These patches add support for control flow protection, and as a bonus while no one actually has machines that support CET, a faster x86-specific coroutine backend.
I have tested the first six; I cannot yet test the seventh because my CET machine has an old kernel without ARCH_X86_CET_ALLOC_SHSTK support. Unfortunately, I'm seeing a 60x performance drop with IBT (!). It may be (or so I hope) a problem with this particular machine, but anyway for now CET is left disabled... Paolo Paolo Bonzini (7): qemugdb: allow adding support for other coroutine backends coroutine: add x86 specific coroutine backend configure: add CET support tcg: add tcg_out_start tcg/i386: add support for IBT linux-user: add IBT support to x86 safe-syscall.S coroutine-x86: add CET shadow stack support Makefile.target | 5 + configure | 60 +++++ linux-user/host/i386/safe-syscall.inc.S | 19 ++ linux-user/host/x86_64/safe-syscall.inc.S | 19 ++ scripts/qemugdb/coroutine.py | 107 +++----- scripts/qemugdb/coroutine_ucontext.py | 69 +++++ scripts/qemugdb/coroutine_x86.py | 21 ++ tcg/aarch64/tcg-target.inc.c | 4 + tcg/arm/tcg-target.inc.c | 4 + tcg/i386/tcg-target.inc.c | 18 ++ tcg/mips/tcg-target.inc.c | 4 + tcg/ppc/tcg-target.inc.c | 4 + tcg/riscv/tcg-target.inc.c | 4 + tcg/s390/tcg-target.inc.c | 4 + tcg/sparc/tcg-target.inc.c | 4 + tcg/tcg.c | 2 + tcg/tci/tcg-target.inc.c | 4 + util/Makefile.objs | 5 + util/coroutine-x86.c | 298 ++++++++++++++++++++++ 19 files changed, 580 insertions(+), 75 deletions(-) create mode 100644 scripts/qemugdb/coroutine_ucontext.py create mode 100644 scripts/qemugdb/coroutine_x86.py create mode 100644 util/coroutine-x86.c -- 2.20.1
