The AArch32 instruction sets prior to Armv7 do not define the ISB and
DSB instructions that are needed to form a speculation barrier. While
I do not know of any instances of cores based on those instruction
sets being vulnerable to speculative side channel attacks it is
possible to run code built for those ISAs on more recent hardware
where they would become vulnerable.
This patch works around this by using a library call added to libgcc.
That code can then take any platform-specific actions necessary to
ensure safety.
For the moment I've only handled two cases: the library code being
built for armv7 or later anyway and running on Linux.
On Linux we can handle this by calling the kernel function that will
flush a small amount of cache. Such a sequence ends with a ISB+DSB
sequence if running on an Armv7 or later CPU.
gcc:
PR target/86951
* config/arm/arm-protos.h (arm_emit_speculation_barrier): New
prototype.
* config/arm/arm.c (speculation_barrier_libfunc): New static
variable.
(arm_init_libfuncs): Initialize it.
(arm_emit_speculation_barrier): New function.
* config/arm/arm.md (speculation_barrier): Call
arm_emit_speculation_barrier for architectures that do not have
DSB or ISB.
(speculation_barrier_insn): Only match on Armv7 or later.
libgcc:
PR target/86951
* config/arm/lib1funcs.asm (speculation_barrier): New function.
* config/arm/t-arm (LIB1ASMFUNCS): Add it to list of functions
to build.
From-SVN: r263806
In order to allow ZCX on VxWorks, we need the frame_dummy function to do
the register_frame_info(). So make sure crtbegin.o and crtend.o are
available for use with a custom spec file.
From-SVN: r263690
2018-08-01 Martin Liska <mliska@suse.cz>
* libgcov-profiler.c (__gcov_indirect_call_profiler_v2): Do not
check that __gcov_indirect_call_callee is non-null.
From-SVN: r263202
CET kernel has been changed to place a restore token on shadow stack for
signal handler to enhance security. It is usually transparent to user
programs since kernel will pop the restore token when signal handler
returns. But when an exception is thrown from a signal handler, now
we need to remove _Unwind_Frames_Increment to pop the the restore token
from shadow stack. Otherwise, we get
FAIL: g++.dg/torture/pr85334.C -O0 execution test
FAIL: g++.dg/torture/pr85334.C -O1 execution test
FAIL: g++.dg/torture/pr85334.C -O2 execution test
FAIL: g++.dg/torture/pr85334.C -O3 -g execution test
FAIL: g++.dg/torture/pr85334.C -Os execution test
FAIL: g++.dg/torture/pr85334.C -O2 -flto -fno-use-linker-plugin -flto-partition=none execution test
PR libgcc/85334
* config/i386/shadow-stack-unwind.h (_Unwind_Frames_Increment):
Removed.
From-SVN: r263030
For some targets (in my case VxWorks 5.5), libgcov does not compile due
to missing functions and macros such as getpid() and F_OK.
Incidentally, gcc/Makefile.in already contains comments such as
# Install gcov if it was compiled.
but there is no logic in place to actually allow gcov to not be
compiled.
So add an option for disabling build and install of libgcov and the
related host tools.
From-SVN: r262180
libgcc/:
PR libgcc/86213
* generic-morestack.c (allocate_segment): Move calls to getenv and
getpagesize to __morestack_load_mmap.
(__morestack_load_mmap) Initialize static_pagesize and
use_guard_page here so as to avoid clobbering SSE regs during a
__morestack call.
gcc/testsuite/:
* gcc.dg/split-8.c: New.
From-SVN: r261823
[gcc]
2018-06-18 Michael Meissner <meissner@linux.ibm.com>
PR target/85358
* config/rs6000/rs6000-modes.def (toplevel): Rework the 128-bit
floating point modes, so that IFmode is numerically greater than
TFmode, which is greater than KFmode using FRACTIONAL_FLOAT_MODE
to declare the ordering. This prevents IFmode from being
converted to TFmode when long double is IEEE 128-bit on an ISA 3.0
machine. Include rs6000-modes.h to share the fractional values
between genmodes* and the rest of the compiler.
(IFmode): Likewise.
(KFmode): Likewise.
(TFmode): Likewise.
* config/rs6000/rs6000-modes.h: New file.
* config/rs6000/rs6000.c (rs6000_debug_reg_global): Change the
meaning of rs6000_long_double_size so that 126..128 selects an
appropriate 128-bit floating point type.
(rs6000_option_override_internal): Likewise.
* config/rs6000/rs6000.h (toplevel): Include rs6000-modes.h.
(TARGET_LONG_DOUBLE_128): Change the meaning of
rs6000_long_double_size so that 126..128 selects an appropriate
128-bit floating point type.
(LONG_DOUBLE_TYPE_SIZE): Update comment.
