From: Andrea Corallo <andrea.corallo@arm.com>
To: Richard Earnshaw <Richard.Earnshaw@foss.arm.com>
Cc: Kyrylo Tkachov <Kyrylo.Tkachov@arm.com>,
Richard Earnshaw <Richard.Earnshaw@arm.com>, nd <nd@arm.com>,
Andrea Corallo via Gcc-patches <gcc-patches@gcc.gnu.org>
Subject: [PATCH 12/15 V4] arm: implement bti injection
Date: Wed, 14 Dec 2022 17:40:33 +0100 [thread overview]
Message-ID: <gkrsfhirla6.fsf_-_@arm.com> (raw)
In-Reply-To: <30990d91-0c32-a3b0-7954-846bf1eddc8d@foss.arm.com> (Richard Earnshaw's message of "Mon, 5 Dec 2022 17:02:25 +0000")
[-- Attachment #1: Type: text/plain, Size: 2535 bytes --]
Hi Richard,
thanks for reviewing.
Richard Earnshaw <Richard.Earnshaw@foss.arm.com> writes:
> On 28/10/2022 17:40, Andrea Corallo via Gcc-patches wrote:
>> Hi all,
>> please find attached the third iteration of this patch addresing
>> review
>> comments.
>> Thanks
>> Andrea
>>
>
> @@ -23374,12 +23374,6 @@ output_probe_stack_range (rtx reg1, rtx reg2)
> return "";
> }
>
> -static bool
> -aarch_bti_enabled ()
> -{
> - return false;
> -}
> -
> /* Generate the prologue instructions for entry into an ARM or Thumb-2
> function. */
> void
> @@ -32992,6 +32986,61 @@ arm_current_function_pac_enabled_p (void)
> && !crtl->is_leaf));
> }
>
> +/* Return TRUE if Branch Target Identification Mechanism is enabled. */
> +bool
> +aarch_bti_enabled (void)
> +{
> + return aarch_enable_bti == 1;
> +}
>
> See comment in earlier patch about the location of this function
> moving. Can aarch_enable_bti take values other than 0 and 1?
Yes default is 2.
[...]
> + return GET_CODE (pat) == UNSPEC_VOLATILE && XINT (pat, 1) ==
> UNSPEC_BTI_NOP;
>
> I'm not sure where this crept in, but UNSPEC and UNSPEC_VOLATILE have
> separate enums in the backend, so UNSPEC_BIT_NOP should really be
> VUNSPEC_BTI_NOP and defined in the enum "unspecv".
Done
> +aarch_pac_insn_p (rtx x)
> +{
> + if (!x || !INSN_P (x))
> + return false;
> +
> + rtx pat = PATTERN (x);
> +
> + if (GET_CODE (pat) == SET)
> + {
> + rtx tmp = XEXP (pat, 1);
> + if (tmp
> + && GET_CODE (tmp) == UNSPEC
> + && (XINT (tmp, 1) == UNSPEC_PAC_NOP
> + || XINT (tmp, 1) == UNSPEC_PACBTI_NOP))
> + return true;
> + }
> +
>
> This will also need updating (see review on earlier patch) because
> PACBTI needs to be unspec_volatile, while PAC doesn't.
Done
> +/* The following two functions are for code compatibility with aarch64
> + code, this even if in arm we have only one bti instruction. */
> +
>
> I'd just write
> /* Target specific mapping for aarch_gen_bti_c and
> aarch_gen_bti_j. For Arm, both of these map to a simple BTI
> instruction. */
Done
>
> @@ -162,6 +162,7 @@ (define_c_enum "unspec" [
> UNSPEC_PAC_NOP ; Represents PAC signing LR
> UNSPEC_PACBTI_NOP ; Represents PAC signing LR + valid landing pad
> UNSPEC_AUT_NOP ; Represents PAC verifying LR
> + UNSPEC_BTI_NOP ; Represent BTI
> ])
>
> BTI is an unspec volatile, so this should be in the "vunspec" enum and
> renamed accordingly (see above).
Done.
Please find attached the updated version of this patch.
BR
Andrea
[-- Attachment #2: 0001-PATCH-12-15-arm-implement-bti-injection.patch --]
[-- Type: text/plain, Size: 9700 bytes --]
From 5823333b5e4e4fe089f6865cc3e0360afd1ff168 Mon Sep 17 00:00:00 2001
From: Andrea Corallo <andrea.corallo@arm.com>
Date: Thu, 7 Apr 2022 11:51:56 +0200
Subject: [PATCH] [PATCH 12/15] arm: implement bti injection
Hi all,
this patch enables Branch Target Identification Armv8.1-M Mechanism
[1].
