[PATCH 00/12] x86: Enable Intel Control-flow Enforcement Technology (CET)
Richard Biener
rguenther at suse.de
Fri Jan 31 07:52:01 UTC 2020
On Thu, 30 Jan 2020, H.J. Lu wrote:
> Intel Control-flow Enforcement Technology (CET):
>
> https://software.intel.com/en-us/articles/intel-sdm
>
> contains shadow stack (SHSTK) and indirect branch tracking (IBT). When
> CET is enabled, ELF object files must be marked with .note.gnu.property
> section. Also when IBT is enabled, all indirect branch targets must
> start with ENDBR instruction and notrack prefix can be used to disable
> IBT on indirect branch.
>
> This patch series defines 3 macros:
>
> 1. X86_ENDBR. Defined as endbr32/endbr64 if CET is enabled.
> 2. X86_NOTRACK. Defined as notrack prefix if CET is enabled.
> 3. X86_GNU_PROPERTY. Add a .note.gnu.property section to mark Intel
> CET support if needed.
>
> and uses them to enable Intel CET.
>
> Tested with
>
> $ CC="gcc -Wl,-z,cet-report=error -fcf-protection" ./configure
>
> in i686, x32 and x86-64 modes on Linux CET machine.
Is it really needed to mark asm flavors that appear to not be
written for CPUs ever getting CET support (just seeing the
p6/k6/k7 dirs)? Or do we sometimes mix-and-match routines
and those get executed on CET enabled HW?
Richard.
> H.J. Lu (12):
> x86: Add GMP_ASM_X86_CET_MACROS to acinclude.m4
> x86-defs.m4: Use X86_GNU_PROPERTY and X86_ENDBR
> x86: Append missing ASM_END to asm files
> x86_64-defs.m4: Use X86_GNU_PROPERTY and X86_ENDBR
> x86_64: Append ASM_END to assembly codes
> x86_64/coreibwl/mullo_basecase.asm: Add X86_ENDBR
> x86_64/k10/popcount.asm: Prepend X86_NOTRACK to "jmp *%rdx"
> mpn/x86_64: Add X86_ENDBR to indirect branch targets
> x86/aors_n.asm: Add X86_ENDBR to indirect jump targets
> x86/p6: Prepend X86_NOTRACK to "jmp *%reg"
> x86/k6: Prepend X86_NOTRACK to "jmp *%reg"
> x86/k7: Prepend X86_NOTRACK to indirect branches
>
> acinclude.m4 | 101 +++++++++++++++++++++++++
> configure.ac | 1 +
> mpn/x86/aors_n.asm | 33 ++++++++
> mpn/x86/aorsmul_1.asm | 1 +
> mpn/x86/atom/sse2/aorsmul_1.asm | 1 +
> mpn/x86/atom/sse2/mul_basecase.asm | 1 +
> mpn/x86/atom/sse2/sqr_basecase.asm | 1 +
> mpn/x86/bdiv_dbm1c.asm | 1 +
> mpn/x86/copyd.asm | 1 +
> mpn/x86/copyi.asm | 1 +
