From owner-svn-src-head@freebsd.org Thu Jul 30 14:31:13 2015 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1AF769AF452; Thu, 30 Jul 2015 14:31:13 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0B20730B; Thu, 30 Jul 2015 14:31:13 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UEVC1u068947; Thu, 30 Jul 2015 14:31:12 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UEVAY0068935; Thu, 30 Jul 2015 14:31:10 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201507301431.t6UEVAY0068935@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Thu, 30 Jul 2015 14:31:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r286074 - in head/contrib/gcc: . doc X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 14:31:13 -0000 Author: pfg Date: Thu Jul 30 14:31:09 2015 New Revision: 286074 URL: https://svnweb.freebsd.org/changeset/base/286074 Log: GCC: Add a new option "-fstack-protector-strong" This includes additional functions to be protected: those that have local array definitions, or have references to local frame addresses. This is a new option in GCC-4.9 that was relicensed by Han Shen from Google under GPLv2 for OpenBSD. Obtained from: OpenBSD (2014-01-14) MFC after: 2 weeks Modified: head/contrib/gcc/c-cppbuiltin.c head/contrib/gcc/cfgexpand.c head/contrib/gcc/common.opt head/contrib/gcc/doc/cpp.texi head/contrib/gcc/doc/gcc.1 head/contrib/gcc/doc/invoke.texi head/contrib/gcc/gcc.c Modified: head/contrib/gcc/c-cppbuiltin.c ============================================================================== --- head/contrib/gcc/c-cppbuiltin.c Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/c-cppbuiltin.c Thu Jul 30 14:31:09 2015 (r286074) @@ -553,7 +553,9 @@ c_cpp_builtins (cpp_reader *pfile) /* Make the choice of the stack protector runtime visible to source code. The macro names and values here were chosen for compatibility with an earlier implementation, i.e. ProPolice. */ - if (flag_stack_protect == 2) + if (flag_stack_protect == 3) + cpp_define (pfile, "__SSP_STRONG__=3"); + else if (flag_stack_protect == 2) cpp_define (pfile, "__SSP_ALL__=2"); else if (flag_stack_protect == 1) cpp_define (pfile, "__SSP__=1"); Modified: head/contrib/gcc/cfgexpand.c ============================================================================== --- head/contrib/gcc/cfgexpand.c Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/cfgexpand.c Thu Jul 30 14:31:09 2015 (r286074) @@ -810,6 +810,12 @@ clear_tree_used (tree block) clear_tree_used (t); } +enum { + SPCT_FLAG_DEFAULT = 1, + SPCT_FLAG_ALL = 2, + SPCT_FLAG_STRONG = 3 +}; + /* Examine TYPE and determine a bit mask of the following features. */ #define SPCT_HAS_LARGE_CHAR_ARRAY 1 @@ -879,7 +885,8 @@ stack_protect_decl_phase (tree decl) if (bits & SPCT_HAS_SMALL_CHAR_ARRAY) has_short_buffer = true; - if (flag_stack_protect == 2) + if (flag_stack_protect == SPCT_FLAG_ALL + || flag_stack_protect == SPCT_FLAG_STRONG) { if ((bits & (SPCT_HAS_SMALL_CHAR_ARRAY | SPCT_HAS_LARGE_CHAR_ARRAY)) && !(bits & SPCT_HAS_AGGREGATE)) @@ -947,12 +954,36 @@ create_stack_guard (void) cfun->stack_protect_guard = guard; } +/* Helper routine to check if a record or union contains an array field. */ + +static int +record_or_union_type_has_array_p (tree tree_type) +{ + tree fields = TYPE_FIELDS (tree_type); + tree f; + + for (f = fields; f; f = TREE_CHAIN (f)) + if (TREE_CODE (f) == FIELD_DECL) + { + tree field_type = TREE_TYPE (f); + if ((TREE_CODE (field_type) == RECORD_TYPE + || TREE_CODE (field_type) == UNION_TYPE + || TREE_CODE (field_type) == QUAL_UNION_TYPE) + && record_or_union_type_has_array_p (field_type)) + return 1; + if (TREE_CODE (field_type) == ARRAY_TYPE) + return 1; + } + return 0; +} + /* Expand all variables used in the function. */ static void expand_used_vars (void) { tree t, outer_block = DECL_INITIAL (current_function_decl); + bool gen_stack_protect_signal = false; /* Compute the phase of the stack frame for this function. */ { @@ -972,6 +1003,29 @@ expand_used_vars (void) has_protected_decls = false; has_short_buffer = false; + if (flag_stack_protect == SPCT_FLAG_STRONG) + for (t = cfun->unexpanded_var_list; t; t = TREE_CHAIN (t)) + { + tree var = TREE_VALUE (t); + if (!is_global_var (var)) + { + tree var_type = TREE_TYPE (var); + /* Examine local referenced variables that have their addresses + * taken, contain an array, or are arrays. */ + if (TREE_CODE (var) == VAR_DECL + && (TREE_CODE (var_type) == ARRAY_TYPE + || TREE_ADDRESSABLE (var) + || ((TREE_CODE (var_type) == RECORD_TYPE + || TREE_CODE (var_type) == UNION_TYPE + || TREE_CODE (var_type) == QUAL_UNION_TYPE) + && record_or_union_type_has_array_p (var_type)))) + { + gen_stack_protect_signal = true; + break; + } + } + } + /* At this point all variables on the unexpanded_var_list with TREE_USED set are not associated with any block scope. Lay them out. */ for (t = cfun->unexpanded_var_list; t; t = TREE_CHAIN (t)) @@ -1032,12 +1086,26 @@ expand_used_vars (void) dump_stack_var_partition (); } - /* There are several conditions under which we should create a - stack guard: protect-all, alloca used, protected