diff options
| author | H.J. Lu <hjl.tools@gmail.com> | 2020-07-16 07:03:27 -0700 |
|---|---|---|
| committer | H.J. Lu <hjl.tools@gmail.com> | 2020-07-27 04:40:13 -0700 |
| commit | c4c22e830251e1961c6ebec78d28d039eb2e6017 (patch) | |
| tree | c8ca64121d22d1d3222b58e85fc477bd68166c6a /gcc/doc | |
| parent | fd5966e8e044785f51cd7373b59ad9575a5ac96c (diff) | |
| download | gcc-c4c22e830251e1961c6ebec78d28d039eb2e6017.zip gcc-c4c22e830251e1961c6ebec78d28d039eb2e6017.tar.gz gcc-c4c22e830251e1961c6ebec78d28d039eb2e6017.tar.bz2 | |
LTO: Add -fcf-protection=check
Mixing -fcf-protection and -fcf-protection=none objects are allowed.
Linker just merges -fcf-protection values from all input objects.
Add -fcf-protection=check for the final link with LTO. An error is
issued if LTO object files are compiled with different -fcf-protection
values. Otherwise, -fcf-protection=check is ignored at the compile
time. Without explicit -fcf-protection at link time, -fcf-protection
values from LTO object files are merged at the final link.
gcc/
PR bootstrap/96203
* common.opt: Add -fcf-protection=check.
* flag-types.h (cf_protection_level): Add CF_CHECK.
* lto-wrapper.c (merge_and_complain): Issue an error for
mismatching -fcf-protection values with -fcf-protection=check.
Otherwise, merge -fcf-protection values.
* doc/invoke.texi: Document -fcf-protection=check.
gcc/testsuite/
PR bootstrap/96203
* gcc.target/i386/pr96203-1.c: New test.
* gcc.target/i386/pr96203-2.c: Likewise.
Diffstat (limited to 'gcc/doc')
| -rw-r--r-- | gcc/doc/invoke.texi | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 5449c33..7c3cc14 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -559,7 +559,7 @@ Objective-C and Objective-C++ Dialects}. -fsanitize=@var{style} -fsanitize-recover -fsanitize-recover=@var{style} @gol -fasan-shadow-offset=@var{number} -fsanitize-sections=@var{s1},@var{s2},... @gol -fsanitize-undefined-trap-on-error -fbounds-check @gol --fcf-protection=@r{[}full@r{|}branch@r{|}return@r{|}none@r{]} @gol +-fcf-protection=@r{[}full@r{|}branch@r{|}return@r{|}none@r{|}check@r{]} @gol -fstack-protector -fstack-protector-all -fstack-protector-strong @gol -fstack-protector-explicit -fstack-check @gol -fstack-limit-register=@var{reg} -fstack-limit-symbol=@var{sym} @gol @@ -14211,7 +14211,7 @@ operand constant, @code{__sanitizer_cov_trace_cmpf} or @code{__sanitizer_cov_trace_cmpd} for float or double comparisons and @code{__sanitizer_cov_trace_switch} for switch statements. -@item -fcf-protection=@r{[}full@r{|}branch@r{|}return@r{|}none@r{]} +@item -fcf-protection=@r{[}full@r{|}branch@r{|}return@r{|}none@r{|}check@r{]} @opindex fcf-protection Enable code instrumentation of control-flow transfers to increase program security by checking that target addresses of control-flow @@ -14229,6 +14229,11 @@ function. The value @code{full} is an alias for specifying both @code{branch} and @code{return}. The value @code{none} turns off instrumentation. +The value @code{check} is used for the final link with link-time +optimization (LTO). An error is issued if LTO object files are +compiled with different @option{-fcf-protection} values. The +value @code{check} is ignored at the compile time. + The macro @code{__CET__} is defined when @option{-fcf-protection} is used. The first bit of @code{__CET__} is set to 1 for the value @code{branch} and the second bit of @code{__CET__} is set to 1 for |