* config/rs6000/rs6000.md (trunciftf2): Correct the modes of the
source and destination to match the standard usage.
(truncifkf2): Likewise.
(copysign<mode>3, IEEE iterator): Rework copysign of float128 on
ISA 2.07 to use an explicit clobber, instead of passing in a
temporary.
(copysign<mode>3_soft): Likewise.
[libgcc]
2018-06-18 Michael Meissner <meissner@linux.ibm.com>
* config/rs6000/t-float128 (FP128_CFLAGS_SW): Compile float128
support modules with -mno-gnu-attribute.
* config/rs6000/t-float128-hw (FP128_CFLAGS_HW): Likewise.
From-SVN: r261712
2018-06-07 Olivier Hainque <hainque@adacore.com>
* config/t-vxworks (LIBGCC_INCLUDES): Add
-I$(MULTIBUILDTOP)../../gcc/include.
* config/t-vxworks7: Likewise. Reformat a bit to match
the t-vxworks layout.
From-SVN: r261273
2018-06-07 Martin Liska <mliska@suse.cz>
PR bootstrap/86057
* libgcov-driver-system.c (replace_filename_variables): Use
memcpy instead of mempcpy.
(allocate_filename_struct): Do not allocate filename, allocate
prefix and set it.
(gcov_exit_open_gcda_file): Allocate memory for gf->filename
here and properly copy content into it.
* libgcov-driver.c (struct gcov_filename): Remove max_length
field, change prefix from size_t into char *.
(compute_summary): Do not calculate longest filename.
(gcov_do_dump): Release memory of gf.filename after each file.
* libgcov-util.c (compute_summary): Use new signature of
compute_summary.
(calculate_overlap): Likewise.
From-SVN: r261260
2018-06-05 Martin Liska <mliska@suse.cz>
PR gcov-profile/47618
* doc/invoke.texi: Document how -fprofile-dir format
is extended.
2018-06-05 Martin Liska <mliska@suse.cz>
PR gcov-profile/47618
* libgcov-driver-system.c (replace_filename_variables): New
function.
(gcov_exit_open_gcda_file): Use it.
From-SVN: r261199
2018-06-05 Martin Liska <mliska@suse.cz>
* auto-profile.c (read_autofdo_file): Do not use
gcov_ctr_summary struct.
(afdo_callsite_hot_enough_for_early_inline): Likewise.
* coverage.c (struct counts_entry): Likewise.
(read_counts_file): Read just single summary entry.
(get_coverage_counts): Use gcov_summary struct.
* coverage.h (get_coverage_counts): Likewise.
* gcov-dump.c (dump_working_sets): Likewise.
(tag_summary): Dump just single summary.
* gcov-io.c (gcov_write_summary): Write just histogram
summary.
(gcov_read_summary): Read just single summary.
(compute_working_sets): Use gcov_summary struct.
* gcov-io.h (GCOV_TAG_SUMMARY_LENGTH): Remove usage
of GCOV_COUNTERS_SUMMABLE.
(GCOV_COUNTERS_SUMMABLE): Remove.
(GCOV_FIRST_VALUE_COUNTER): Replace with
GCOV_COUNTER_V_INTERVAL.
(struct gcov_ctr_summary): Remove.
(struct gcov_summary): Directly use fields of former
gcov_ctr_summary.
(compute_working_sets): Use gcov_summary struct.
* gcov.c (read_count_file): Do not use ctrs fields.
* lto-cgraph.c (merge_profile_summaries): Use gcov_summary
struct.
* lto-streamer.h (struct GTY): Make profile_info gcov_summary
struct.
* profile.c: Likewise.
* profile.h: Likewise.
2018-06-05 Martin Liska <mliska@suse.cz>
* libgcov-driver.c (gcov_compute_histogram): Remove usage
of gcov_ctr_summary.
(compute_summary): Do it just for a single summary.
(merge_one_data): Likewise.
(merge_summary): Simplify as we read just single summary.
(dump_one_gcov): Pass proper argument.
* libgcov-util.c (compute_one_gcov): Simplify as we have just
single summary.
(gcov_info_count_all_cold): Likewise.
(calculate_overlap): Likewise.
From-SVN: r261189
2018-05-29 Martin Liska <mliska@suse.cz>
PR gcov-profile/85759
* doc/gcov.texi: Document GCOV_ERROR_FILE and GCOV_EXIT_AT_ERROR
env variables.
2018-05-29 Martin Liska <mliska@suse.cz>
PR gcov-profile/85759
* libgcov-driver-system.c (gcov_error): Introduce usage of
GCOV_EXIT_AT_ERROR env. variable.
* libgcov-driver.c (merge_one_data): Print error that we
overwrite a gcov file with a different timestamp.