> mpn/x86/divrem_1.asm | 1 +
> mpn/x86/divrem_2.asm | 1 +
> mpn/x86/k6/aors_n.asm | 1 +
> mpn/x86/k6/aorsmul_1.asm | 3 +-
> mpn/x86/k6/divrem_1.asm | 1 +
> mpn/x86/k6/k62mmx/copyd.asm | 1 +
> mpn/x86/k6/k62mmx/lshift.asm | 1 +
> mpn/x86/k6/k62mmx/rshift.asm | 1 +
> mpn/x86/k6/mmx/com.asm | 1 +
> mpn/x86/k6/mmx/logops_n.asm | 1 +
> mpn/x86/k6/mmx/lshift.asm | 1 +
> mpn/x86/k6/mmx/popham.asm | 1 +
> mpn/x86/k6/mmx/rshift.asm | 1 +
> mpn/x86/k6/mod_34lsub1.asm | 1 +
> mpn/x86/k6/mul_1.asm | 1 +
> mpn/x86/k6/mul_basecase.asm | 3 +-
> mpn/x86/k6/pre_mod_1.asm | 1 +
> mpn/x86/k6/sqr_basecase.asm | 3 +-
> mpn/x86/k7/aors_n.asm | 3 +-
> mpn/x86/k7/mmx/com.asm | 1 +
> mpn/x86/k7/mmx/copyd.asm | 1 +
> mpn/x86/k7/mmx/copyi.asm | 1 +
> mpn/x86/k7/mmx/divrem_1.asm | 1 +
> mpn/x86/k7/mmx/lshift.asm | 3 +-
> mpn/x86/k7/mmx/popham.asm | 1 +
> mpn/x86/k7/mmx/rshift.asm | 3 +-
> mpn/x86/k7/mod_1_1.asm | 1 +
> mpn/x86/k7/mod_1_4.asm | 1 +
> mpn/x86/k7/mod_34lsub1.asm | 1 +
> mpn/x86/k7/mul_basecase.asm | 3 +-
> mpn/x86/k7/sqr_basecase.asm | 3 +-
> mpn/x86/lshift.asm | 1 +
> mpn/x86/mmx/sec_tabselect.asm | 1 +
> mpn/x86/mod_34lsub1.asm | 1 +
> mpn/x86/mul_1.asm | 1 +
> mpn/x86/mul_basecase.asm | 1 +
> mpn/x86/p6/aors_n.asm | 3 +-
> mpn/x86/p6/aorsmul_1.asm | 3 +-
> mpn/x86/p6/copyd.asm | 1 +
> mpn/x86/p6/gcd_11.asm | 1 +
> mpn/x86/p6/lshsub_n.asm | 3 +-
> mpn/x86/p6/mmx/divrem_1.asm | 1 +
> mpn/x86/p6/mod_34lsub1.asm | 1 +
> mpn/x86/p6/mul_basecase.asm | 3 +-
> mpn/x86/p6/sqr_basecase.asm | 3 +-
> mpn/x86/pentium/aors_n.asm | 1 +
> mpn/x86/pentium/aorsmul_1.asm | 1 +
> mpn/x86/pentium/com.asm | 1 +
> mpn/x86/pentium/copyd.asm | 1 +
> mpn/x86/pentium/copyi.asm | 1 +
> mpn/x86/pentium/logops_n.asm | 1 +
> mpn/x86/pentium/lshift.asm | 1 +
> mpn/x86/pentium/mmx/lshift.asm | 1 +
> mpn/x86/pentium/mmx/mul_1.asm | 1 +
> mpn/x86/pentium/mmx/rshift.asm | 1 +
> mpn/x86/pentium/mod_34lsub1.asm | 1 +
> mpn/x86/pentium/mul_1.asm | 1 +
> mpn/x86/pentium/mul_2.asm | 1 +
> mpn/x86/pentium/mul_basecase.asm | 1 +
> mpn/x86/pentium/rshift.asm | 1 +
> mpn/x86/pentium/sqr_basecase.asm | 1 +
> mpn/x86/pentium4/copyd.asm | 1 +
> mpn/x86/pentium4/copyi.asm | 1 +
> mpn/x86/pentium4/mmx/popham.asm | 1 +
> mpn/x86/pentium4/sse2/add_n.asm | 1 +
