg/fhardened-4.c new file mode 100644 index 00000000000..7e62ed3385d --- /dev/null +++ b/gcc/testsuite/gcc.dg/fhardened-4.c @@ -0,0 +1,25 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target trampolines } */ +/* { dg-options "-fhardened -O -Wno-error=trampolines" } */ + +static void +baz (int (*bar) (void)) +{ + bar (); +} + +int +main (void) +{ + int a = 6; + + int + bar (void) // { dg-warning "trampoline" } + { + return a; + } + + baz (bar); + + return 0; +} diff --git a/gcc/testsuite/gcc.dg/fhardened-5.c b/gcc/testsuite/gcc.dg/fhardened-5.c new file mode 100644 index 00000000000..5d3f0dcae8e --- /dev/null +++ b/gcc/testsuite/gcc.dg/fhardened-5.c @@ -0,0 +1,27 @@ +/* { dg-do compile { target *-*-linux* *-*-gnu* } } */ +/* { dg-require-effective-target trampolines } */ +/* { dg-options "-fhardened -O -Wtrampolines" } */ + +static void +baz (int (*bar) (void)) +{ + bar (); +} + +int +main (void) +{ + int a = 6; + + int + bar (void) // { dg-error "trampoline" } + { + return a; + } + + baz (bar); + + return 0; +} + +/* { dg-prune-output "some warnings being treated as errors" } */ diff --git a/gcc/toplev.cc b/gcc/toplev.cc index 85450d97a1a..2f0ac74dee0 100644 --- a/gcc/toplev.cc +++ b/gcc/toplev.cc @@ -1682,7 +1682,7 @@ process_options () flag_ipa_ra = 0; /* Enable -Werror=coverage-mismatch when -Werror and -Wno-error - have not been set. */ + have not been set. Also enable -Werror=trampolines for -fhardened. */ if (!OPTION_SET_P (warnings_are_errors)) { if (warn_coverage_mismatch @@ -1693,6 +1693,12 @@ process_options () && option_unspecified_p (OPT_Wcoverage_invalid_line_number)) diagnostic_classify_diagnostic (global_dc, OPT_Wcoverage_invalid_line_number, DK_ERROR, UNKNOWN_LOCATION); + + if (flag_hardened + && warn_trampolines + && option_unspecified_p (OPT_Wtrampolines)) + diagnostic_classify_diagnostic (global_dc, OPT_Wtrampolines, + DK_ERROR, UNKNOWN_LOCATION); } /* Save the current optimization options. */ base-commit: b8edb812ff4934c609fdfafe2e1c7f932bc18305 -- 2.42.0