From-SVN: r260895
The -march=armv5 and armv5e options have been deprecated in GCC 7 [1].
This patch removes support for them.
It's mostly mechanical stuff. The functionality that was previously
gated on arm_arch5 is now gated on arm_arch5t and the functionality
that was gated on arm_arch5e is now gated on arm_arch5te.
A path in TARGET_OS_CPP_BUILTINS for VxWorks is now unreachable and
therefore is deleted.
References to armv5 and armv5e are deleted/updated throughout the
source tree and testsuite.
Bootstrapped and tested on arm-none-linux-gnueabihf.
Also built a cc1 for arm-wrs-vxworks as a sanity check.
* config/arm/arm-cpus.in (armv5, armv5e): Delete features.
(armv5t, armv5te): New features.
(ARMv5, ARMv5e): Delete fgroups.
(ARMv5t, ARMv5te): Adjust for above changes.
(ARMv6m): Likewise.
(armv5, armv5e): Delete arches.
* config/arm/arm.md (*call_reg_armv5): Use arm_arch5t instead of
arm_arch5.
(*call_reg_arm): Likewise.
(*call_value_reg_armv5): Likewise.
(*call_value_reg_arm): Likewise.
(*call_symbol): Likewise.
(*call_value_symbol): Likewise.
(*sibcall_insn): Likewise.
(*sibcall_value_insn): Likewise.
(clzsi2): Likewise.
(prefetch): Likewise.
(define_split and define_peephole2 dependent on arm_arch5):
Likewise.
* config/arm/arm.h (TARGET_LDRD): Use arm_arch5te instead of
arm_arch5e.
(TARGET_ARM_QBIT): Likewise.
(TARGET_DSP_MULTIPLY): Likewise.
(enum base_architecture): Delete BASE_ARCH_5, BASE_ARCH_5E.
(arm_arch5, arm_arch5e): Delete.
(arm_arch5t, arm_arch5te): Declare.
* config/arm/arm.c (arm_arch5, arm_arch5e): Delete.
(arm_arch5t): Declare.
(arm_option_reconfigure_globals): Update for the above.
(arm_options_perform_arch_sanity_checks): Update comment, replace
use of arm_arch5 with arm_arch5t.
(use_return_insn): Likewise.
(arm_emit_call_insn): Likewise.
(output_return_instruction): Likewise.
(arm_final_prescan_insn): Likewise.
(arm_coproc_builtin_available): Likewise.
* config/arm/arm-c.c (arm_cpu_builtins): Replace arm_arch5 and
arm_arch5e with arm_arch5t and arm_arch5te.
* config/arm/arm-protos.h (arm_arch5, arm_arch5e): Delete.
(arm_arch5t, arm_arch5te): Declare.
* config/arm/arm-tables.opt: Regenerate.
* config/arm/t-arm-elf: Remove references to armv5, armv5e.
* config/arm/t-multilib: Likewise.
* config/arm/thumb1.md (*call_reg_thumb1_v5): Check arm_arch5t
instead of arm_arch5.
(*call_reg_thumb1): Likewise.
(*call_value_reg_thumb1_v5): Likewise.
(*call_value_reg_thumb1): Likewise.
* config/arm/vxworks.h (TARGET_OS_CPP_BUILTINS): Remove now
unreachable path.
* doc/invoke.texi (ARM Options): Remove references to armv5, armv5e.
* gcc.target/arm/pr40887.c: Update comment.
* lib/target-supports.exp: Don't generate effective target checks
and related helpers for armv5. Update comment.
* gcc.target/arm/armv5_thumb_isa.c: Delete.
* gcc.target/arm/di-longlong64-sync-withhelpers.c: Update effective
target check and options.
* config/arm/libunwind.S: Update comment relating to armv5.
From-SVN: r260362
[libgcc]
2018-04-20 Michael Meissner <meissner@linux.ibm.com>
PR target/85456
* config/rs6000/_powikf2.c: New file. Add support for the
__builtin_powil function when long double is IEEE 128-bit floating
point.
* config/rs6000/float128-ifunc.c (__powikf2_resolve): Add
__powikf2 support.
(__powikf2): Likewise.
* config/rs6000/quad-float128.h (__powikf2_sw): Likewise.
(__powikf2_hw): Likewise.
(__powikf2): Likewise.
* config/rs6000/t-float128 (fp128_ppc_funcs): Likewise.
* config/rs6000/t-float128-hw (fp128_hw_func): Likewise.
(_powikf2-hw.c): Likewise.
[gcc]
2018-04-20 Michael Meissner <meissner@linux.ibm.com>
PR target/85456
* config/rs6000/rs6000.c (init_float128_ieee): Add support to call
__powikf2 when long double is IEEE 128-bit.
[gcc/testsuite]
2018-04-20 Michael Meissner <meissner@linux.ibm.com>
PR target/85456
* gcc.target/powerpc/pr85456.c: New test.
