This is an archive of the discontinued LLVM Phabricator instance.

Differential D137317

[X86][CET] Add Diags for targets pre to i686 for `-fcf-protection`
ClosedPublic

Authored by pengfei on Nov 3 2022, 12:55 AM.

Details

Reviewers
nickdesaulniers
Commits
rG525167829727: [X86][CET] Add Diags for targets pre to i686 for `-fcf-protection`
Summary

Intel Control-flow Enforcement Technology (CET) provides new instructions endbr32/64 for the indirect branch control. They are NOPs on i686 and new targets. We need to check for that in case it crashes on older targets.

Fixes #58737

Diff Detail

Event Timeline

pengfei created this revision.Nov 3 2022, 12:55 AM
Herald added a project: Restricted Project. · View Herald TranscriptNov 3 2022, 12:55 AM
pengfei requested review of this revision.Nov 3 2022, 12:55 AM
Herald added a project: Restricted Project. · View Herald TranscriptNov 3 2022, 12:55 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
pengfei planned changes to this revision.Nov 3 2022, 1:18 AM
Harbormaster completed remote builds in B195879: Diff 472861.Nov 3 2022, 1:24 AM
pengfei updated this revision to Diff 472916.Nov 3 2022, 6:15 AM

Fix lit fail.

Harbormaster completed remote builds in B195918: Diff 472916.Nov 3 2022, 6:49 AM
nickdesaulniers accepted this revision.Nov 3 2022, 9:44 AM

Seems fine, though looking at llvm::X86::CPUKind, why do you choose llvm::X86::CK_PentiumPro as the lower bounds? Surely llvm::X86::CK_Pentium2 doesn't support CET?

Does the backend already have an equivalent CPU target check that could be reused by clang?

This revision is now accepted and ready to land.Nov 3 2022, 9:44 AM
craig.topper added a subscriber: craig.topper.Nov 3 2022, 9:48 AM
In D137317#3905643, @nickdesaulniers wrote:

Seems fine, though looking at llvm::X86::CPUKind, why do you choose llvm::X86::CK_PentiumPro as the lower bounds? Surely llvm::X86::CK_Pentium2 doesn't support CET?

Does the backend already have an equivalent CPU target check that could be reused by clang?

My understanding was that the CET encodings reuse some encodings that have been equivalent to multibyte NOPs since PentiumPro. I think the intent was that a CET mitigated binary would still run on a CPU that didn't support CET.

nickdesaulniers added a comment.Nov 3 2022, 9:51 AM
In D137317#3905654, @craig.topper wrote:
In D137317#3905643, @nickdesaulniers wrote:

Seems fine, though looking at llvm::X86::CPUKind, why do you choose llvm::X86::CK_PentiumPro as the lower bounds? Surely llvm::X86::CK_Pentium2 doesn't support CET?

Does the backend already have an equivalent CPU target check that could be reused by clang?

My understanding was that the CET encodings reuse some encodings that have been equivalent to multibyte NOPs since PentiumPro. I think the intent was that a CET mitigated binary would still run on a CPU that didn't support CET.

Makes sense; consider adding that additional information as context to the commit message @pengfei .

pengfei retitled this revision from [X86][CET] Add Diags for targets pre to i686 to [X86][CET] Add Diags for targets pre to i686 for `-fcf-protection`.Nov 3 2022, 8:18 PM
pengfei edited the summary of this revision. (Show Details)

Thanks @nickdesaulniers and @craig.topper!

Closed by commit rG525167829727: [X86][CET] Add Diags for targets pre to i686 for `-fcf-protection` (authored by pengfei). · Explain WhyNov 3 2022, 9:38 PM
This revision was automatically updated to reflect the committed changes.
pengfei added a commit: rG525167829727: [X86][CET] Add Diags for targets pre to i686 for `-fcf-protection`.

Revision Contents

PathSize
clang/
lib/
Basic/
Targets/
8 lines

Diff 473120

clang/lib/Basic/Targets/X86.h

Show First 20 LinesShow All 235 Lines▼ Show 20 Linespublic:
bool validateOutputSize(const llvm::StringMap<bool> &FeatureMap, bool validateOutputSize(const llvm::StringMap<bool> &FeatureMap,
StringRef Constraint, unsigned Size) const override; StringRef Constraint, unsigned Size) const override;
bool validateInputSize(const llvm::StringMap<bool> &FeatureMap, bool validateInputSize(const llvm::StringMap<bool> &FeatureMap,
StringRef Constraint, unsigned Size) const override; StringRef Constraint, unsigned Size) const override;
bool bool
checkCFProtectionReturnSupported(DiagnosticsEngine &Diags) const override { checkCFProtectionReturnSupported(DiagnosticsEngine &Diags) const override {
if (CPU == llvm::X86::CK_None || CPU >= llvm::X86::CK_PentiumPro)
return true; return true;
return TargetInfo::checkCFProtectionReturnSupported(Diags);
}; };
bool bool
checkCFProtectionBranchSupported(DiagnosticsEngine &Diags) const override { checkCFProtectionBranchSupported(DiagnosticsEngine &Diags) const override {
if (CPU == llvm::X86::CK_None || CPU >= llvm::X86::CK_PentiumPro)
return true; return true;
return TargetInfo::checkCFProtectionBranchSupported(Diags);
}; };
virtual bool validateOperandSize(const llvm::StringMap<bool> &FeatureMap, virtual bool validateOperandSize(const llvm::StringMap<bool> &FeatureMap,
StringRef Constraint, unsigned Size) const; StringRef Constraint, unsigned Size) const;
std::string convertConstraint(const char *&Constraint) const override; std::string convertConstraint(const char *&Constraint) const override;
const char *getClobbers() const override { const char *getClobbers() const override {
return "~{dirflag},~{fpsr},~{flags}"; return "~{dirflag},~{fpsr},~{flags}";
▲ Show 20 LinesShow All 703 LinesShow Last 20 Lines