Re: [PATCH v4 01/23] aarch64: Add -mbranch-protection=gcs option

Thu, 14 Nov 2024 12:39:58 -0800 

On 14/11/24 12:36 +0000, Yury Khrustalev wrote:

From: Szabolcs Nagy <szabolcs.n...@arm.com>

This enables Guarded Control Stack (GCS) compatible code generation.

The "standard" branch-protection type enables it, and the default
depends on the compiler default.

gcc/ChangeLog:

        * config/aarch64/aarch64-protos.h (aarch_gcs_enabled): Declare.
        * config/aarch64/aarch64.cc (aarch_gcs_enabled): Define.
        (aarch_handle_no_branch_protection): Handle gcs.
        (aarch_handle_standard_branch_protection): Handle gcs.
        (aarch_handle_gcs_protection): New.
        * config/aarch64/aarch64.opt: Add aarch_enable_gcs.
        * configure: Regenerate.
        * configure.ac: Handle gcs in --enable-standard-branch-protection.
        * doc/invoke.texi: Document -mbranch-protection=gcs.
---
gcc/config/aarch64/aarch64-protos.h |  2 ++
gcc/config/aarch64/aarch64.cc       | 24 ++++++++++++++++++++++++
gcc/config/aarch64/aarch64.opt      |  3 +++
gcc/configure                       |  2 +-
gcc/configure.ac                    |  6 +++---
gcc/doc/invoke.texi                 |  5 +++--
6 files changed, 36 insertions(+), 6 deletions(-)

diff --git a/gcc/config/aarch64/aarch64-protos.h 
b/gcc/config/aarch64/aarch64-protos.h
index 05d3258abf7..481907422e8 100644
--- a/gcc/config/aarch64/aarch64-protos.h
+++ b/gcc/config/aarch64/aarch64-protos.h
@@ -1206,4 +1206,6 @@ extern void aarch64_adjust_reg_alloc_order ();
bool aarch64_optimize_mode_switching (aarch64_mode_entity);
void aarch64_restore_za (rtx);

+extern bool aarch64_gcs_enabled ();
+
#endif /* GCC_AARCH64_PROTOS_H */
diff --git a/gcc/config/aarch64/aarch64.cc b/gcc/config/aarch64/aarch64.cc
index 00bcf18ae97..68230e1f4c2 100644
--- a/gcc/config/aarch64/aarch64.cc
+++ b/gcc/config/aarch64/aarch64.cc
@@ -8562,6 +8562,13 @@ aarch_bti_j_insn_p (rtx_insn *insn)
  return GET_CODE (pat) == UNSPEC_VOLATILE && XINT (pat, 1) == UNSPECV_BTI_J;
}

+/* Return TRUE if Guarded Control Stack is enabled.  */
+bool
+aarch64_gcs_enabled (void)
+{
+  return (aarch64_enable_gcs == 1);
+}
+
/* Check if X (or any sub-rtx of X) is a PACIASP/PACIBSP instruction.  */
bool
aarch_pac_insn_p (rtx x)
@@ -18981,6 +18988,7 @@ aarch64_handle_no_branch_protection (void)
{
  aarch_ra_sign_scope = AARCH_FUNCTION_NONE;
  aarch_enable_bti = 0;
+  aarch64_enable_gcs = 0;
}

static void
@@ -18989,6 +18997,7 @@ aarch64_handle_standard_branch_protection (void)
  aarch_ra_sign_scope = AARCH_FUNCTION_NON_LEAF;
  aarch64_ra_sign_key = AARCH64_KEY_A;
  aarch_enable_bti = 1;
+  aarch64_enable_gcs = 1;
}

static void
@@ -19015,6 +19024,11 @@ aarch64_handle_bti_protection (void)
{
  aarch_enable_bti = 1;
}
+static void
+aarch64_handle_gcs_protection (void)
+{
+  aarch64_enable_gcs = 1;
+}

static const struct aarch_branch_protect_type aarch64_pac_ret_subtypes[] = {
  { "leaf", false, aarch64_handle_pac_ret_leaf, NULL, 0 },
@@ -19029,6 +19043,7 @@ static const struct aarch_branch_protect_type 
aarch64_branch_protect_types[] =
  { "pac-ret", false, aarch64_handle_pac_ret_protection,
    aarch64_pac_ret_subtypes, ARRAY_SIZE (aarch64_pac_ret_subtypes) },
  { "bti", false, aarch64_handle_bti_protection, NULL, 0 },
+  { "gcs", false, aarch64_handle_gcs_protection, NULL, 0 },
  { NULL, false, NULL, NULL, 0 }
};