> mpn/x86/pentium4/sse2/addlsh1_n.asm | 1 +
> mpn/x86/pentium4/sse2/addmul_1.asm | 1 +
> mpn/x86/pentium4/sse2/cnd_add_n.asm | 1 +
> mpn/x86/pentium4/sse2/cnd_sub_n.asm | 1 +
> mpn/x86/pentium4/sse2/divrem_1.asm | 1 +
> mpn/x86/pentium4/sse2/mod_1_1.asm | 1 +
> mpn/x86/pentium4/sse2/mod_1_4.asm | 1 +
> mpn/x86/pentium4/sse2/mod_34lsub1.asm | 1 +
> mpn/x86/pentium4/sse2/mul_1.asm | 1 +
> mpn/x86/pentium4/sse2/mul_basecase.asm | 1 +
> mpn/x86/pentium4/sse2/rsh1add_n.asm | 1 +
> mpn/x86/pentium4/sse2/sqr_basecase.asm | 1 +
> mpn/x86/pentium4/sse2/sub_n.asm | 1 +
> mpn/x86/pentium4/sse2/submul_1.asm | 1 +
> mpn/x86/rshift.asm | 1 +
> mpn/x86/sec_tabselect.asm | 1 +
> mpn/x86/sqr_basecase.asm | 1 +
> mpn/x86/udiv.asm | 1 +
> mpn/x86/umul.asm | 1 +
> mpn/x86/x86-defs.m4 | 6 +-
> mpn/x86_64/addaddmul_1msb0.asm | 1 +
> mpn/x86_64/aorrlsh1_n.asm | 1 +
> mpn/x86_64/aorrlshC_n.asm | 1 +
> mpn/x86_64/aorrlsh_n.asm | 1 +
> mpn/x86_64/aors_err1_n.asm | 1 +
> mpn/x86_64/aors_err2_n.asm | 1 +
> mpn/x86_64/aors_err3_n.asm | 1 +
> mpn/x86_64/aors_n.asm | 1 +
> mpn/x86_64/aorsmul_1.asm | 1 +
> mpn/x86_64/atom/addmul_2.asm | 1 +
> mpn/x86_64/atom/aorrlsh1_n.asm | 1 +
> mpn/x86_64/atom/aorrlsh2_n.asm | 1 +
> mpn/x86_64/atom/lshift.asm | 1 +
> mpn/x86_64/atom/lshiftc.asm | 1 +
> mpn/x86_64/atom/mul_2.asm | 1 +
> mpn/x86_64/atom/rsh1aors_n.asm | 1 +
> mpn/x86_64/atom/rshift.asm | 1 +
> mpn/x86_64/atom/sublsh1_n.asm | 1 +
> mpn/x86_64/bd1/addmul_2.asm | 1 +
> mpn/x86_64/bd1/hamdist.asm | 13 +++-
> mpn/x86_64/bd1/mul_2.asm | 1 +
> mpn/x86_64/bd1/mul_basecase.asm | 1 +
> mpn/x86_64/bd1/popcount.asm | 25 ++++--
> mpn/x86_64/bd2/gcd_11.asm | 1 +
> mpn/x86_64/bd2/gcd_22.asm | 1 +
> mpn/x86_64/bd4/gcd_11.asm | 1 +
> mpn/x86_64/bdiv_dbm1c.asm | 1 +
> mpn/x86_64/bdiv_q_1.asm | 1 +
> mpn/x86_64/bt1/aors_n.asm | 1 +
> mpn/x86_64/bt1/aorsmul_1.asm | 1 +
> mpn/x86_64/bt1/copyd.asm | 1 +
> mpn/x86_64/bt1/copyi.asm | 1 +
> mpn/x86_64/bt1/gcd_11.asm | 1 +
> mpn/x86_64/bt1/mul_1.asm | 1 +
> mpn/x86_64/bt1/mul_basecase.asm | 1 +
> mpn/x86_64/bt1/sqr_basecase.asm | 1 +
> mpn/x86_64/cnd_aors_n.asm | 1 +
> mpn/x86_64/com.asm | 1 +
> mpn/x86_64/copyd.asm | 1 +
> mpn/x86_64/copyi.asm | 1 +
> mpn/x86_64/core2/aors_err1_n.asm | 1 +
> mpn/x86_64/core2/aors_n.asm | 1 +
