Add cet.h header

This commit is contained in:
Tom Stellard 2020-06-26 21:07:01 +00:00
parent f1e3f547a4
commit f923b525f1
2 changed files with 152 additions and 1 deletions

View File

@ -0,0 +1,146 @@
From bcc0c894f38fd8b43af521e356a167b1a12dd497 Mon Sep 17 00:00:00 2001
From: Xiang1 Zhang <xiang1.zhang@intel.com>
Date: Tue, 19 May 2020 13:29:30 +0800
Subject: [PATCH] Add cet.h for writing CET-enabled assembly code
Summary:
Add x86 feature with IBT and/or SHSTK bits to ELF program property if they are enabled. Otherwise, contents in this header file are unused.
This file is mainly design for assembly source code which want to enable CET
Reviewers: hjl.tools, annita.zhang, LuoYuanke, craig.topper, tstellar, pengfei, rsmith
Reviewed By: LuoYuanke
Subscribers: cfe-commits, mgorny
Tags: #clang
Differential Revision: https://reviews.llvm.org/D79617
---
clang/lib/Headers/CMakeLists.txt | 1 +
clang/lib/Headers/cet.h | 66 ++++++++++++++++++++++++++++++++++++++++
clang/test/CodeGen/asm-cet.S | 27 ++++++++++++++++
3 files changed, 94 insertions(+)
create mode 100644 clang/lib/Headers/cet.h
create mode 100644 clang/test/CodeGen/asm-cet.S
diff --git a/clang/lib/Headers/CMakeLists.txt b/clang/lib/Headers/CMakeLists.txt
index 60d359f..c5215ee 100644
--- a/clang/lib/Headers/CMakeLists.txt
+++ b/clang/lib/Headers/CMakeLists.txt
@@ -46,6 +46,7 @@ set(files
__clang_cuda_math_forward_declares.h
__clang_cuda_runtime_wrapper.h
cetintrin.h
+ cet.h
cldemoteintrin.h
clzerointrin.h
cpuid.h
diff --git a/clang/lib/Headers/cet.h b/clang/lib/Headers/cet.h
new file mode 100644
index 0000000..ffb19de
--- /dev/null
+++ b/clang/lib/Headers/cet.h
@@ -0,0 +1,66 @@
+/*===------ cet.h -Control-flow Enforcement Technology feature ------------===
+ * Add x86 feature with IBT and/or SHSTK bits to ELF program property if they
+ * are enabled. Otherwise, contents in this header file are unused. This file
+ * is mainly design for assembly source code which want to enable CET.
+ *
+ * Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+ * See https://llvm.org/LICENSE.txt for license information.
+ * SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+ *
+ *===-----------------------------------------------------------------------===
+ */
+#ifndef __CET_H
+#define __CET_H
+
+#ifdef __ASSEMBLER__
+
+#ifndef __CET__
+# define _CET_ENDBR
+#endif
+
+#ifdef __CET__
+
+# ifdef __LP64__
+# if __CET__ & 0x1
+# define _CET_ENDBR endbr64
+# else
+# define _CET_ENDBR
+# endif
+# else
+# if __CET__ & 0x1
+# define _CET_ENDBR endbr32
+# else
+# define _CET_ENDBR
+# endif
+# endif
+
+
+# ifdef __LP64__
+# define __PROPERTY_ALIGN 3
+# else
+# define __PROPERTY_ALIGN 2
+# endif
+
+ .pushsection ".note.gnu.property", "a"
+ .p2align __PROPERTY_ALIGN
+ .long 1f - 0f /* name length. */
+ .long 4f - 1f /* data length. */
+ /* NT_GNU_PROPERTY_TYPE_0. */
+ .long 5 /* note type. */
+0:
+ .asciz "GNU" /* vendor name. */
+1:
+ .p2align __PROPERTY_ALIGN
+ /* GNU_PROPERTY_X86_FEATURE_1_AND. */
+ .long 0xc0000002 /* pr_type. */
+ .long 3f - 2f /* pr_datasz. */
+2:
+ /* GNU_PROPERTY_X86_FEATURE_1_XXX. */
+ .long __CET__
+3:
+ .p2align __PROPERTY_ALIGN
+4:
+ .popsection
+#endif
+#endif
+#endif
diff --git a/clang/test/CodeGen/asm-cet.S b/clang/test/CodeGen/asm-cet.S
new file mode 100644
index 0000000..3644ed7
--- /dev/null
+++ b/clang/test/CodeGen/asm-cet.S
@@ -0,0 +1,27 @@
+// REQUIRES: x86-registered-target
+// RUN: %clang --target=x86_64-pc-linux -fcf-protection -include cet.h -c %s -o - | llvm-readelf -n | FileCheck %s
+// RUN: %clang --target=x86_64-pc-linux -include cet.h -c %s -o - | llvm-readelf -S | FileCheck %s --check-prefixes=NOCET
+// RUN: %clang --target=x86_64-pc-linux -include cet.h -S %s -o - | FileCheck %s --check-prefixes=NOENDBR
+// RUN: %clang --target=x86_64-pc-linux -fcf-protection -include cet.h -S %s -o - | FileCheck %s --check-prefixes=ENDBR64
+
+// RUN: %clang --target=i386-pc-linux -fcf-protection -include cet.h -c %s -o - | llvm-readelf -n | FileCheck %s
+// RUN: %clang --target=i386-pc-linux -include cet.h -c %s -o - | llvm-readelf -S | FileCheck %s --check-prefixes=NOCET
+// RUN: %clang --target=i386-pc-linux -include cet.h -S %s -o - | FileCheck %s --check-prefixes=NOENDBR
+// RUN: %clang --target=i386-pc-linux -fcf-protection -include cet.h -S %s -o - | FileCheck %s --check-prefixes=ENDBR32
+
+// CHECK: IBT, SHSTK
+
+// NOCET: Section Headers
+// NOCET-NOT: .note.gnu.property
+
+// NOENDBR: foo
+// NOENDBR-NOT: endbr
+
+// ENDBR64: endbr64
+// ENDBR32: endbr32
+ .text
+ .globl foo
+ .type foo, @function
+foo:
+ _CET_ENDBR
+ ret
--
1.8.3.1

