2017-11-17 14:34:39 +01:00
|
|
|
dnl
|
|
|
|
dnl GCC_CET_FLAGS
|
|
|
|
dnl (SHELL-CODE_HANDLER)
|
|
|
|
dnl
|
|
|
|
AC_DEFUN([GCC_CET_FLAGS],[dnl
|
2020-05-14 08:25:39 -07:00
|
|
|
GCC_ENABLE(cet, auto, ,[enable Intel CET in target libraries],
|
2018-04-19 09:45:51 +02:00
|
|
|
permit yes|no|auto)
|
2018-02-19 17:25:49 +01:00
|
|
|
AC_MSG_CHECKING([for CET support])
|
|
|
|
|
2020-05-29 12:23:33 -07:00
|
|
|
# NB: Avoid nested save_CFLAGS and save_LDFLAGS.
|
2017-11-17 14:34:39 +01:00
|
|
|
case "$host" in
|
|
|
|
i[[34567]]86-*-linux* | x86_64-*-linux*)
|
|
|
|
case "$enable_cet" in
|
2018-04-19 09:45:51 +02:00
|
|
|
auto)
|
2018-02-19 17:25:49 +01:00
|
|
|
# Check if target supports multi-byte NOPs
|
2020-07-15 06:16:01 -07:00
|
|
|
# and if compiler and assembler support CET insn.
|
2020-05-29 12:23:33 -07:00
|
|
|
cet_save_CFLAGS="$CFLAGS"
|
2020-05-15 09:06:50 -07:00
|
|
|
CFLAGS="$CFLAGS -fcf-protection"
|
2017-11-17 14:34:39 +01:00
|
|
|
AC_COMPILE_IFELSE(
|
|
|
|
[AC_LANG_PROGRAM(
|
|
|
|
[],
|
2018-02-19 17:25:49 +01:00
|
|
|
[
|
|
|
|
#if !defined(__SSE2__)
|
|
|
|
#error target does not support multi-byte NOPs
|
|
|
|
#else
|
|
|
|
asm ("setssbsy");
|
|
|
|
#endif
|
|
|
|
])],
|
2017-11-17 14:34:39 +01:00
|
|
|
[enable_cet=yes],
|
|
|
|
[enable_cet=no])
|
2020-05-29 12:23:33 -07:00
|
|
|
CFLAGS="$cet_save_CFLAGS"
|
2017-11-17 14:34:39 +01:00
|
|
|
;;
|
|
|
|
yes)
|
|
|
|
# Check if assembler supports CET.
|
|
|
|
AC_COMPILE_IFELSE(
|
|
|
|
[AC_LANG_PROGRAM(
|
|
|
|
[],
|
|
|
|
[asm ("setssbsy");])],
|
|
|
|
[],
|
|
|
|
[AC_MSG_ERROR([assembler with CET support is required for --enable-cet])])
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
enable_cet=no
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
if test x$enable_cet = xyes; then
|
2018-04-24 09:41:01 -07:00
|
|
|
$1="-fcf-protection -mshstk"
|
2018-02-19 17:25:49 +01:00
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([no])
|
2017-11-17 14:34:39 +01:00
|
|
|
fi
|
|
|
|
])
|
2020-04-25 10:06:59 -07:00
|
|
|
|
|
|
|
dnl
|
|
|
|
dnl GCC_CET_HOST_FLAGS
|
|
|
|
dnl (SHELL-CODE_HANDLER)
|
|
|
|
dnl
|
|
|
|
AC_DEFUN([GCC_CET_HOST_FLAGS],[dnl
|
|
|
|
GCC_ENABLE(cet, auto, ,[enable Intel CET in host libraries],
|
|
|
|
permit yes|no|auto)
|
|
|
|
AC_MSG_CHECKING([for CET support])
|
|
|
|
|
|
|
|
case "$host" in
|
|
|
|
i[[34567]]86-*-linux* | x86_64-*-linux*)
|
|
|
|
may_have_cet=yes
|
2020-05-29 12:23:33 -07:00
|
|
|
cet_save_CFLAGS="$CFLAGS"
|
2020-04-25 10:06:59 -07:00
|
|
|
CFLAGS="$CFLAGS -fcf-protection"
|
|
|
|
case "$enable_cet" in
|
|
|
|
auto)