decls present. */ - if (flag_stack_protect == 2 - || (flag_stack_protect - && (current_function_calls_alloca || has_protected_decls))) - create_stack_guard (); + switch (flag_stack_protect) + { + case SPCT_FLAG_ALL: + create_stack_guard (); + break; + + case SPCT_FLAG_STRONG: + if (gen_stack_protect_signal + || current_function_calls_alloca || has_protected_decls) + create_stack_guard (); + break; + + case SPCT_FLAG_DEFAULT: + if (current_function_calls_alloca || has_protected_decls) + create_stack_guard(); + break; + + default: + ; + } /* Assign rtl to each variable based on these partitions. */ if (stack_vars_num > 0) Modified: head/contrib/gcc/common.opt ============================================================================== --- head/contrib/gcc/common.opt Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/common.opt Thu Jul 30 14:31:09 2015 (r286074) @@ -878,6 +878,10 @@ fstack-protector-all Common Report RejectNegative Var(flag_stack_protect, 2) VarExists Use a stack protection method for every function +fstack-protector-strong +Common Report RejectNegative Var(flag_stack_protect, 3) +Use a smart stack protection method for certain functions + fstrength-reduce Common Does nothing. Preserved for backward compatibility. Modified: head/contrib/gcc/doc/cpp.texi ============================================================================== --- head/contrib/gcc/doc/cpp.texi Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/doc/cpp.texi Thu Jul 30 14:31:09 2015 (r286074) @@ -2134,6 +2134,10 @@ use. This macro is defined, with value 2, when @option{-fstack-protector-all} is in use. +@item __SSP_STRONG__ +This macro is defined, with value 3, when @option{-fstack-protector-strong} is +in use. + @item __TIMESTAMP__ This macro expands to a string constant that describes the date and time of the last modification of the current source file. The string constant Modified: head/contrib/gcc/doc/gcc.1 ============================================================================== --- head/contrib/gcc/doc/gcc.1 Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/doc/gcc.1 Thu Jul 30 14:31:09 2015 (r286074) @@ -339,7 +339,7 @@ in the following sections. \&\fB\-fsched2\-use\-superblocks \&\-fsched2\-use\-traces \-fsee \-freschedule\-modulo\-scheduled\-loops \&\-fsection\-anchors \-fsignaling\-nans \-fsingle\-precision\-constant -\&\-fstack\-protector \-fstack\-protector\-all +\&\-fstack\-protector \-fstack\-protector\-all \-fstack\-protector\-strong \&\-fstrict\-aliasing \-fstrict\-overflow \-ftracer \-fthread\-jumps \&\-funroll\-all\-loops \-funroll\-loops \-fpeel\-loops \&\-fsplit\-ivs\-in\-unroller \-funswitch\-loops @@ -5193,6 +5193,11 @@ If a guard check fails, an error message .IP "\fB\-fstack\-protector\-all\fR" 4 .IX Item "-fstack-protector-all" Like \fB\-fstack\-protector\fR except that all functions are protected. +.IP "\fB\-fstack\-protector\-strong\fR" 4 +.IX Item "-fstack-protector-strong" +Like \fB\-fstack\-protector\fR but includes additional functions to +be protected \-\-\- those that have local array definitions, or have +references to local frame addresses. .IP "\fB\-fsection\-anchors\fR" 4 .IX Item "-fsection-anchors" Try to reduce the number of symbolic address calculations by using Modified: head/contrib/gcc/doc/invoke.texi ============================================================================== --- head/contrib/gcc/doc/invoke.texi Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/doc/invoke.texi Thu Jul 30 14:31:09 2015 (r286074) @@ -331,7 +331,7 @@ in the following sections. -fsched2-use-superblocks @gol -fsched2-use-traces -fsee -freschedule-modulo-scheduled-loops @gol -fsection-anchors -fsignaling-nans -fsingle-precision-constant @gol --fstack-protector -fstack-protector-all @gol +-fstack-protector -fstack-protector-all -fstack-protector-strong @gol -fstrict-aliasing -fstrict-overflow -ftracer -fthread-jumps @gol -funroll-all-loops -funroll-loops -fpeel-loops @gol -fsplit-ivs-in-unroller -funswitch-loops @gol @@ -5810,6 +5810,11 @@ If a guard check fails, an error message @item -fstack-protector-all Like @option{-fstack-protector} except that all functions are protected. +@item -fstack-protector-strong +Like @option{-fstack-protector} but includes additional functions to +be protected --- those that have local array definitions, or have +references to local frame addresses. + @item -fsection-anchors @opindex fsection-anchors Try to reduce the number of symbolic address calculations by using Modified: head/contrib/gcc/gcc.c ============================================================================== --- head/contrib/gcc/gcc.c Thu Jul 30 14:20:36 2015 (r286073) +++ head/contrib/gcc/gcc.c Thu Jul 30 14:31:09 2015 (r286074) @@ -680,7 +680,7 @@ proper position among the other output f #ifdef TARGET_LIBC_PROVIDES_SSP #define LINK_SSP_SPEC "%{fstack-protector:}" #else -#define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all:-lssp_nonshared -lssp}" +#define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-strong|fstack-protector-all:-lssp_nonshared -lssp}" #endif #endif