This is achieved by using the bti pass made common with Aarch64.
The pass iterates through the instructions and adds the necessary BTI
instructions at the beginning of every function and at every landing
pads targeted by indirect jumps.
Best Regards
Andrea
[1]
<https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/armv8-1-m-pointer-authentication-and-branch-target-identification-extension>
gcc/ChangeLog
2022-04-07 Andrea Corallo <andrea.corallo@arm.com>
* config.gcc (arm*-*-*): Add 'aarch-bti-insert.o' object.
* config/arm/arm-protos.h: Update.
* config/arm/arm.cc (aarch_bti_enabled) Update.
(aarch_bti_j_insn_p, aarch_pac_insn_p, aarch_gen_bti_c)
(aarch_gen_bti_j): New functions.
* config/arm/arm.md (bti_nop): New insn.
* config/arm/t-arm (PASSES_EXTRA): Add 'arm-passes.def'.
(aarch-bti-insert.o): New target.
* config/arm/unspecs.md (VUNSPEC_BTI_NOP): New unspec.
* config/arm/aarch-bti-insert.cc (rest_of_insert_bti): Verify arch
compatibility.
* config/arm/arm-passes.def: New file.
gcc/testsuite/ChangeLog
2022-04-07 Andrea Corallo <andrea.corallo@arm.com>
* gcc.target/arm/bti-1.c: New testcase.
* gcc.target/arm/bti-2.c: Likewise.
---
gcc/config.gcc | 2 +-
gcc/config/arm/arm-passes.def | 21 ++++++++++
gcc/config/arm/arm-protos.h | 2 +
gcc/config/arm/arm.cc | 53 ++++++++++++++++++++++++-
gcc/config/arm/arm.md | 7 ++++
gcc/config/arm/t-arm | 10 +++++
gcc/config/arm/unspecs.md | 1 +
gcc/testsuite/gcc.target/arm/bti-1.c | 12 ++++++
gcc/testsuite/gcc.target/arm/bti-2.c | 58 ++++++++++++++++++++++++++++
9 files changed, 163 insertions(+), 3 deletions(-)
create mode 100644 gcc/config/arm/arm-passes.def
create mode 100644 gcc/testsuite/gcc.target/arm/bti-1.c
create mode 100644 gcc/testsuite/gcc.target/arm/bti-2.c
diff --git a/gcc/config.gcc b/gcc/config.gcc
index 86abcd26185..f578b88dd49 100644
--- a/gcc/config.gcc
+++ b/gcc/config.gcc
@@ -351,7 +351,7 @@ arc*-*-*)
;;
arm*-*-*)
cpu_type=arm
- extra_objs="arm-builtins.o arm-mve-builtins.o aarch-common.o"
+ extra_objs="arm-builtins.o arm-mve-builtins.o aarch-common.o aarch-bti-insert.o"
extra_headers="mmintrin.h arm_neon.h arm_acle.h arm_fp16.h arm_cmse.h arm_bf16.h arm_mve_types.h arm_mve.h arm_cde.h"
target_type_format_char='%'
c_target_objs="arm-c.o"
diff --git a/gcc/config/arm/arm-passes.def b/gcc/config/arm/arm-passes.def
new file mode 100644
index 00000000000..71d6b563640
--- /dev/null
+++ b/gcc/config/arm/arm-passes.def
@@ -0,0 +1,21 @@
+/* Arm-specific passes declarations.
+ Copyright (C) 2022 Free Software Foundation, Inc.
+ Contributed by Arm Ltd.
+
+ This file is part of GCC.
+
+ GCC is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3, or (at your option)
+ any later version.
