Part#1. Add generic part for Intel CET enabling. The spec is available at
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf High-level design. ------------------ A proposal is to introduce a target independent flag -finstrument-control-flow with a semantic to instrument a code to control validness or integrity of control-flow transfers using jump and call instructions. The main goal is to detect and block a possible malware execution through transfer the execution to unknown target address. Implementation could be either software or target based. Any target platforms can provide their implementation for instrumentation under this option. When the -finstrument-control-flow flag is set each implementation has to check if a support exists for a target platform and report an error if no support is found. The compiler should instrument any control-flow transfer points in a program (ex. call/jmp/ret) as well as any landing pads, which are targets of for control-flow transfers. A new 'notrack' attribute is introduced to provide hand tuning support. The attribute directs the compiler to skip a call to a function and a function's landing pad from instrumentation (tracking). The attribute can be used for function and pointer to function types, otherwise it will be ignored. The attribute is saved in a type and propagated to a GIMPLE call statement and later to a call instruction. Currently all platforms except i386 will report the error and do no instrumentation. i386 will provide the implementation based on a specification published by Intel for a new technology called Control-flow Enforcement Technology (CET).
0001-Part-1.-Add-generic-part-for-Intel-CET-enabling.patch
Description: 0001-Part-1.-Add-generic-part-for-Intel-CET-enabling.patch
