Re: [PATCH V2] Provide -fcf-protection=branch,return.

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

From: Hongtao Liu <crazylht@gmail.com>
To: liuhongt <hongtao.liu@intel.com>
Cc: gcc-patches@gcc.gnu.org, hjl.tools@gmail.com
Subject: Re: [PATCH V2] Provide -fcf-protection=branch,return.
Date: Mon, 22 May 2023 16:08:26 +0800	[thread overview]
Message-ID: <CAMZc-bzj0N0YgWbwC0=WwP4ky+XVX1ZfF1uoUtFctFqUjEHBBQ@mail.gmail.com> (raw)
In-Reply-To: <20230513092042.3927038-1-hongtao.liu@intel.com>

ping.

On Sat, May 13, 2023 at 5:20 PM liuhongt <hongtao.liu@intel.com> wrote:
>
> > I think this could be simplified if you use either EnumSet or
> > EnumBitSet instead in common.opt for `-fcf-protection=`.
>
> Use EnumSet instead of EnumBitSet since CF_FULL is not power of 2.
> It is a bit tricky for sets classification, cf_branch and cf_return
> should be in different sets, but they both "conflicts" cf_full,
> cf_none. And current EnumSet don't handle this well.
>
> So in the current implementation, only cf_full,cf_none are exclusive
> to each other, but they can be combined with any cf_branch, cf_return,
> cf_check. It's not perfect, but still an improvement than original
> one.
>
> gcc/ChangeLog:
>
>         * common.opt: (fcf-protection=): Add EnumSet attribute to
>         support combination of params.
>
> gcc/testsuite/ChangeLog:
>
>         * c-c++-common/fcf-protection-10.c: New test.
>         * c-c++-common/fcf-protection-11.c: New test.
>         * c-c++-common/fcf-protection-12.c: New test.
>         * c-c++-common/fcf-protection-8.c: New test.
>         * c-c++-common/fcf-protection-9.c: New test.
>         * gcc.target/i386/pr89701-1.c: New test.
>         * gcc.target/i386/pr89701-2.c: New test.
>         * gcc.target/i386/pr89701-3.c: New test.
> ---
>  gcc/common.opt                                 | 12 ++++++------
>  gcc/testsuite/c-c++-common/fcf-protection-10.c |  2 ++
>  gcc/testsuite/c-c++-common/fcf-protection-11.c |  2 ++
>  gcc/testsuite/c-c++-common/fcf-protection-12.c |  2 ++
>  gcc/testsuite/c-c++-common/fcf-protection-8.c  |  2 ++
>  gcc/testsuite/c-c++-common/fcf-protection-9.c  |  2 ++
>  gcc/testsuite/gcc.target/i386/pr89701-1.c      |  4 ++++
>  gcc/testsuite/gcc.target/i386/pr89701-2.c      |  4 ++++
>  gcc/testsuite/gcc.target/i386/pr89701-3.c      |  4 ++++
>  9 files changed, 28 insertions(+), 6 deletions(-)
>  create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-10.c
>  create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-11.c
>  create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-12.c
>  create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-8.c
>  create mode 100644 gcc/testsuite/c-c++-common/fcf-protection-9.c
>  create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-1.c
>  create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-2.c
>  create mode 100644 gcc/testsuite/gcc.target/i386/pr89701-3.c
>
> diff --git a/gcc/common.opt b/gcc/common.opt
> index a28ca13385a..02f2472959a 100644
> --- a/gcc/common.opt
> +++ b/gcc/common.opt
> @@ -1886,7 +1886,7 @@ fcf-protection
>  Common RejectNegative Alias(fcf-protection=,full)
>
>  fcf-protection=
> -Common Joined RejectNegative Enum(cf_protection_level) Var(flag_cf_protection) Init(CF_NONE)
> +Common Joined RejectNegative Enum(cf_protection_level) EnumSet Var(flag_cf_protection) Init(CF_NONE)
>  -fcf-protection=[full|branch|return|none|check]        Instrument functions with checks to verify jump/call/return control-flow transfer
>  instructions have valid targets.
>
> @@ -1894,19 +1894,19 @@ Enum
>  Name(cf_protection_level) Type(enum cf_protection_level) UnknownError(unknown Control-Flow Protection Level %qs)
>
>  EnumValue
> -Enum(cf_protection_level) String(full) Value(CF_FULL)
> +Enum(cf_protection_level) String(full) Value(CF_FULL) Set(1)
>
>  EnumValue
> -Enum(cf_protection_level) String(branch) Value(CF_BRANCH)
> +Enum(cf_protection_level) String(branch) Value(CF_BRANCH) Set(2)
>
>  EnumValue
> -Enum(cf_protection_level) String(return) Value(CF_RETURN)
