From patchwork Tue Feb 13 15:16:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 1898293 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=Igo5h9ZD; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TZ4gN5MV7z23hT for ; Wed, 14 Feb 2024 02:17:04 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 880F938582BB for ; Tue, 13 Feb 2024 15:17:02 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) by sourceware.org (Postfix) with ESMTPS id 4D92C3858C52 for ; Tue, 13 Feb 2024 15:16:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 4D92C3858C52 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 4D92C3858C52 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::629 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707837404; cv=none; b=Z7dIOqLlBcXu/LYu079wFTY+jSkbK4OMHBHgmEi/H1lWsy6znlsn0Tqo4q7w7jyt2crvqtlMvZo+Joi+qASw32vhndLQSBIWiiwdgSXwxxJ5k70bG3EiNTeybMq1yfKaExv2XNV7SzDEFZ9N8NpTsWIhblNyvsZl/SzKJSen0WQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707837404; c=relaxed/simple; bh=vYOskMv1GYa4zvYDKTfBGhfOqtoGUhMcFq6fkGy7Nok=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=sH6q8uwi4/8nIpM0lr4AMrow/GdMUg065Bs5dg83/q+3296lgHx5Y+5s4lDbNgHaf/NEajJxFoTg6FB0vd6jaFLP+UqTV/gh57U1w5ymKLP5SVbMEVvjcTt+KYZbs5zCs5r9bhpgAvnWEvsGluw8e9wgYy1/uwFDkf2Y31zSOfI= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pl1-x629.google.com with SMTP id d9443c01a7336-1d71cb97937so42851785ad.3 for ; Tue, 13 Feb 2024 07:16:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707837401; x=1708442201; darn=gcc.gnu.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=3yw3jKEaWaYyQD/ERWY4YIhdaW9IixFXTyPMHHAdl4Q=; b=Igo5h9ZD0l7ftDf44Cd9nZuTC/hdQwwhqvBsSiYDiSLxXP8/q7qMH4+fCvrYSN0XuL RuM85Jpn6REhc3czQMi3vsTW/bC/j0s8ybJ0OyGEaVI6WIhLYqybN3gDUuN53FLtUxzm PwN9k05If7tr/He2I6mRJkA6Z/aSgI34LGgFDpzlBfcflYmewCm6MR3eQRkeK+eS26Hg j/GVTHfPKqya1umLXBS4wwFDGukwMH3jBVoA+fdPL+8W1s0r6QcDBok/F6Z5oq1HYAH4 3enFeZ8RTwyyTPr4RjF5QkI1qh3N7cCnh4HZm0E3vVL7cyI9qsYDqeJ8N2VSB8lDq5kJ 6WVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707837401; x=1708442201; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=3yw3jKEaWaYyQD/ERWY4YIhdaW9IixFXTyPMHHAdl4Q=; b=FOhmbzMyfDA3lZL4fP7qOWnU5IY1k7xPnFiAvWIZzQqp1hJyW3bJvVU5eY5QnFqJ5W u/shTz0mBWWaDF4PrUpwsMTJhKJcKYjdviUEkAYiexvFFCCakk83rrRnDTbuPAi6kP/A VCLIy/aCOSVkMppR+QqrgdxBj/ZbFbbHiIMx5Vr+LI+mnpmbVh/FThD9NXElXaGcyg4J dTlZVVl0qc3A/Ka7xXHhXsfPoiVFjcIZu3TYr41tfizfMtUVjJ4Y6im68W2WnoEWJT10 B3T20lw/m4mtdHIOsgBdHhRV/xpC3ga+iYQOPZljaH7ZjbRe8m4Ucwh6AlEKZcL28Mgq yPsg== X-Forwarded-Encrypted: i=1; AJvYcCVCUjM8wK1OIdZhR+87unsDRfCxZZvbPmvctLgsbm4YOYnn/CxVnJbhxLJ4ATJyDU2TTyds0cokAl0VlsBomMQNVUC9Iw79dg== X-Gm-Message-State: AOJu0YzKBU5sguCzIMqiAW6IqHi0rUQVJvbTLNhvfppoIqUokiura0BY g/ZXfmwOyQ1DLiEJi13AIKv+yO5r2efFvDvMvLyVbojgijzcCcE0a11iAS2c X-Google-Smtp-Source: AGHT+IHoI8Knnj5/XK6gEipja4Ap/2+l51K8rqStUxwugXlAeOI5aoMeGRRVsc9FzLFeruZ5vMBTQw== X-Received: by 2002:a17:903:22c1:b0:1db:3cae:f507 with SMTP id y1-20020a17090322c100b001db3caef507mr1379865plg.34.1707837400597; Tue, 13 Feb 2024 07:16:40 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCV9bZaOOXh4lv6mmC00wZmWo1lHuBQn4mlLUhGCM+6g0Xr3gXtlqRGn0202FT+Etc3+S1vljPAwe2YXyrucIEM2isUjBzKRPQ== Received: from gnu-cfl-3.localdomain ([172.56.168.224]) by smtp.gmail.com with ESMTPSA id a17-20020a170902ecd100b001d9773a198esm2184762plh.201.2024.02.13.07.16.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 13 Feb 2024 07:16:40 -0800 (PST) Received: by gnu-cfl-3.localdomain (Postfix, from userid 1000) id 3F3FB7402D5; Tue, 13 Feb 2024 07:16:39 -0800 (PST) Date: Tue, 13 Feb 2024 07:16:39 -0800 From: "H.J. Lu" To: Jakub Jelinek Cc: iain@sandoe.co.uk, gcc-patches@gcc.gnu.org Subject: [PATCH] x86: Support x32 and IBT in heap trampoline Message-ID: References: <20240210171444.132-1-iain@sandoe.co.uk> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-3021.