Add Intel CET support for EH in libgcc.

Control-flow Enforcement Technology (CET), published by Intel,
introduces the Shadow Stack feature, which ensures a return from a
function is done to exactly the same location from where the function
was called. When EH is present the control-flow transfer may skip some
stack frames and the shadow stack has to be adjusted not to signal a
violation of a control-flow transfer. It's done by counting a number
of skiping frames and adjasting shadow stack pointer by this number.

Having new semantic of the 'ret' instruction if CET is supported in HW
the 'ret' instruction cannot be generated in ix86_expand_epilogue when
we are returning after EH is processed. Added a code in
ix86_expand_epilogue to adjust Shadow Stack pointer and to generate an
indirect jump instead of 'ret'. As sp register is used during this
adjustment thus the argument in pro_epilogue_adjust_stack is changed
to update cfa_reg based on whether control-flow instrumentation is set.
Without updating the cfa_reg field there is an assert later in dwarf2
pass related to mismatch the stack register and cfa_reg value.

gcc/
	* config/i386/i386.c (ix86_expand_epilogue): Change simple
	return to indirect jump for EH return if control-flow protection
	is enabled. Change explicit 'false' argument in
	pro_epilogue_adjust_stack with a value of flag_cf_protection.
	* config/i386/i386.md (simple_return_indirect_internal): Remove
	SImode restriction to support 64-bit.

libgcc/
	* config/i386/linux-unwind.h: Include
	config/i386/shadow-stack-unwind.h.
	* config/i386/shadow-stack-unwind.h: New file.
	* unwind-dw2.c: (uw_install_context): Add a frame parameter and
	pass it to _Unwind_Frames_Extra.
	* unwind-generic.h (_Unwind_Frames_Extra): New.
	* unwind.inc (_Unwind_RaiseException_Phase2): Add frames_p
	parameter. Add local variable frames to count number of frames.
	(_Unwind_ForcedUnwind_Phase2): Likewise.
	(_Unwind_RaiseException): Add local variable frames to count
	number of frames, pass it to _Unwind_RaiseException_Phase2 and
	uw_install_context.
	(_Unwind_ForcedUnwind): Likewise.
	(_Unwind_Resume): Likewise.
	(_Unwind_Resume_or_Rethrow): Likewise.

From-SVN: r254876

3 files changed, 42 insertions, 4 deletions

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index c8e1690..f706890 100644
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,13 @@
+2017-11-17  Igor Tsimbalist  <igor.v.tsimbalist@intel.com>
+
+	* config/i386/i386.c (ix86_expand_epilogue): Change simple
+	return to indirect jump for EH return if control-flow
+	protection is enabled. Change explicit 'false' argument in
+	pro_epilogue_adjust_stack with a value of
+	flag_cf_protection.
+	* config/i386/i386.md (simple_return_indirect_internal):
+	Remove SImode restriction to support 64-bit.
+
 2017-11-17  Segher Boessenkool  <segher@kernel.crashing.org>
 
 	* combine.c (added_notes_insn): New.
diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
index c9580ba..a536669 100644
--- a/gcc/config/i386/i386.c
+++ b/gcc/config/i386/i386.c
@@ -13960,7 +13960,9 @@ ix86_expand_epilogue (int style)
 		 offset relative to SA, and after this insn we have no
 		 other reasonable register to use for the CFA.  We don't
 		 bother resetting the CFA to the SP for the duration of
-		 the return insn.  */
+		 the return insn, unless the control flow instrumentation
+		 is done.  In this case the SP is used later and we have
+		 to reset CFA to SP.  */
 	      add_reg_note (insn, REG_CFA_DEF_CFA,
 			    plus_constant (Pmode, sa, UNITS_PER_WORD));
 	      ix86_add_queued_cfa_restore_notes (insn);
@@ -13972,7 +13974,8 @@ ix86_expand_epilogue (int style)
 	      m->fs.fp_valid = false;
 
 	      pro_epilogue_adjust_stack (stack_pointer_rtx, sa,
-					 const0_rtx, style, false);
+					 const0_rtx, style,
+					 flag_cf_protection);
 	    }
 	  else
 	    {
@@ -14156,7 +14159,32 @@ ix86_expand_epilogue (int style)
 	emit_jump_insn (gen_simple_return_pop_internal (popc));
     }
   else if (!m->call_ms2sysv || !restore_stub_is_tail)
-    emit_jump_insn (gen_simple_return_internal ());
+    {
+      /* In case of return from EH a simple return cannot be used
+	 as a return address will be compared with a shadow stack
+	 return address.  Use indirect jump instead.  */
+      if (style == 2 && flag_cf_protection)
+	{
+	  /* Register used in indirect jump must be in word_mode.  But
+	     Pmode may not be the same as word_mode for x32.  */
+	  rtx ecx = gen_rtx_REG (word_mode, CX_REG);
+	  rtx_insn *insn;
+
+	  insn = emit_insn (gen_pop (ecx));
+	  m->fs.cfa_offset -= UNITS_PER_WORD;
+	  m->fs.sp_offset -= UNITS_PER_WORD;
+
+	  rtx x = plus_constant (Pmode, stack_pointer_rtx, UNITS_PER_WORD);
+	  x = gen_rtx_SET (stack_pointer_rtx, x);
+	  add_reg_note (insn, REG_CFA_ADJUST_CFA, x);
+	  add_reg_note (insn, REG_CFA_REGISTER, gen_rtx_SET (ecx, pc_rtx));
+	  RTX_FRAME_RELATED_P (insn) = 1;
+
+	  emit_jump_insn (gen_simple_return_indirect_internal (ecx));
+	}
+      else
+	emit_jump_insn (gen_simple_return_internal ());
+    }
 
   /* Restore the state back to the state from the prologue,
      so that it's correct for the next epilogue.  */
diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md
index 90e622c..1e91823 100644
--- a/gcc/config/i386/i386.md
+++ b/gcc/config/i386/i386.md
@@ -13086,7 +13086,7 @@
 
 (define_insn "simple_return_indirect_internal"
   [(simple_return)
-   (use (match_operand:SI 0 "register_operand" "r"))]
+   (use (match_operand 0 "register_operand" "r"))]
   "reload_completed"
   "%!jmp\t%A0"
   [(set_attr "type" "ibr")