From: Andrea Corallo <andrea.corallo@arm.com>
To: Andrea Corallo via Gcc-patches <gcc-patches@gcc.gnu.org>
Cc: Richard Earnshaw <Richard.Earnshaw@arm.com>, nd <nd@arm.com>
Subject: [PATCH 3/15] arm: Add option -mbranch-protection
Date: Fri, 12 Aug 2022 17:21:00 +0200 [thread overview]
Message-ID: <gkr7d3dcwtf.fsf@arm.com> (raw)
In-Reply-To: <gkrk07dczbq.fsf@arm.com> (Andrea Corallo via Gcc-patches's message of "Fri, 12 Aug 2022 16:26:49 +0200")
[-- Attachment #1: Type: text/plain, Size: 631 bytes --]
Hi all,
this adds -mbranch-protection option. This option enables the
code-generation of pointer signing and authentication instructions in
function prologues and epilogues.
gcc/ChangeLog:
* config/arm/arm.c (arm_configure_build_target): Parse and validate
-mbranch-protection option and initialize appropriate data structures.
* config/arm/arm.opt (-mbranch-protection): New option.
* doc/invoke.texi (Arm Options): Document it.
Co-Authored-By: Tejas Belagod <tbelagod@arm.com>
Co-Authored-By: Richard Earnshaw <Richard.Earnshaw@arm.com>
Approved here <https://gcc.gnu.org/pipermail/gcc-patches/2022-July/597756.html>
[-- Attachment #2: 3-15.patch --]
[-- Type: text/plain, Size: 3690 bytes --]
diff --git a/gcc/config/arm/arm.cc b/gcc/config/arm/arm.cc
index 60f3eae82a4..0068817b0f2 100644
--- a/gcc/config/arm/arm.cc
+++ b/gcc/config/arm/arm.cc
@@ -3263,6 +3263,17 @@ arm_configure_build_target (struct arm_build_target *target,
tune_opts = strchr (opts->x_arm_tune_string, '+');
}
+ if (opts->x_arm_branch_protection_string)
+ {
+ aarch_validate_mbranch_protection (opts->x_arm_branch_protection_string);
+
+ if (aarch_ra_sign_key != AARCH_KEY_A)
+ {
+ warning (0, "invalid key type for %<-mbranch-protection=%>");
+ aarch_ra_sign_key = AARCH_KEY_A;
+ }
+ }
+
if (arm_selected_arch)
{
arm_initialize_isa (target->isa, arm_selected_arch->common.isa_bits);
diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
index f54ec8356c3..d292e23ea11 100644
--- a/gcc/config/arm/arm.opt
+++ b/gcc/config/arm/arm.opt
@@ -323,6 +323,10 @@ mbranch-cost=
Target RejectNegative Joined UInteger Var(arm_branch_cost) Init(-1)
Cost to assume for a branch insn.
+mbranch-protection=
+Target RejectNegative Joined Var(arm_branch_protection_string) Save
+Use branch-protection features.
+
mgeneral-regs-only
Target RejectNegative Mask(GENERAL_REGS_ONLY) Save
Generate code which uses the core registers only (r0-r14).
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 079e34ed98c..a2be3446594 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -825,7 +825,9 @@ Objective-C and Objective-C++ Dialects}.
-mcmse @gol
-mfix-cmse-cve-2021-35465 @gol
-mstack-protector-guard=@var{guard} -mstack-protector-guard-offset=@var{offset} @gol
--mfdpic}
+-mfdpic @gol
+-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}]
+[+@var{bti}]|@var{bti}[+@var{pac-ret}[+@var{leaf}]]}
@emph{AVR Options}
@gccoptlist{-mmcu=@var{mcu} -mabsdata -maccumulate-args @gol
@@ -21521,6 +21523,40 @@ The opposite @option{-mno-fdpic} option is useful (and required) to
build the Linux kernel using the same (@code{arm-*-uclinuxfdpiceabi})
toolchain as the one used to build the userland programs.
+@item
+-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}][+@var{bti}]|@var{bti}[+@var{pac-ret}[+@var{leaf}]]
+@opindex mbranch-protection
+Enable branch protection features (armv8.1-m.main only).
+@samp{none} generate code without branch protection or return address
+signing.
+@samp{standard[+@var{leaf}]} generate code with all branch protection
+features enabled at their standard level.
+@samp{pac-ret[+@var{leaf}]} generate code with return address signing
+set to its standard level, which is to sign all functions that save
+the return address to memory.
+@samp{leaf} When return address signing is enabled, also sign leaf
+functions even if they do not write the return address to memory.
++@samp{bti} Add landing-pad instructions at the permitted targets of
+indirect branch instructions.
+
+If the @samp{+pacbti} architecture extension is not enabled, then all
+branch protection and return address signing operations are
+constrained to use only the instructions defined in the
+architectural-NOP space. The generated code will remain
+backwards-compatible with earlier versions of the architecture, but
+the additional security can be enabled at run time on processors that
+support the @samp{PACBTI} extension.
+
+Branch target enforcement using BTI can only be enabled at runtime if
+all code in the application has been compiled with at least
+@samp{-mbranch-protection=bti}.
+
+Any setting other than @samp{none} is supported only on armv8-m.main
+or later.
+
+The default is to generate code without branch protection or return
+address signing.