From-SVN: r259533
When -fcf-protection -mcet is used, I got
FAIL: g++.dg/eh/sighandle.C
(gdb) bt
#0 _Unwind_RaiseException (exc=exc@entry=0x416ed0)
at /export/gnu/import/git/sources/gcc/libgcc/unwind.inc:140
#1 0x00007ffff7d9936b in __cxxabiv1::__cxa_throw (obj=<optimized out>,
tinfo=0x403dd0 <typeinfo for int@@CXXABI_1.3>, dest=0x0)
at /export/gnu/import/git/sources/gcc/libstdc++-v3/libsupc++/eh_throw.cc:90
#2 0x0000000000401255 in sighandler (signo=11, si=0x7fffffffd6f8,
uc=0x7fffffffd5c0)
at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:9
#3 <signal handler called> <<<< Signal frame which isn't on shadow stack
#4 dosegv ()
at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:14
#5 0x00000000004012e3 in main ()
at /export/gnu/import/git/sources/gcc/gcc/testsuite/g++.dg/eh/sighandle.C:30
(gdb) p frames
$6 = 5
(gdb)
frame count should be 4, not 5. This patch skips signal frames when
unwinding shadow stack.
gcc/testsuite/
PR libgcc/85334
* g++.dg/torture/pr85334.C: New test.
libgcc/
PR libgcc/85334
* unwind-generic.h (_Unwind_Frames_Increment): New.
* config/i386/shadow-stack-unwind.h (_Unwind_Frames_Increment):
Likewise.
* unwind.inc (_Unwind_RaiseException_Phase2): Increment frame
count with _Unwind_Frames_Increment.
(_Unwind_ForcedUnwind_Phase2): Likewise.
From-SVN: r259502
Program received signal SIGSEGV, Segmentation fault.
__stack_split_initialize ()
at /export/gnu/import/git/sources/gcc/libgcc/config/i386/morestack.S:751
751 leaq -16000(%rsp),%rax # We should have at least 16K.
Missing separate debuginfos, use: dnf debuginfo-install libgcc-8.0.1-0.21.0.fc28.x86_64
(gdb) disass
Dump of assembler code for function __stack_split_initialize:
=> 0x0000000000402858 <+0>: lea -0x3e80(%rsp),%rax
0x0000000000402860 <+8>: mov %rax,%fs:0x70
0x0000000000402869 <+17>: sub $0x8,%rsp
0x000000000040286d <+21>: mov %rsp,%rdi
0x0000000000402870 <+24>: mov $0x3e80,%esi
0x0000000000402875 <+29>: callq 0x401810 <__generic_morestack_set_initial_sp>
0x000000000040287a <+34>: add $0x8,%rsp
0x000000000040287e <+38>: retq
End of assembler dump.
(gdb)
This patch adds the missing ENDBR to __stack_split_initialize.
PR libgcc/85379
* config/i386/morestack.S (__stack_split_initialize): Add
_CET_ENDBR.
From-SVN: r259497
* config/cet.m4 (GCC_CET_FLAGS): Default to --disable-cet, replace
--enable-cet=default with --enable-cet=auto.
* doc/install.texi: Document --disable-cet being the default and
--enable-cet=auto.
* configure: Regenerated.
From-SVN: r259487
PR jit/85384
* acx.m4 (GCC_BASE_VER): Remove \$\$ from sed expression.
* configure.ac (gcc-driver-name.h): Honor --with-gcc-major-version
by using gcc_base_ver to generate a gcc_driver_version, and use
it when generating GCC_DRIVER_NAME.
* configure: Regenerate.
* configure: Regenerate.
From-SVN: r259462
PR target/84945
* config/i386/cpuinfo.c (set_feature): Wrap into do while (0) to avoid
-Wdangling-else warnings. Mask shift counts to avoid
-Wshift-count-negative and -Wshift-count-overflow false positives.
From-SVN: r259398
Enable AVX and AVX512 features only if their states are supported by
OSXSAVE.
PR target/85100
* config/i386/cpuinfo.c (XCR_XFEATURE_ENABLED_MASK): New.
(XSTATE_FP): Likewise.
(XSTATE_SSE): Likewise.
(XSTATE_YMM): Likewise.
(XSTATE_OPMASK): Likewise.
(XSTATE_ZMM): Likewise.
(XSTATE_HI_ZMM): Likewise.
(XCR_AVX_ENABLED_MASK): Likewise.
(XCR_AVX512F_ENABLED_MASK): Likewise.
(get_available_features): Enable AVX and AVX512 features only
if their states are supported by OSXSAVE.
From-SVN: r258954