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_SBL_CSS, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org On Tue, Feb 13, 2024 at 10:42:52AM +0100, Jakub Jelinek wrote: > On Sat, Feb 10, 2024 at 10:05:34AM -0800, H.J. Lu wrote: > > > I bet it probably doesn't work properly for -mx32 (which defines > > > __x86_64__), CCing H.J. on that, but that is a preexisting issue > > > (and I don't have any experience with it; I guess one would either > > > need to add 4 bytes of padding after the func_ptr so that those > > > bits remain zeros as sizeof (void *) is 4, but presumably it would be > > > better to just use movl (but into %r10) and maybe the jmpl instead > > > of movabsq. > > > > Are there any testcases to exercise this code on Linux? > > Here is an untested attempt to implement it for -mx32 (well, I've compiled > it with -mx32 in libgcc by hand after stubbing > /usr/include/gnu/stubs-x32.h). > > Testcase could be something like: > > /* { dg-do run } */ > /* { dg-options "-ftrampoline-impl=heap" } */ > > __attribute__((noipa)) int > bar (int (*fn) (int)) > { > return fn (42) + 1; > } > > int > main () > { > int a = 0; > int foo (int x) { if (x != 42) __builtin_abort (); return ++a; } > if (bar (foo) != 2 || a != 1) > __builtin_abort (); > if (bar (foo) != 3 || a != 2) > __builtin_abort (); > a = 42; > if (bar (foo) != 44 || a != 43) > __builtin_abort (); > return 0; > } > but I must say I'm also surprised we have no tests for this in the > testsuite. Sure, we'd also need to add some effective target whether > -ftrampoline-impl=heap can be used for a link/runtime test or not. > > 2024-02-13 Jakub Jelinek > > PR target/113855 > * config/i386/heap-trampoline.c (trampoline_insns): Use movabsq > instead of movabs in comments. Add -mx32 variant. > It works on x32. I modified your patch to add IBT support and pad the trampoline to the multiple of 4 bytes. Thanks. H.J. --- 2024-02-13 Jakub Jelinek H.J. Lu PR target/113855 * config/i386/heap-trampoline.c (trampoline_insns): Add IBT support and pad to the multiple of 4 bytes. Use movabsq instead of movabs in comments. Add -mx32 variant. --- libgcc/config/i386/heap-trampoline.c | 42 ++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/libgcc/config/i386/heap-trampoline.c b/libgcc/config/i386/heap-trampoline.c index 1df0aa06108..a8637dc92d3 100644 --- a/libgcc/config/i386/heap-trampoline.c +++ b/libgcc/config/i386/heap-trampoline.c @@ -30,28 +30,64 @@ void __gcc_nested_func_ptr_created (void *chain, void *func, void *dst); void __gcc_nested_func_ptr_deleted (void); #if __x86_64__ + +#ifdef __LP64__ static const uint8_t trampoline_insns[] = { - /* movabs $,%r11 */ +#if defined __CET__ && (__CET__ & 1) != 0 + /* endbr64. */ + 0xf3, 0x0f, 0x1e, 0xfa, +#endif + + /* movabsq $,%r11 */ 0x49, 0xbb, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - /* movabs $,%r10 */ + /* movabsq $,%r10 */ 0x49, 0xba, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* rex.WB jmpq *%r11 */ - 0x41, 0xff, 0xe3 + 0x41, 0xff, 0xe3, + + /* Pad to the multiple of 4 bytes. */ + 0x90 }; +#else +static const uint8_t trampoline_insns[] = { +#if defined __CET__ && (__CET__ & 1) != 0 + /* endbr64. */ + 0xf3, 0x0f, 0x1e, 0xfa, +#endif + + /* movl $,%r11d */ + 0x41, 0xbb, + 0x00, 0x00, 0x00, 0x00, + + /* movl $,%r10d */ + 0x41, 0xba, + 0x00, 0x00, 0x00, 0x00, + + /* rex.WB jmpq *%r11 */ + 0x41, 0xff, 0xe3, + + /* Pad to the multiple of 4 bytes. */ + 0x90 +}; +#endif union ix86_trampoline { uint8_t insns[sizeof(trampoline_insns)]; struct __attribute__((packed)) fields { +#if defined __CET__ && (__CET__ & 1) != 0 + uint8_t endbr64[4]; +#endif uint8_t insn_0[2]; void *func_ptr; uint8_t insn_1[2]; void *chain_ptr; uint8_t insn_2[3]; + uint8_t pad; } fields; };