From 06553c89f521477d6c3ec4023d5162f90c57111d Mon Sep 17 00:00:00 2001 From: "H.J. Lu" Date: Fri, 14 Dec 2018 21:35:36 +0000 Subject: x86; Add -mmanual-endbr and cf_check function attribute Currently GCC inserts ENDBR instruction at entries of all non-static functions, unless LTO compilation is used. Marking all functions, which are not called indirectly with nocf_check attribute, is not ideal since 99% of functions in a program may be of this kind. This patch adds -mmanual-endbr and cf_check function attribute. They can be used together with -fcf-protection such that ENDBR instruction is inserted only at entries of functions with cf_check attribute. It can limit number of ENDBR instructions to reduce program size. gcc/ * config/i386/i386.c (rest_of_insert_endbranch): Insert ENDBR at the function entry only when -mmanual-endbr isn't used or there is cf_check function attribute. (ix86_attribute_table): Add cf_check. * config/i386/i386.opt: Add -mmanual-endbr. * doc/extend.texi: Document cf_check attribute. * doc/invoke.texi: Document -mmanual-endbr. gcc/testsuite/ * gcc.target/i386/cf_check-1.c: New test. * gcc.target/i386/cf_check-2.c: Likewise. * gcc.target/i386/cf_check-3.c: Likewise. * gcc.target/i386/cf_check-4.c: Likewise. * gcc.target/i386/cf_check-5.c: Likewise. From-SVN: r267154 --- gcc/doc/extend.texi | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'gcc/doc/extend.texi') diff --git a/gcc/doc/extend.texi b/gcc/doc/extend.texi index 3889ecb..8f3a21c 100644 --- a/gcc/doc/extend.texi +++ b/gcc/doc/extend.texi @@ -6095,6 +6095,13 @@ foo (void) @} @end smallexample +@item cf_check +@cindex @code{cf_check} function attribute, x86 + +The @code{cf_check} attribute on a function is used to inform the +compiler that ENDBR instruction should be placed at the function +entry when @option{-fcf-protection=branch} is enabled. + @item indirect_return @cindex @code{indirect_return} function attribute, x86 -- cgit v1.1