[PATCH] D58102: Support X86 Control-flow Enforcement Technology (CET) in LLD

Xiang Zhang via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Fri Mar 1 00:49:23 PST 2019 

xiangzhangllvm added a comment.

In fact, if we add an option to force enable CET, We also need to do CET work as current way when the option not used.
just like this patch:

  1 diff --git a/ELF/Config.h b/ELF/Config.h
  2 index cdf594d..f49dae9 100644
  3 --- a/ELF/Config.h
  4 +++ b/ELF/Config.h
  5 @@ -188,6 +188,7 @@ struct Configuration {
  6    bool ZCombreloc;
  7    bool ZCopyreloc;
  8    bool ZExecstack;
  9 +  bool ZForceCET;

10    bool ZGlobal;
 11    bool ZHazardplt;
 12    bool ZInitfirst;
 13 diff --git a/ELF/Driver.cpp b/ELF/Driver.cpp
 14 index f6da5df..5708fdf 100644
 15 --- a/ELF/Driver.cpp
 16 +++ b/ELF/Driver.cpp
 17 @@ -348,8 +348,8 @@ static bool getZFlag(opt::InputArgList &Args, StringRef K1 <https://reviews.llvm.org/K1>, StringRef K2,
18
 19  static bool isKnownZFlag(StringRef S) {
 20    return S == "combreloc" || S == "copyreloc" || S == "defs" ||
 21 -         S == "execstack" || S == "global" || S == "hazardplt" ||
 22 -         S == "initfirst" || S == "interpose" ||
 23 +         S == "execstack" || S == "force-cet" || S == "global" ||
 24 +         S == "hazardplt" || S == "initfirst" || S == "interpose" ||
 25           S == "keep-text-section-prefix" || S == "lazy" || S == "muldefs" ||
 26           S == "nocombreloc" || S == "nocopyreloc" || S == "nodefaultlib" ||
 27           S == "nodelete" || S == "nodlopen" || S == "noexecstack" ||
 28 @@ -873,6 +873,7 @@ void LinkerDriver::readConfigs(opt::InputArgList &Args) {
 29    Config->ZCombreloc = getZFlag(Args, "combreloc", "nocombreloc", true);
 30    Config->ZCopyreloc = getZFlag(Args, "copyreloc", "nocopyreloc", true);
 31    Config->ZExecstack = getZFlag(Args, "execstack", "noexecstack", false);
 32 +  Config->ZForceCET = hasZOption(Args, "force-cet");
 33    Config->ZGlobal = hasZOption(Args, "global");
 34    Config->ZHazardplt = hasZOption(Args, "hazardplt");
 35    Config->ZInitfirst = hasZOption(Args, "initfirst");
 36 @@ -1656,9 +1657,16 @@ template <class ELFT> void LinkerDriver::mergeAggregateMetadata() {
 37        // There is no X86Feature1AND .note.gnu.property section in this file. Set
 38        // all CFProtection properties to false and discard other such sections.
 39        IsAllFileF1AND = false;
 40 -     } else {
 41 +
 42 +      // If used -z force-cet option, all the input files must be CET marked.
 43 +      if (Config->ZForceCET) {
 44 +        error(toString(F) + "must enable CET when using -z force-cet " +
 45 +              "linker option.");
 46 +        break;
 47 +      }
 48 +    } else {
 49         readGNUPropertyX86Feature1AND<ELFT>(*I, Config, X86F1ANDDescLoca);
 50 -     }
 51 +    }
 52    }
 53    if (!IsAllFileF1AND) {
 54      Config->SPltSectionEnable = false;


Repository:
  rLLD LLVM Linker

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D58102/new/

https://reviews.llvm.org/D58102

More information about the llvm-commits mailing list