+
+ GCC is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GCC; see the file COPYING3. If not see
+ <http://www.gnu.org/licenses/>. */
+
+INSERT_PASS_BEFORE (pass_shorten_branches, 1, pass_insert_bti);
diff --git a/gcc/config/arm/arm-protos.h b/gcc/config/arm/arm-protos.h
index d97a1c3bf56..61c2bb7b526 100644
--- a/gcc/config/arm/arm-protos.h
+++ b/gcc/config/arm/arm-protos.h
@@ -24,6 +24,8 @@
#include "sbitmap.h"
+rtl_opt_pass *make_pass_insert_bti (gcc::context *ctxt);
+
extern enum unwind_info_type arm_except_unwind_info (struct gcc_options *);
extern int use_return_insn (int, rtx);
extern bool use_simple_return_p (void);
diff --git a/gcc/config/arm/arm.cc b/gcc/config/arm/arm.cc
index 4af809373e4..e6ee9f433aa 100644
--- a/gcc/config/arm/arm.cc
+++ b/gcc/config/arm/arm.cc
@@ -33109,12 +33109,61 @@ arm_current_function_pac_enabled_p (void)
}
/* Return TRUE if Branch Target Identification Mechanism is enabled. */
-static bool
-aarch_bti_enabled ()
+bool
+aarch_bti_enabled (void)
+{
+ return aarch_enable_bti == 1;
+}
+
+/* Check if INSN is a BTI J insn. */
+bool
+aarch_bti_j_insn_p (rtx_insn *insn)
{
+ if (!insn || !INSN_P (insn))
+ return false;
+
+ rtx pat = PATTERN (insn);
+ return GET_CODE (pat) == UNSPEC_VOLATILE && XINT (pat, 1) == VUNSPEC_BTI_NOP;
+}
+
+/* Check if X (or any sub-rtx of X) is a PACIASP/PACIBSP instruction. */
+bool
+aarch_pac_insn_p (rtx x)
+{
+ if (!x || !INSN_P (x))
+ return false;
+
+ rtx pat = PATTERN (x);
+
+ if (GET_CODE (pat) == SET)
+ {
+ rtx tmp = XEXP (pat, 1);
+ if (tmp
+ && ((GET_CODE (tmp) == UNSPEC
+ && XINT (tmp, 1) == UNSPEC_PAC_NOP)
+ || (GET_CODE (tmp) == UNSPEC_VOLATILE
+ && XINT (tmp, 1) == VUNSPEC_PACBTI_NOP)))
+ return true;
+ }
+
return false;
}
+ /* Target specific mapping for aarch_gen_bti_c and aarch_gen_bti_j.
+ For Arm, both of these map to a simple BTI instruction. */
+
+rtx
+aarch_gen_bti_c (void)
+{
+ return gen_bti_nop ();
+}
+
+rtx
+aarch_gen_bti_j (void)
+{
+ return gen_bti_nop ();
+}
+
/* Implement TARGET_SCHED_CAN_SPECULATE_INSN. Return true if INSN can be
scheduled for speculative execution. Reject the long-running division
and square-root instructions. */
diff --git a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md
index c7a20e94139..35c6be22eb1 100644
--- a/gcc/config/arm/arm.md
+++ b/gcc/config/arm/arm.md
@@ -13001,6 +13001,13 @@ (define_insn "aut_nop"
"aut\t%|ip, %|lr, %|sp"
[(set_attr "conds" "unconditional")])
+(define_insn "bti_nop"
+ [(unspec_volatile [(const_int 0)] VUNSPEC_BTI_NOP)]
+ "arm_arch8m_main"
+ "bti"
+ [(set_attr "conds" "unconditional")
+ (set_attr "type" "nop")])
+
;; Vector bits common to IWMMXT, Neon and MVE
(include "vec-common.md")
;; Load the Intel Wireless Multimedia Extension patterns
diff --git a/gcc/config/arm/t-arm b/gcc/config/arm/t-arm
index 041cc6ec045..683342cb528 100644
--- a/gcc/config/arm/t-arm
+++ b/gcc/config/arm/t-arm
@@ -175,3 +175,13 @@ arm-d.o: $(srcdir)/config/arm/arm-d.cc
arm-common.o: arm-cpu-cdata.h
driver-arm.o: arm-native.h
+
+PASSES_EXTRA += $(srcdir)/config/arm/arm-passes.def
+
+aarch-bti-insert.o: $(srcdir)/config/arm/aarch-bti-insert.cc \
+ $(CONFIG_H) $(SYSTEM_H) $(TM_H) $(REGS_H) insn-config.h $(RTL_BASE_H) \
+ dominance.h cfg.h cfganal.h $(BASIC_BLOCK_H) $(INSN_ATTR_H) $(RECOG_H) \
+ output.h hash-map.h $(DF_H) $(OBSTACK_H) $(TARGET_H) $(RTL_H) \
+ $(CONTEXT_H) $(TREE_PASS_H) regrename.h
+ $(COMPILER) -c $(ALL_COMPILERFLAGS) $(ALL_CPPFLAGS) $(INCLUDES) \
+ $(srcdir)/config/arm/aarch-bti-insert.cc
diff --git a/gcc/config/arm/unspecs.md b/gcc/config/arm/unspecs.md
index 370f0b12da1..93447a8ce9d 100644
--- a/gcc/config/arm/unspecs.md
+++ b/gcc/config/arm/unspecs.md
@@ -257,6 +257,7 @@ (define_c_enum "unspecv" [
; instruction.
