[PATCH 3/12 V2] arm: Add option -mbranch-protection

Richard Earnshaw Richard.Earnshaw@foss.arm.com
Mon Jul 4 10:55:10 GMT 2022



On 04/07/2022 10:27, Andrea Corallo via Gcc-patches wrote:
> Richard Earnshaw <Richard.Earnshaw@foss.arm.com> writes:
> 
> [...]
> 
>> +@item
>> +-mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}][+@var{bti}]|@var{bti}[+@var{pac-ret}[+@var{leaf}]]
>> +@opindex mbranch-protection
>> +Enable branch protection features (armv8.1-m.main only).
>> +@samp{none} generate code without branch protection or return address
>> +signing.
>> +@samp{standard[+@var{leaf}]} generate code with all branch protection
>> +features enabled at their standard level.
>> +@samp{pac-ret[+@var{leaf}]} generate code with return address signing
>> +set to its standard level, which is to sign all functions that save
>> +the return address to memory.
>> +@samp{leaf} When return address signing is enabled, also sign leaf
>> +functions even if they do not write the return address to memory.
>> ++@samp{bti} Add landing-pad instructions at the permitted targets of
>> +indirect branch instructions.
>> +
>> +If the @samp{+pacbti} architecture extension is not enabled, then all
>> +branch protection and return address signing operations are
>> +constrained to use only the instructions defined in the
>> +architectural-NOP space. The generated code will remain
>> +backwards-compatible with earlier versions of the architecture, but
>> +the additional security can be enabled at run time on processors that
>> +support the @samp{PACBTI} extension.
>> +
>> +Branch target enforcement using BTI can only be enabled at runtime if
>> +all code in the application has been compiled with at least
>> +@samp{-mbranch-protection=bti}.
>> +
>> +The default is to generate code without branch protection or return
>> +address signing.
>>
>> This needs to make it clear that -mbranch-protection != none is only
>> supported on armv8-m.main or later.
>>
>> R.
> 
> Hi Richard,
> 
> thanks for reviewing, please find attached the respinned patch.
> 
> Ok for trunk (when the rest of the series will be approved)?
> 
> Best Regards
> 
>    Andrea
> 
> gcc/ChangeLog:
> 
> 	* config/arm/arm.c (arm_configure_build_target): Parse and validate
> 	-mbranch-protection option and initialize appropriate data structures.
> 	* config/arm/arm.opt (-mbranch-protection): New option.
> 	* doc/invoke.texi (Arm Options): Document it.
> 
> Co-Authored-By: Tejas Belagod  <tbelagod@arm.com>
> Co-Authored-By: Richard Earnshaw <Richard.Earnshaw@arm.com>
> 

OK.

R.


More information about the Gcc-patches mailing list