diff options
| author | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2020-04-17 16:54:12 +0100 |
|---|---|---|
| committer | Szabolcs Nagy <szabolcs.nagy@arm.com> | 2020-05-14 13:11:22 +0100 |
| commit | f6e42cdee5de2b3441afc88c8888c1166bdffe57 (patch) | |
| tree | 2450c1f36c445d441e6d12310aae9560987745c2 | |
| parent | 95833c34424f340a7e465ee38b6a41369bc7c90b (diff) | |
aarch64: ensure bti c is emitted at function start [PR94697]
The bti pass currently first emits bti c at function start
if there is no paciasp (which also acts as indirect call
landing pad), then bti j is emitted at jump labels, however
if there is a label right before paciasp then the function
start can end up like
foo:
label:
bti j
paciasp
...
This patch is a minimal fix that just moves the bti c handling
after the bti j handling so we end up with
foo:
bti c
label:
bti j
paciasp
...
This could be improved by emitting bti jc in this case, or by
detecting that the label is not in fact an indirect jump target
and then this situation would be much less common.
Needs to be backported to gcc-9 branch.
Backported without the testcase because of missing infrastructure
for check-function-bodies.
gcc/ChangeLog:
Backport from mainline.
2020-04-23 Szabolcs Nagy <szabolcs.nagy@arm.com>
PR target/94697
* config/aarch64/aarch64-bti-insert.c (rest_of_insert_bti): Swap
bti c and bti j handling.
| -rw-r--r-- | gcc/ChangeLog | 9 | ||||
| -rw-r--r-- | gcc/config/aarch64/aarch64-bti-insert.c | 32 |
2 files changed, 25 insertions, 16 deletions
diff --git a/gcc/ChangeLog b/gcc/ChangeLog index b36c9d53d26..1b814c7308b 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,6 +1,15 @@ 2020-05-14 Szabolcs Nagy <szabolcs.nagy@arm.com> Backport from mainline. + 2020-04-23 Szabolcs Nagy <szabolcs.nagy@arm.com> + + PR target/94697 + * config/aarch64/aarch64-bti-insert.c (rest_of_insert_bti): Swap + bti c and bti j handling. + +2020-05-14 Szabolcs Nagy <szabolcs.nagy@arm.com> + + Backport from mainline. 2020-04-27 Szabolcs Nagy <szabolcs.nagy@arm.com> PR target/94515 diff --git a/gcc/config/aarch64/aarch64-bti-insert.c b/gcc/config/aarch64/aarch64-bti-insert.c index e519a0f0ac1..9e0fc168435 100644 --- a/gcc/config/aarch64/aarch64-bti-insert.c +++ b/gcc/config/aarch64/aarch64-bti-insert.c @@ -130,22 +130,6 @@ rest_of_insert_bti (void) rtx_insn *insn; basic_block bb; - /* Since a Branch Target Exception can only be triggered by an indirect call, - we exempt function that are only called directly. We also exempt - functions that are already protected by Return Address Signing (PACIASP/ - PACIBSP). For all other cases insert a BTI C at the beginning of the - function. */ - if (!cgraph_node::get (cfun->decl)->only_called_directly_p ()) - { - bb = ENTRY_BLOCK_PTR_FOR_FN (cfun)->next_bb; - insn = BB_HEAD (bb); - if (!aarch64_pac_insn_p (get_first_nonnote_insn ())) - { - bti_insn = gen_bti_c (); - emit_insn_before (bti_insn, insn); - } - } - bb = 0; FOR_EACH_BB_FN (bb, cfun) { @@ -201,6 +185,22 @@ rest_of_insert_bti (void) } } + /* Since a Branch Target Exception can only be triggered by an indirect call, + we exempt function that are only called directly. We also exempt + functions that are already protected by Return Address Signing (PACIASP/ + PACIBSP). For all other cases insert a BTI C at the beginning of the + function. */ + if (!cgraph_node::get (cfun->decl)->only_called_directly_p ()) + { + bb = ENTRY_BLOCK_PTR_FOR_FN (cfun)->next_bb; + insn = BB_HEAD (bb); + if (!aarch64_pac_insn_p (get_first_nonnote_insn ())) + { + bti_insn = gen_bti_c (); + emit_insn_before (bti_insn, insn); + } + } + timevar_pop (TV_MACH_DEP); return 0; } |