VUNSPEC_PACBTI_NOP ; Represents PAC signing LR + valid landing pad
VUNSPEC_AUT_NOP ; Represents PAC verifying LR
+ VUNSPEC_BTI_NOP ; Represent BTI
])
;; Enumerators for NEON unspecs.
diff --git a/gcc/testsuite/gcc.target/arm/bti-1.c b/gcc/testsuite/gcc.target/arm/bti-1.c
new file mode 100644
index 00000000000..79dd8010d2d
--- /dev/null
+++ b/gcc/testsuite/gcc.target/arm/bti-1.c
@@ -0,0 +1,12 @@
+/* Check that GCC does bti instruction. */
+/* { dg-do compile } */
+/* { dg-skip-if "avoid conflicting multilib options" { *-*-* } { "-marm" "-mcpu=*" } } */
+/* { dg-options "-march=armv8.1-m.main -mthumb -mfloat-abi=softfp -mbranch-protection=bti --save-temps" } */
+
+int
+main (void)
+{
+ return 0;
+}
+
+/* { dg-final { scan-assembler "bti" } } */
diff --git a/gcc/testsuite/gcc.target/arm/bti-2.c b/gcc/testsuite/gcc.target/arm/bti-2.c
new file mode 100644
index 00000000000..33910563849
--- /dev/null
+++ b/gcc/testsuite/gcc.target/arm/bti-2.c
@@ -0,0 +1,58 @@
+/* { dg-do compile } */
+/* -Os to create jump table. */
+/* { dg-options "-Os" } */
+/* { dg-skip-if "avoid conflicting multilib options" { *-*-* } { "-marm" "-mcpu=*" } } */
+/* { dg-options "-march=armv8.1-m.main -mthumb -mfloat-abi=softfp -mbranch-protection=bti --save-temps" } */
+
+extern int f1 (void);
+extern int f2 (void);
+extern int f3 (void);
+extern int f4 (void);
+extern int f5 (void);
+extern int f6 (void);
+extern int f7 (void);
+extern int f8 (void);
+extern int f9 (void);
+extern int f10 (void);
+
+int (*ptr) (void);
+
+int
+f_jump_table (int y, int n)
+{
+ int i;
+ for (i = 0; i < n ;i ++)
+ {
+ switch (y)
+ {
+ case 0 : ptr = f1; break;
+ case 1 : ptr = f2; break;
+ case 2 : ptr = f3; break;
+ case 3 : ptr = f4; break;
+ case 4 : ptr = f5; break;
+ case 5 : ptr = f6; break;
+ case 6 : ptr = f7; break;
+ case 7 : ptr = f8; break;
+ case 8 : ptr = f9; break;
+ case 9 : ptr = f10; break;
+ default: break;
+ }
+ y += ptr ();
+ }
+ return (y == 0)? y+1:4;
+}
+
+int
+f_label_address ()
+{
+ static void * addr = &&lab1;
+ goto *addr;
+lab1:
+ addr = &&lab2;
+ return 1;
+lab2:
+ addr = &&lab1;
+ return 2;
+}
+
+/* { dg-final { scan-assembler-times "bti" 15 } } */
--
2.25.1
next prev parent reply other threads:[~2022-12-14 16:40 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-12 14:26 [PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-08-12 15:14 ` [PATCH 1/15] arm: Make mbranch-protection opts parsing common to AArch32/64 Andrea Corallo
2022-12-22 17:04 ` [PATCH 1/15 V2] " Andrea Corallo
2023-01-11 10:48 ` Richard Earnshaw
2022-08-12 15:15 ` [PATCH 2/15] arm: Add Armv8.1-M Mainline target feature +pacbti Andrea Corallo
2022-08-12 15:21 ` [PATCH 3/15] arm: Add option -mbranch-protection Andrea Corallo
2022-08-12 15:22 ` [PATCH 4/15] arm: Add testsuite library support for PACBTI target Andrea Corallo
2022-08-12 15:26 ` [PATCH 5/15] arm: Implement target feature macros for PACBTI Andrea Corallo
2022-08-12 15:29 ` [PATCH 6/15] arm: Add pointer authentication for stack-unwinding runtime Andrea Corallo