@@ -19128,6 +19143,15 @@ aarch64_override_options (void)
#endif
    }

+  if (aarch64_enable_gcs == 2)
+    {
+#ifdef TARGET_ENABLE_GCS
+      aarch64_enable_gcs = 1;
+#else
+      aarch64_enable_gcs = 0;
+#endif
+    }
+
  /* Return address signing is currently not supported for ILP32 targets.  For
     LP64 targets use the configured option in the absence of a command-line
     option for -mbranch-protection.  */
diff --git a/gcc/config/aarch64/aarch64.opt b/gcc/config/aarch64/aarch64.opt
index c2c9965b062..36bc719b822 100644
--- a/gcc/config/aarch64/aarch64.opt
+++ b/gcc/config/aarch64/aarch64.opt
@@ -45,6 +45,9 @@ uint64_t aarch64_isa_flags_1 = 0
TargetVariable
unsigned aarch_enable_bti = 2

+TargetVariable
+unsigned aarch64_enable_gcs = 2
+
TargetVariable
enum aarch64_key_type aarch64_ra_sign_key = AARCH64_KEY_A

diff --git a/gcc/configure b/gcc/configure
index 150ab616414..df64af3af57 100755
--- a/gcc/configure
+++ b/gcc/configure
@@ -28093,7 +28093,7 @@ if test "${enable_standard_branch_protection+set}" = 
set; then :
  enableval=$enable_standard_branch_protection;
        case $enableval in
          yes)
-            tm_defines="${tm_defines} TARGET_ENABLE_BTI=1 
TARGET_ENABLE_PAC_RET=1"
+            tm_defines="${tm_defines} TARGET_ENABLE_BTI=1 TARGET_ENABLE_PAC_RET=1 
TARGET_ENABLE_GCS=1"
            ;;
          no)
            ;;


This file was not correctly regenerated.



diff --git a/gcc/configure.ac b/gcc/configure.ac
index bdb22d53e2c..bdd8cb0002f 100644
--- a/gcc/configure.ac
+++ b/gcc/configure.ac
@@ -4402,14 +4402,14 @@ case "$target" in
    AC_ARG_ENABLE(standard-branch-protection,
    [
AS_HELP_STRING([--enable-standard-branch-protection],
-        [enable Branch Target Identification Mechanism and Return Address 
Signing by default for AArch64])
+        [enable Branch Target Identification Mechanism, Return Address 
Signing, and Guarded Control Stack by default for AArch64])
AS_HELP_STRING([--disable-standard-branch-protection],
-        [disable Branch Target Identification Mechanism and Return Address 
Signing by default for AArch64])
+        [disable Branch Target Identification Mechanism, Return Address 
Signing, and Guarded Control Stack by default for AArch64])
    ],
      [
        case $enableval in
          yes)
-            tm_defines="${tm_defines} TARGET_ENABLE_BTI=1 
TARGET_ENABLE_PAC_RET=1"
+            tm_defines="${tm_defines} TARGET_ENABLE_BTI=1 TARGET_ENABLE_PAC_RET=1 
TARGET_ENABLE_GCS=1"
            ;;
          no)
            ;;
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index aa979c3c2fd..ccf34dc28ce 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -814,7 +814,7 @@ Objective-C and Objective-C++ Dialects}.
-mpc-relative-literal-loads
-msign-return-address=@var{scope}
-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}
-+@var{b-key}]|@var{bti}
++@var{b-key}]|@var{bti}|@var{gcs}
-mharden-sls=@var{opts}
-march=@var{name}  -mcpu=@var{name}  -mtune=@var{name}
-moverride=@var{string}  -mverbose-cost-dump
@@ -21591,7 +21591,7 @@ default value is @samp{none}. This option has been 
deprecated by
-mbranch-protection.

@opindex mbranch-protection
-@item 
-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}+@var{b-key}]|@var{bti}
+@item 
-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}+@var{b-key}]|@var{bti}|@var{gcs}
Select the branch protection features to use.
@samp{none} is the default and turns off all types of branch protection.
@samp{standard} turns on all types of branch protection features.  If a feature
@@ -21604,6 +21604,7 @@ argument @samp{leaf} can be used to extend the signing 
to include leaf
functions.  The optional argument @samp{b-key} can be used to sign the functions
with the B-key instead of the A-key.
@samp{bti} turns on branch target identification mechanism.
+@samp{gcs} turns on guarded control stack compatible code generation.

@opindex mharden-sls
@item -mharden-sls=@var{opts}
--
2.39.5

Reply via email to