> mpn/x86_64/core2/aorsmul_1.asm | 1 +
> mpn/x86_64/core2/divrem_1.asm | 1 +
> mpn/x86_64/core2/gcd_11.asm | 1 +
> mpn/x86_64/core2/gcd_22.asm | 1 +
> mpn/x86_64/core2/hamdist.asm | 25 ++++--
> mpn/x86_64/core2/logops_n.asm | 1 +
> mpn/x86_64/core2/lshift.asm | 1 +
> mpn/x86_64/core2/lshiftc.asm | 1 +
> mpn/x86_64/core2/mul_basecase.asm | 5 ++
> mpn/x86_64/core2/mullo_basecase.asm | 1 +
> mpn/x86_64/core2/popcount.asm | 25 ++++--
> mpn/x86_64/core2/rsh1aors_n.asm | 1 +
> mpn/x86_64/core2/rshift.asm | 1 +
> mpn/x86_64/core2/sqr_basecase.asm | 1 +
> mpn/x86_64/core2/sublshC_n.asm | 1 +
> mpn/x86_64/coreibwl/addmul_1.asm | 24 ++++--
> mpn/x86_64/coreibwl/mul_1.asm | 24 ++++--
> mpn/x86_64/coreibwl/mul_basecase.asm | 47 ++++++++----
> mpn/x86_64/coreibwl/mullo_basecase.asm | 59 ++++++++++-----
> mpn/x86_64/coreibwl/sqr_basecase.asm | 49 ++++++++----
> mpn/x86_64/coreihwl/addmul_2.asm | 1 +
> mpn/x86_64/coreihwl/aors_n.asm | 25 ++++--
> mpn/x86_64/coreihwl/aorsmul_1.asm | 1 +
> mpn/x86_64/coreihwl/gcd_22.asm | 1 +
> mpn/x86_64/coreihwl/mul_2.asm | 1 +
> mpn/x86_64/coreihwl/mul_basecase.asm | 1 +
> mpn/x86_64/coreihwl/mullo_basecase.asm | 1 +
> mpn/x86_64/coreihwl/redc_1.asm | 1 +
> mpn/x86_64/coreihwl/sqr_basecase.asm | 1 +
> mpn/x86_64/coreinhm/aorrlsh_n.asm | 1 +
> mpn/x86_64/coreinhm/hamdist.asm | 13 +++-
> mpn/x86_64/coreinhm/popcount.asm | 25 ++++--
> mpn/x86_64/coreisbr/addmul_2.asm | 1 +
> mpn/x86_64/coreisbr/aorrlshC_n.asm | 1 +
> mpn/x86_64/coreisbr/aorrlsh_n.asm | 1 +
> mpn/x86_64/coreisbr/aors_n.asm | 1 +
> mpn/x86_64/coreisbr/cnd_add_n.asm | 1 +
> mpn/x86_64/coreisbr/cnd_sub_n.asm | 1 +
> mpn/x86_64/coreisbr/mul_1.asm | 1 +
> mpn/x86_64/coreisbr/mul_2.asm | 1 +
> mpn/x86_64/coreisbr/mul_basecase.asm | 1 +
> mpn/x86_64/coreisbr/mullo_basecase.asm | 1 +
> mpn/x86_64/coreisbr/rsh1aors_n.asm | 1 +
> mpn/x86_64/coreisbr/sqr_basecase.asm | 1 +
> mpn/x86_64/div_qr_1n_pi1.asm | 1 +
> mpn/x86_64/div_qr_2n_pi1.asm | 1 +
> mpn/x86_64/div_qr_2u_pi1.asm | 1 +
> mpn/x86_64/dive_1.asm | 1 +
> mpn/x86_64/divrem_1.asm | 1 +
> mpn/x86_64/divrem_2.asm | 1 +
> mpn/x86_64/fastavx/copyd.asm | 1 +
> mpn/x86_64/fastavx/copyi.asm | 1 +
> mpn/x86_64/fastsse/com-palignr.asm | 1 +
> mpn/x86_64/fastsse/com.asm | 1 +
