Ping [AArch64] Accelerate -fstack-protector

Jiong Wang jiong.wang@foss.arm.com
Tue Feb 7 16:06:00 GMT 2017 

On 18/01/17 17:10, Jiong Wang wrote:
> aarch64 cross check OK with the following options enabled on all testcases.
>     -fstack-protector-all -mstack-protector-pauth
>
> OK for trunk?
>                                                                     gcc/
> 2017-01-18  Jiong Wang  <jiong.wang@arm.com>
>            * config/aarch64/aarch64-protos.h
>         (aarch64_pauth_stack_protector_enabled): New declaration.
>         * config/aarch64/aarch64.c (aarch64_layout_frame): Swap callee-save area
>         and locals area when aarch64_pauth_stack_protector_enabled returns true.
>         (aarch64_stack_protect_runtime_enabled): New function.
>         (aarch64_pauth_stack_protector_enabled): New function.
>         (aarch64_return_address_signing_enabled): Enabled by
>         aarch64_pauth_stack_protector_enabled.
>         (aarch64_override_options): Sanity check for -mstack-protector-pauth.
>         (TARGET_STACK_PROTECT_RUNTIME_ENABLED_P): Define.
>         * config/aarch64/aarch64.h (LINK_SSP_SPEC): Likewise.
>         * config/aarch64/aarch64.opt (-mstack-protector-pauth): New option.
>         * doc/invoke.texi (AArch64 Options): Documents -mstack-protector-pauth.
>
> gcc/testsuite/
>         * gcc.target/aarch64/stack_protector_1.c: New test.

I'd like to ping this patch which acclerates GCC -fstack-protector using
ARMv8.3-A Pointer Authentication Extension.  The whole acceleration will
only be enabled through the new option "-mstack-protector-pauth" which is
disabled at default.

This patch does not touch any generic code and does not change GCC codegen on
AArch64 at default, it should be with very low risk.  So is it OK to commit
to GCC trunk?

Code compiled with "-mstack-protector-pauth" can co-work with code compiled
without "-mstack-protector-pauth".  The only problem is when
"-mstack-protector-pauth" is specified, "-lssp/-lssp_nonshared" won't be implied
as the software runtime supports are not required any more.  So if the user has
some object files compiled using default stack protector and wants them to be
linked with object files compiled using "-mstack-protector-pauth", if
"-mstack-protector-pauth" appear in the final command line and "gcc" is used as
linker driver, then "-lssp/-lssp_nonshared" needs to be specified explicitly.

More information about the Gcc-patches mailing list