|
|
|
|
# Check if target supports multi-byte NOPs
|
2020-07-15 06:16:01 -07:00
|
|
|
# and if compiler and assembler support CET.
|
2020-04-25 10:06:59 -07:00
|
|
|
AC_COMPILE_IFELSE(
|
|
|
|
[AC_LANG_PROGRAM(
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
#if !defined(__SSE2__)
|
|
|
|
#error target does not support multi-byte NOPs
|
|
|
|
#else
|
|
|
|
asm ("setssbsy");
|
|
|
|
#endif
|
|
|
|
])],
|
|
|
|
[enable_cet=yes],
|
|
|
|
[enable_cet=no])
|
|
|
|
;;
|
|
|
|
yes)
|
2020-07-15 06:16:01 -07:00
|
|
|
# Check if compiler and assembler support CET.
|
2020-04-25 10:06:59 -07:00
|
|
|
AC_COMPILE_IFELSE(
|
|
|
|
[AC_LANG_PROGRAM(
|
|
|
|
[],
|
|
|
|
[asm ("setssbsy");])],
|
2020-07-15 06:16:01 -07:00
|
|
|
[support_cet=yes],
|
|
|
|
[support_cet=no])
|
|
|
|
if test $support_cet = "no"; then
|
|
|
|
if test x$enable_bootstrap != xno \
|
|
|
|
&& test -z "${with_build_subdir}" \
|
|
|
|
&& (test ! -f ../stage_current \
|
|
|
|
|| test `cat ../stage_current` != "stage1"); then
|
|
|
|
# Require CET support only for the final GCC build.
|
|
|
|
AC_MSG_ERROR([compiler and assembler with CET support are required for --enable-cet])
|
|
|
|
else
|
|
|
|
# Don't enable CET without CET support for non-bootstrap
|
|
|
|
# build, in stage1 nor for build support.
|
|
|
|
enable_cet=no
|
|
|
|
fi
|
|
|
|
fi
|
2020-04-25 10:06:59 -07:00
|
|
|
;;
|
|
|
|
esac
|
2020-05-29 12:23:33 -07:00
|
|
|
CFLAGS="$cet_save_CFLAGS"
|
2020-04-25 10:06:59 -07:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
may_have_cet=no
|
|
|
|
enable_cet=no
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
2020-05-29 12:23:33 -07:00
|
|
|
cet_save_CFLAGS="$CFLAGS"
|
Check whether -fcf-protection=none -Wl,-z,ibt,-z,shstk work first
GCC_CET_HOST_FLAGS uses -Wl,-z,ibt,-z,shstk to check if Linux/x86 host
has Intel CET enabled by introducing an Intel CET violation on purpose.
To avoid false positive, check whether -Wl,-z,ibt,-z,shstk works first.
-fcf-protection=none is added to avoid false negative when -fcf-protection
is enabled by default.
config/
PR bootstrap/94739
* cet.m4 (GCC_CET_HOST_FLAGS): Add -fcf-protection=none to
-Wl,-z,ibt,-z,shstk. Check whether -fcf-protection=none
-Wl,-z,ibt,-z,shstk works first.
libiberty/
PR bootstrap/94739
* configure: Regenerated.
lto-plugin/
PR bootstrap/94739
* configure: Regenerated.
2020-04-28 05:42:34 -07:00
|
|
|
CFLAGS="$CFLAGS -fcf-protection=none"
|
2020-05-29 12:23:33 -07:00
|
|
|
cet_save_LDFLAGS="$LDFLAGS"
|
Check whether -fcf-protection=none -Wl,-z,ibt,-z,shstk work first
GCC_CET_HOST_FLAGS uses -Wl,-z,ibt,-z,shstk to check if Linux/x86 host
has Intel CET enabled by introducing an Intel CET violation on purpose.