> mpn/x86_64/fastsse/copyd-palignr.asm | 1 +
> mpn/x86_64/fastsse/copyd.asm | 1 +
> mpn/x86_64/fastsse/copyi-palignr.asm | 1 +
> mpn/x86_64/fastsse/copyi.asm | 1 +
> mpn/x86_64/fastsse/lshift-movdqu2.asm | 1 +
> mpn/x86_64/fastsse/lshift.asm | 1 +
> mpn/x86_64/fastsse/lshiftc-movdqu2.asm | 1 +
> mpn/x86_64/fastsse/lshiftc.asm | 1 +
> mpn/x86_64/fastsse/rshift-movdqu2.asm | 1 +
> mpn/x86_64/fastsse/sec_tabselect.asm | 1 +
> mpn/x86_64/fat/fat_entry.asm | 1 +
> mpn/x86_64/gcd_11.asm | 1 +
> mpn/x86_64/gcd_22.asm | 1 +
> mpn/x86_64/k10/gcd_22.asm | 1 +
> mpn/x86_64/k10/hamdist.asm | 1 +
> mpn/x86_64/k10/popcount.asm | 5 +-
> mpn/x86_64/k8/addmul_2.asm | 1 +
> mpn/x86_64/k8/aorrlsh_n.asm | 1 +
> mpn/x86_64/k8/bdiv_q_1.asm | 1 +
> mpn/x86_64/k8/div_qr_1n_pi1.asm | 1 +
> mpn/x86_64/k8/mul_basecase.asm | 8 ++
> mpn/x86_64/k8/mullo_basecase.asm | 12 ++-
> mpn/x86_64/k8/mulmid_basecase.asm | 9 +++
> mpn/x86_64/k8/redc_1.asm | 18 +++--
> mpn/x86_64/k8/sqr_basecase.asm | 18 +++--
> mpn/x86_64/logops_n.asm | 1 +
> mpn/x86_64/lshift.asm | 1 +
> mpn/x86_64/lshiftc.asm | 1 +
> mpn/x86_64/lshsub_n.asm | 1 +
> mpn/x86_64/missing.asm | 1 +
> mpn/x86_64/mod_1_2.asm | 1 +
> mpn/x86_64/mod_1_4.asm | 1 +
> mpn/x86_64/mod_34lsub1.asm | 28 ++++---
> mpn/x86_64/mode1o.asm | 1 +
> mpn/x86_64/mul_1.asm | 1 +
> mpn/x86_64/mul_2.asm | 1 +
> mpn/x86_64/nano/dive_1.asm | 1 +
> mpn/x86_64/pentium4/aors_n.asm | 1 +
> mpn/x86_64/pentium4/mod_34lsub1.asm | 1 +
> mpn/x86_64/pentium4/rsh1aors_n.asm | 1 +
> mpn/x86_64/pentium4/rshift.asm | 1 +
> mpn/x86_64/popham.asm | 1 +
> mpn/x86_64/rsh1aors_n.asm | 1 +
> mpn/x86_64/rshift.asm | 1 +
> mpn/x86_64/sec_tabselect.asm | 1 +
> mpn/x86_64/sqr_diag_addlsh1.asm | 1 +
> mpn/x86_64/sublsh1_n.asm | 1 +
> mpn/x86_64/x86_64-defs.m4 | 4 +
> mpn/x86_64/zen/aorrlsh_n.asm | 25 ++++--
> mpn/x86_64/zen/mul_basecase.asm | 1 +
> mpn/x86_64/zen/mullo_basecase.asm | 1 +
> mpn/x86_64/zen/sbpi1_bdiv_r.asm | 1 +
> mpn/x86_64/zen/sqr_basecase.asm | 1 +
> 244 files changed, 707 insertions(+), 164 deletions(-)
>
>
--
Richard Biener <rguenther at suse.de>
SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg,
Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg)
More information about the gmp-devel
mailing list