> +Enum(cf_protection_level) String(return) Value(CF_RETURN) Set(3)
>
>  EnumValue
> -Enum(cf_protection_level) String(check) Value(CF_CHECK)
> +Enum(cf_protection_level) String(check) Value(CF_CHECK) Set(4)
>
>  EnumValue
> -Enum(cf_protection_level) String(none) Value(CF_NONE)
> +Enum(cf_protection_level) String(none) Value(CF_NONE) Set(1)
>
>  finstrument-functions
>  Common Var(flag_instrument_function_entry_exit,1)
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-10.c b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> new file mode 100644
> index 00000000000..b271d134e52
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-10.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,check" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-11.c b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> new file mode 100644
> index 00000000000..2e566350ccd
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-11.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,return" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-12.c b/gcc/testsuite/c-c++-common/fcf-protection-12.c
> new file mode 100644
> index 00000000000..b39c2f8e25d
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-12.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=return,branch" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-8.c b/gcc/testsuite/c-c++-common/fcf-protection-8.c
> new file mode 100644
> index 00000000000..3b97095a92c
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-8.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,none" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-9.c b/gcc/testsuite/c-c++-common/fcf-protection-9.c
> new file mode 100644
> index 00000000000..6a37e749fcb
> --- /dev/null
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-9.c
> @@ -0,0 +1,2 @@
> +/* { dg-do compile { target { "i?86-*-* x86_64-*-*" } } } */
> +/* { dg-options "-fcf-protection=branch,full" } */
> diff --git a/gcc/testsuite/gcc.target/i386/pr89701-1.c b/gcc/testsuite/gcc.target/i386/pr89701-1.c
> new file mode 100644
> index 00000000000..1879c9ab4d8
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/pr89701-1.c
> @@ -0,0 +1,4 @@
> +/* { dg-do compile { target *-*-linux* } } */
> +/* { dg-options "-fcf-protection=branch,return" } */
> +/* { dg-final { scan-assembler-times ".note.gnu.property" 1 } } */
> +/* { dg-final { scan-assembler-times ".long    0x3" 1 } } */
> diff --git a/gcc/testsuite/gcc.target/i386/pr89701-2.c b/gcc/testsuite/gcc.target/i386/pr89701-2.c
> new file mode 100644
> index 00000000000..d5100575028
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/pr89701-2.c
> @@ -0,0 +1,4 @@
> +/* { dg-do compile { target *-*-linux* } } */
> +/* { dg-options "-fcf-protection=return,branch" } */
> +/* { dg-final { scan-assembler-times ".note.gnu.property" 1 } } */
> +/* { dg-final { scan-assembler-times ".long    0x3" 1 } } */
> diff --git a/gcc/testsuite/gcc.target/i386/pr89701-3.c b/gcc/testsuite/gcc.target/i386/pr89701-3.c
> new file mode 100644
> index 00000000000..88afb546fbf
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/pr89701-3.c
> @@ -0,0 +1,4 @@
> +/* { dg-do compile { target *-*-linux* } } */
> +/* { dg-options "-fcf-protection=return,none" } */
> +/* { dg-final { scan-assembler-times ".note.gnu.property" 1 } } */
> +/* { dg-final { scan-assembler-times ".long    0x2" 1 } } */
> --
> 2.39.1.388.g2fc9e9ca3c
>


-- 
BR,
Hongtao

next prev parent reply	other threads:[~2023-05-22  8:08 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-12  5:42 [PATCH] " liuhongt
2023-05-12  5:49 ` Andrew Pinski
2023-05-12  6:21   ` Hongtao Liu
2023-05-13  9:20     ` [PATCH V2] " liuhongt
2023-05-22  8:08       ` Hongtao Liu [this message]
2023-07-12  7:27         ` Hongtao Liu
2023-07-19  8:37           ` Hongtao Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAMZc-bzj0N0YgWbwC0=WwP4ky+XVX1ZfF1uoUtFctFqUjEHBBQ@mail.gmail.com' \
    --to=crazylht@gmail.com \
    --cc=gcc-patches@gcc.gnu.org \
    --cc=hjl.tools@gmail.com \
    --cc=hongtao.liu@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).