Index: llvm/include/llvm/BinaryFormat/ELF.h =================================================================== --- llvm/include/llvm/BinaryFormat/ELF.h +++ llvm/include/llvm/BinaryFormat/ELF.h @@ -1308,6 +1308,13 @@ enum { GNU_PROPERTY_STACK_SIZE = 1, GNU_PROPERTY_NO_COPY_ON_PROTECTED = 2, + GNU_PROPERTY_X86_FEATURE_1_AND = 0xc0000002 +}; + +// CET properties +enum { + GNU_PROPERTY_X86_FEATURE_1_IBT = 1 << 0, + GNU_PROPERTY_X86_FEATURE_1_SHSTK = 1 << 1 }; // AMDGPU specific notes. Index: llvm/lib/Target/X86/X86AsmPrinter.cpp =================================================================== --- llvm/lib/Target/X86/X86AsmPrinter.cpp +++ llvm/lib/Target/X86/X86AsmPrinter.cpp @@ -19,6 +19,7 @@ #include "X86InstrInfo.h" #include "X86MachineFunctionInfo.h" #include "llvm/BinaryFormat/COFF.h" +#include "llvm/BinaryFormat/ELF.h" #include "llvm/CodeGen/MachineConstantPool.h" #include "llvm/CodeGen/MachineModuleInfoImpls.h" #include "llvm/CodeGen/TargetLoweringObjectFileImpl.h" @@ -539,6 +540,45 @@ void X86AsmPrinter::EmitStartOfAsmFile(Module &M) { const Triple &TT = TM.getTargetTriple(); + if (TT.isOSBinFormatELF()) { + // Assemble feature flags that may require creation of a note section. + char FeatureFlagsAnd = 0; + if (M.getModuleFlag("cf-protection-branch")) + FeatureFlagsAnd |= ELF::GNU_PROPERTY_X86_FEATURE_1_IBT; + if (M.getModuleFlag("cf-protection-return")) + FeatureFlagsAnd |= ELF::GNU_PROPERTY_X86_FEATURE_1_SHSTK; + + if (FeatureFlagsAnd) { + // Emit a .note.gnu.property section with the flags. + MCSection *Cur = OutStreamer->getCurrentSectionOnly(); + MCSection *Nt = (MCSection *)MMI->getContext().getELFSection( + ".note.gnu.property", ELF::SHT_NOTE, ELF::SHF_ALLOC); + int WordSize = TT.isArch64Bit() ? 8 : 4; + assert((TT.isArch32Bit() || WordSize == 8) && + "CFProtection used on invalid architecture"); + OutStreamer->SwitchSection(Nt); + + // Emitting note header. + EmitAlignment(WordSize == 4 ? 2 : 3); + OutStreamer->EmitIntValue(4, 4 /*size*/); // data size for "GNU\0" + OutStreamer->EmitIntValue(8 + WordSize, 4 /*size*/); // Elf_Prop size + OutStreamer->EmitIntValue(ELF::NT_GNU_PROPERTY_TYPE_0, 4 /*size*/); + OutStreamer->EmitIntValue('G', 1 /*size*/); // note name "GNU" + OutStreamer->EmitIntValue('N', 1 /*size*/); + OutStreamer->EmitIntValue('U', 1 /*size*/); + OutStreamer->EmitIntValue(0, 1 /*size*/); + + // Emitting an Elf_Prop for the CET properties. + OutStreamer->EmitIntValue(ELF::GNU_PROPERTY_X86_FEATURE_1_AND, 4); + OutStreamer->EmitIntValue(WordSize, 4); // data size + OutStreamer->EmitIntValue(FeatureFlagsAnd, WordSize); // data + EmitAlignment(WordSize == 4 ? 2 : 3); // padding + + OutStreamer->endSection(Nt); + OutStreamer->SwitchSection(Cur); + } + } + if (TT.isOSBinFormatMachO()) OutStreamer->SwitchSection(getObjFileLowering().getTextSection()); Index: llvm/test/CodeGen/X86/note-cet-property.ll =================================================================== --- /dev/null +++ llvm/test/CodeGen/X86/note-cet-property.ll @@ -0,0 +1,22 @@ +; RUN: llc -mtriple x86_64-pc-linux < %s | FileCheck %s + +; This test checks that the compiler emits a .note.gnu.property section for +; modules with "cf-protection" module flags. + +; CHECK: .section .note.gnu.property,"a",@note +; CHECK-NEXT: .p2align 3 +; CHECK-NEXT: .long 4 +; CHECK-NEXT: .long 16 +; CHECK-NEXT: .long 5 +; CHECK-NEXT: .byte 71 +; CHECK-NEXT: .byte 78 +; CHECK-NEXT: .byte 85 +; CHECK-NEXT: .byte 0 +; CHECK-NEXT: .long 3221225474 +; CHECK-NEXT: .long 8 +; CHECK-NEXT: .quad 2 +; CHECK-NEXT: .p2align 3 + +!llvm.module.flags = !{!0} + +!0 = !