View File

@ -4,7 +4,7 @@
%global min_ver 0 %global min_ver 0
%global patch_ver 0 %global patch_ver 0
#%%global rc_ver 6 #%%global rc_ver 6
%global baserelease 5 %global baserelease 6
%global clang_tools_binaries \ %global clang_tools_binaries \
%{_bindir}/clang-apply-replacements \ %{_bindir}/clang-apply-replacements \
@ -103,6 +103,7 @@ Patch14: 0001-clang-fix-undefined-behaviour-in-RawComment-getForma.patch
# Not Upstream # Not Upstream
Patch15: 0001-clang-Don-t-install-static-libraries.patch Patch15: 0001-clang-Don-t-install-static-libraries.patch
Patch16: 0001-Driver-Accept-multiple-config-options-if-filenames-a.patch Patch16: 0001-Driver-Accept-multiple-config-options-if-filenames-a.patch
Patch17: 0001-Add-cet.h-for-writing-CET-enabled-assembly-code.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -255,6 +256,7 @@ pathfix.py -i %{__python3} -pn \
%patch14 -p2 -b .clangd %patch14 -p2 -b .clangd
%patch15 -p2 -b .no-install-static %patch15 -p2 -b .no-install-static
%patch16 -p2 -b .config-multiple %patch16 -p2 -b .config-multiple
%patch17 -p2 -b .cet.h
mv ../%{clang_tools_srcdir} tools/extra mv ../%{clang_tools_srcdir} tools/extra
@ -482,6 +484,9 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} ninja check-all -C _build || \
%endif %endif
%changelog %changelog
* Fri Jun 26 2020 Tom Stellard <tstellar@redhat.com> - 10.0.0-6
- Add cet.h header
* Mon Jun 08 2020 Tom Stellard <tstellar@redhat.com> - 10.0.0-5 * Mon Jun 08 2020 Tom Stellard <tstellar@redhat.com> - 10.0.0-5
- Accept multiple --config options - Accept multiple --config options