2022-08-12 15:30 ` [PATCH 7/15] arm: Emit build attributes for PACBTI target feature Andrea Corallo
2022-09-05 16:53 ` Andrea Corallo
2022-10-20 14:47 ` Kyrylo Tkachov
2022-10-20 15:15 ` Richard Earnshaw
2022-10-21 12:19 ` Richard Earnshaw
2022-08-12 15:33 ` [PATCH 8/15] arm: Introduce multilibs " Andrea Corallo
2022-08-12 15:34 ` [PATCH 9/15] arm: Set again stack pointer as CFA reg when popping if necessary Andrea Corallo
2022-09-05 16:52 ` Andrea Corallo
2022-09-27 9:03 ` Kyrylo Tkachov
2022-09-27 10:05 ` Andrea Corallo
2022-09-27 15:24 ` Kyrylo Tkachov
2022-10-21 12:30 ` Richard Earnshaw
2022-10-26 8:49 ` Andrea Corallo
2022-11-08 14:57 ` Richard Earnshaw
2023-01-09 14:58 ` Andrea Corallo
2023-01-09 15:57 ` Richard Earnshaw
2023-01-09 16:48 ` Richard Earnshaw
2023-01-09 17:22 ` Richard Earnshaw
2023-01-11 9:55 ` Andrea Corallo
2022-08-12 15:36 ` [PATCH 10/15] arm: Implement cortex-M return signing address codegen Andrea Corallo
2022-09-05 16:55 ` Andrea Corallo
2022-09-14 14:20 ` [PATCH 10/15 V2] " Andrea Corallo
2022-10-21 12:58 ` Richard Earnshaw
2022-10-26 15:48 ` Andrea Corallo
2022-10-28 16:34 ` [PATCH 10/15 V3] " Andrea Corallo
2022-11-07 8:57 ` [PATCH 10/15 V4] " Andrea Corallo
2022-12-05 16:38 ` Richard Earnshaw
2022-12-09 14:16 ` [PATCH 10/15 V5] " Andrea Corallo
2022-12-12 10:53 ` Richard Earnshaw
2022-12-14 16:35 ` [PATCH 10/15 V6] " Andrea Corallo
2022-12-14 16:45 ` Richard Earnshaw
2023-01-11 9:58 ` [PATCH 10/15 V7] " Andrea Corallo
2023-01-11 10:39 ` Richard Earnshaw
2022-08-12 15:40 ` [PATCH 11/15] aarch64: Make bti pass generic so it can be used by the arm backend Andrea Corallo
2022-09-05 16:56 ` Andrea Corallo
2022-09-27 9:10 ` Kyrylo Tkachov
2022-08-12 15:41 ` [PATCH 12/15] arm: implement bti injection Andrea Corallo
2022-09-05 16:56 ` Andrea Corallo
2022-09-27 9:18 ` Kyrylo Tkachov
2022-09-29 15:45 ` [PATCH 12/15 V2] " Andrea Corallo
2022-10-20 14:56 ` Kyrylo Tkachov
2022-10-28 16:40 ` [PATCH 12/15 V3] " Andrea Corallo
2022-12-05 17:02 ` Richard Earnshaw
2022-12-14 16:40 ` Andrea Corallo [this message]
2022-12-14 17:00 ` [PATCH 12/15 V4] " Richard Earnshaw
2022-12-14 17:03 ` Richard Earnshaw
2022-12-22 17:13 ` [PATCH 12/15 V5] " Andrea Corallo
2023-01-11 15:08 ` Richard Earnshaw
2022-08-12 16:44 ` [PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-08-12 17:10 ` [PATCH 13/15] arm: Add pacbti related multilib support for armv8.1-m.main Srinath Parvathaneni
2022-10-21 13:00 ` Richard Earnshaw
2022-09-21 8:07 ` [PING][PATCH 0/15] arm: Enables return address verification and branch target identification on Cortex-M Andrea Corallo
2022-10-21 13:01 ` Richard Earnshaw
2022-10-21 13:32 ` Andrea Corallo
2022-12-05 14:10 ` Andrea Corallo
2022-12-05 14:19 ` Kyrylo Tkachov
2023-01-23 10:50 ` [PATCH " Andrea Corallo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gkrsfhirla6.fsf_-_@arm.com \
--to=andrea.corallo@arm.com \
--cc=Kyrylo.Tkachov@arm.com \
--cc=Richard.Earnshaw@arm.com \
--cc=Richard.Earnshaw@foss.arm.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=nd@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).