{i32 4, !"cf-protection-return", i32 1} Index: llvm/test/tools/llvm-readobj/note-gnu-property.s =================================================================== --- llvm/test/tools/llvm-readobj/note-gnu-property.s +++ llvm/test/tools/llvm-readobj/note-gnu-property.s @@ -2,16 +2,21 @@ // RUN: llvm-mc -filetype=obj -triple x86_64-pc-linux-gnu %s -o %t // RUN: llvm-readobj -elf-output-style GNU --notes %t | FileCheck %s -// CHECK: Displaying notes found at file offset 0x00000040 with length 0x00000070: +// CHECK: Displaying notes found at file offset 0x00000040 with length 0x000000b8: // CHECK-NEXT: Owner Data size Description -// CHECK-NEXT: GNU 0x00000060 NT_GNU_PROPERTY_TYPE_0 (property note) +// CHECK-NEXT: GNU 0x000000a8 NT_GNU_PROPERTY_TYPE_0 (property note) // CHECK-NEXT: Properties: stack size: 0x100 // CHECK-NEXT: stack size: 0x100 // CHECK-NEXT: no copy on protected +// CHECK-NEXT: X86 features: SHSTK +// CHECK-NEXT: X86 features: IBT, SHSTK +// CHECK-NEXT: X86 features: none // CHECK-NEXT: // CHECK-NEXT: stack size: // CHECK-NEXT: stack size: // CHECK-NEXT: no copy on protected +// CHECK-NEXT: X86 features: +// CHECK-NEXT: X86 features: IBT, // CHECK-NEXT: .section ".note.gnu.property", "a" @@ -26,7 +31,7 @@ .long 8 /* Data size */ .quad 0x100 /* Data (stack size) */ .p2align 3 /* Align to 8 byte for 64 bit */ - + /* Test we handle alignment properly */ .long 1 /* Type: GNU_PROPERTY_STACK_SIZE */ .long 8 /* Data size */ @@ -36,6 +41,23 @@ .long 2 /* Type: GNU_PROPERTY_NO_COPY_ON_PROTECTED */ .long 0 /* Data size */ .p2align 3 /* Align to 8 byte for 64 bit */ + + /* CET property note */ + .long 0xc0000002 /* Type: GNU_PROPERTY_X86_FEATURE_1_AND */ + .long 8 /* Data size */ + .quad 2 /* GNU_PROPERTY_X86_FEATURE_1_SHSTK */ + .p2align 3 /* Align to 8 byte for 64 bit */ + + /* CET property note with padding */ + .long 0xc0000002 /* Type: GNU_PROPERTY_X86_FEATURE_1_AND */ + .long 4 /* Data size */ + .long 3 /* Full CET support */ + .p2align 3 /* Align to 8 byte for 64 bit */ + + .long 0xc0000002 /* Type: GNU_PROPERTY_X86_FEATURE_1_AND */ + .long 8 /* Data size */ + .quad 0 /* Empty flags, not an error */ + .p2align 3 /* Align to 8 byte for 64 bit */ /* All notes below are broken. Test we are able to report them. */ @@ -60,6 +82,17 @@ .long 1 /* Data size (corrupted) */ .byte 1 /* Data */ .p2align 3 /* Align to 8 byte for 64 bit */ + + /* CET note with size zero */ + .long 0xc0000002 /* Type: GNU_PROPERTY_X86_FEATURE_1_AND */ + .long 0 /* Data size */ + .p2align 3 /* Align to 8 byte for 64 bit */ + + /* CET note with bad flags */ + .long 0xc0000002 /* Type: GNU_PROPERTY_X86_FEATURE_1_AND */ + .long 8 /* Data size */ + .quad 0xf000f000f000f001 /* GNU_PROPERTY_X86_FEATURE_1_IBT and bad bits */ + .p2align 3 /* Align to 8 byte for 64 bit */ /* GNU_PROPERTY_NO_COPY_ON_PROTECTED with pr_datasz and without data */ .long 2 /* Type: GNU_PROPERTY_NO_COPY_ON_PROTECTED */ Index: llvm/tools/llvm-readobj/ELFDumper.cpp =================================================================== --- llvm/tools/llvm-readobj/ELFDumper.cpp +++ llvm/tools/llvm-readobj/ELFDumper.cpp @@ -3457,7 +3457,7 @@ case GNU_PROPERTY_STACK_SIZE: { OS << " stack size: "; if (DataSize == sizeof(typename ELFT::uint)) - OS << format("0x%x\n", + OS << format("0x%lx\n", (uint64_t)(*(const typename ELFT::Addr *)Data.data())); else OS << format("\n", DataSize); @@ -3469,6 +3469,36 @@ OS << format(" ", DataSize); OS << "\n"; break; + case GNU_PROPERTY_X86_FEATURE_1_AND: + OS << " X86 features: "; + if (DataSize != 4 && DataSize != 8) + OS << format("", DataSize); + else { + uint64_t CFProtection = + (DataSize == 4) + ? support::endian::read32(Data.data()) + : support::endian::read64(Data.data()); + if (CFProtection == 0) { + OS << "none\n"; + break; + } + if (CFProtection & GNU_PROPERTY_X86_FEATURE_1_IBT) { + OS << "IBT"; + CFProtection &= ~GNU_PROPERTY_X86_FEATURE_1_IBT; + if (CFProtection) + OS << ", "; + } + if (CFProtection & GNU_PROPERTY_X86_FEATURE_1_SHSTK) { + OS << "SHSTK"; + CFProtection &= ~GNU_PROPERTY_X86_FEATURE_1_SHSTK; + if (CFProtection) + OS << ", "; + } + if (CFProtection) + OS << format("", CFProtection); + } + OS << "\n"; + break; } }