To avoid false positive, check whether -Wl,-z,ibt,-z,shstk works first.
-fcf-protection=none is added to avoid false negative when -fcf-protection
is enabled by default.
config/
PR bootstrap/94739
* cet.m4 (GCC_CET_HOST_FLAGS): Add -fcf-protection=none to
-Wl,-z,ibt,-z,shstk. Check whether -fcf-protection=none
-Wl,-z,ibt,-z,shstk works first.
libiberty/
PR bootstrap/94739
* configure: Regenerated.
lto-plugin/
PR bootstrap/94739
* configure: Regenerated.
2020-04-28 05:42:34 -07:00
|
|
|
LDFLAGS="$LDFLAGS -Wl,-z,ibt,-z,shstk"
|
|
|
|
if test x$may_have_cet = xyes; then
|
|
|
|
# Check whether -fcf-protection=none -Wl,-z,ibt,-z,shstk work.
|
|
|
|
AC_TRY_LINK(
|
|
|
|
[],[return 0;],
|
|
|
|
[may_have_cet=yes],
|
|
|
|
[may_have_cet=no])
|
|
|
|
fi
|
|
|
|
|
2020-04-25 10:06:59 -07:00
|
|
|
if test x$may_have_cet = xyes; then
|
2020-05-12 10:39:42 -07:00
|
|
|
if test x$cross_compiling = xno; then
|
|
|
|
AC_TRY_RUN([
|
2021-02-12 16:30:23 -08:00
|
|
|
int
|
|
|
|
main ()
|
|
|
|
{
|
|
|
|
asm ("endbr32");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
],
|
|
|
|
[have_multi_byte_nop=yes],
|
|
|
|
[have_multi_byte_nop=no])
|
|
|
|
have_cet=no
|
|
|
|
if test x$have_multi_byte_nop = xyes; then
|
|
|
|
AC_TRY_RUN([
|
2020-04-25 10:06:59 -07:00
|
|
|
static void
|
|
|
|
foo (void)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
__attribute__ ((noinline, noclone))
|
|
|
|
xxx (void (*f) (void))
|
|
|
|
{
|
|
|
|
f ();
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
__attribute__ ((noinline, noclone))
|
|
|
|
bar (void)
|
|
|
|
{
|
|
|
|
xxx (foo);
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
main ()
|
|
|
|
{
|
|
|
|
bar ();
|
|
|
|
return 0;
|
|
|
|
}
|
2021-02-12 16:30:23 -08:00
|
|
|
],
|
|
|
|
[have_cet=no],
|
|
|
|
[have_cet=yes])
|
|
|
|
fi
|
2020-05-12 10:39:42 -07:00
|
|
|
if test x$enable_cet = xno -a x$have_cet = xyes; then
|
|
|
|
AC_MSG_ERROR([Intel CET must be enabled on Intel CET enabled host])
|
|
|
|
fi
|
2020-04-25 10:06:59 -07:00
|
|
|
fi
|
2020-05-12 10:39:42 -07:00
|
|
|
else
|
|
|
|
# Enable CET in cross compiler if possible so that it will run on both
|
|
|
|
# CET and non-CET hosts.
|
|
|
|
have_cet=yes
|
2020-04-25 10:06:59 -07:00
|
|
|
fi
|
|
|
|
if test x$enable_cet = xyes; then
|
|
|
|
$1="-fcf-protection"
|
|
|
|
AC_MSG_RESULT([yes])
|
|
|
|
else
|
|
|
|
AC_MSG_RESULT([no])
|
|
|
|
fi
|
2020-05-29 12:23:33 -07:00
|
|
|
CFLAGS="$cet_save_CFLAGS"
|
|
|
|
LDFLAGS="$cet_save_LDFLAGS"
|
2020-04-25 10:06:59 -07:00
|
|
|
])
|