+
@end table
@node AVR Options
next prev parent reply other threads:[~2022-08-12 15:21 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-12 14:26 [PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-08-12 15:14 ` [PATCH 1/15] arm: Make mbranch-protection opts parsing common to AArch32/64 Andrea Corallo
2022-12-22 17:04 ` [PATCH 1/15 V2] " Andrea Corallo
2023-01-11 10:48 ` Richard Earnshaw
2022-08-12 15:15 ` [PATCH 2/15] arm: Add Armv8.1-M Mainline target feature +pacbti Andrea Corallo
2022-08-12 15:21 ` Andrea Corallo [this message]
2022-08-12 15:22 ` [PATCH 4/15] arm: Add testsuite library support for PACBTI target Andrea Corallo
2022-08-12 15:26 ` [PATCH 5/15] arm: Implement target feature macros for PACBTI Andrea Corallo
2022-08-12 15:29 ` [PATCH 6/15] arm: Add pointer authentication for stack-unwinding runtime Andrea Corallo
2022-08-12 15:30 ` [PATCH 7/15] arm: Emit build attributes for PACBTI target feature Andrea Corallo
2022-09-05 16:53 ` Andrea Corallo
2022-10-20 14:47 ` Kyrylo Tkachov
2022-10-20 15:15 ` Richard Earnshaw
2022-10-21 12:19 ` Richard Earnshaw
2022-08-12 15:33 ` [PATCH 8/15] arm: Introduce multilibs " Andrea Corallo
2022-08-12 15:34 ` [PATCH 9/15] arm: Set again stack pointer as CFA reg when popping if necessary Andrea Corallo
2022-09-05 16:52 ` Andrea Corallo
2022-09-27 9:03 ` Kyrylo Tkachov
2022-09-27 10:05 ` Andrea Corallo
2022-09-27 15:24 ` Kyrylo Tkachov
2022-10-21 12:30 ` Richard Earnshaw
2022-10-26 8:49 ` Andrea Corallo
2022-11-08 14:57 ` Richard Earnshaw
2023-01-09 14:58 ` Andrea Corallo
2023-01-09 15:57 ` Richard Earnshaw
2023-01-09 16:48 ` Richard Earnshaw
2023-01-09 17:22 ` Richard Earnshaw
2023-01-11 9:55 ` Andrea Corallo
2022-08-12 15:36 ` [PATCH 10/15] arm: Implement cortex-M return signing address codegen Andrea Corallo
2022-09-05 16:55 ` Andrea Corallo
2022-09-14 14:20 ` [PATCH 10/15 V2] " Andrea Corallo
2022-10-21 12:58 ` Richard Earnshaw
2022-10-26 15:48 ` Andrea Corallo
2022-10-28 16:34 ` [PATCH 10/15 V3] " Andrea Corallo
2022-11-07 8:57 ` [PATCH 10/15 V4] " Andrea Corallo
2022-12-05 16:38 ` Richard Earnshaw
2022-12-09 14:16 ` [PATCH 10/15 V5] " Andrea Corallo
2022-12-12 10:53 ` Richard Earnshaw
2022-12-14 16:35 ` [PATCH 10/15 V6] " Andrea Corallo
2022-12-14 16:45 ` Richard Earnshaw
2023-01-11 9:58 ` [PATCH 10/15 V7] " Andrea Corallo
2023-01-11 10:39 ` Richard Earnshaw
2022-08-12 15:40 ` [PATCH 11/15] aarch64: Make bti pass generic so it can be used by the arm backend Andrea Corallo
2022-09-05 16:56 ` Andrea Corallo
2022-09-27 9:10 ` Kyrylo Tkachov
2022-08-12 15:41 ` [PATCH 12/15] arm: implement bti injection Andrea Corallo
2022-09-05 16:56 ` Andrea Corallo
2022-09-27 9:18 ` Kyrylo Tkachov
2022-09-29 15:45 ` [PATCH 12/15 V2] " Andrea Corallo
2022-10-20 14:56 ` Kyrylo Tkachov
2022-10-28 16:40 ` [PATCH 12/15 V3] " Andrea Corallo
2022-12-05 17:02 ` Richard Earnshaw
2022-12-14 16:40 ` [PATCH 12/15 V4] " Andrea Corallo
2022-12-14 17:00 ` Richard Earnshaw
2022-12-14 17:03 ` Richard Earnshaw
2022-12-22 17:13 ` [PATCH 12/15 V5] " Andrea Corallo
2023-01-11 15:08 ` Richard Earnshaw
2022-08-12 16:44 ` [PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-08-12 17:10 ` [PATCH 13/15] arm: Add pacbti related multilib support for armv8.1-m.main Srinath Parvathaneni
2022-10-21 13:00 ` Richard Earnshaw
2022-09-21 8:07 ` [PING][PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-10-21 13:01 ` Richard Earnshaw
2022-10-21 13:32 ` Andrea Corallo
2022-12-05 14:10 ` Andrea Corallo
2022-12-05 14:19 ` Kyrylo Tkachov
2023-01-23 10:50 ` [PATCH " Andrea Corallo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gkr7d3dcwtf.fsf@arm.com \
--to=andrea.corallo@arm.com \
--cc=Richard.Earnshaw@arm.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=nd@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).