[gentoo-commits] proj/gcc-patches:master commit in: 11.3.0/gentoo/

["Sam James" <sam@gentoo.org>]

commit:     2b36f3ad2ba0114eae1d32bae5e395e098b3714b
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 28 03:44:47 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Dec 28 03:55:44 2021 +0000
URL:        https://gitweb.gentoo.org/proj/gcc-patches.git/commit/?id=2b36f3ad

11.3.0: fix CET patch

Our patch was causing unhandled state to leak into the LTO metadata writer,
it shouldn't have got that far though. Instead of messing about with GCC's
option handling, use the macro they provide for purposes like this, which
makes things far simpler (and less fragile).

Bug: https://bugs.gentoo.org/828400
Bug: https://bugs.gentoo.org/822036
Thanks-to: Sergei Trofimovich <slyich <AT> gmail.com> (debugging help in #gentoo-toolchain)
Thanks-to: Georgy Yakovlev <gyakovlev <AT> gentoo.org> (debugging)
Reported-by: matoro <matoro <AT> airmail.cc>
Signed-off-by: Sam James <sam <AT> gentoo.org>

 11.3.0/gentoo/26_all_enable-cet.patch | 65 +++++------------------------------
 1 file changed, 9 insertions(+), 56 deletions(-)

diff --git a/11.3.0/gentoo/26_all_enable-cet.patch b/11.3.0/gentoo/26_all_enable-cet.patch
index f3d189d..f6a1dce 100644
--- a/11.3.0/gentoo/26_all_enable-cet.patch
+++ b/11.3.0/gentoo/26_all_enable-cet.patch
@@ -1,6 +1,6 @@
-From ed1d323dc821e906144f4fc4c39bc16695495f73 Mon Sep 17 00:00:00 2001
+From 83efc6ce009021f27b602c1dfcf65338f761b095 Mon Sep 17 00:00:00 2001
 From: Sam James <sam@gentoo.org>
-Date: Thu, 9 Dec 2021 02:39:19 +0000
+Date: Tue, 28 Dec 2021 03:42:53 +0000
 Subject: [PATCH] Enable CET (-fcf-protection=full) by default
 
 Needs:
@@ -9,42 +9,22 @@ Needs:
   for now to avoid accidentally enabling it on other arches.
 
   Only supported on amd64.
+
 ---
- gcc/common.opt                 |  2 +-
- gcc/config/i386/i386-options.c |  8 ++++++++
+ gcc/config/i386/i386-options.c |  3 +++
  gcc/defaults.h                 | 13 +++++++++++++
- gcc/flag-types.h               |  1 +
- gcc/toplev.c                   |  4 +++-
- 5 files changed, 26 insertions(+), 2 deletions(-)
+ 2 files changed, 16 insertions(+)
 
-diff --git a/gcc/common.opt b/gcc/common.opt
-index a88778b..4993a7e 100644
---- a/gcc/common.opt
-+++ b/gcc/common.opt
-@@ -1783,7 +1783,7 @@ fcf-protection
- Common RejectNegative Alias(fcf-protection=,full)
- 
- fcf-protection=
--Common Joined RejectNegative Enum(cf_protection_level) Var(flag_cf_protection) Init(CF_NONE)
-+Common Joined RejectNegative Enum(cf_protection_level) Var(flag_cf_protection) Init(CF_UNSET)
- -fcf-protection=[full|branch|return|none|check]	Instrument functions with checks to verify jump/call/return control-flow transfer
- instructions have valid targets.
- 
 diff --git a/gcc/config/i386/i386-options.c b/gcc/config/i386/i386-options.c
-index 19632b5..8ee36fe 100644
+index 19632b5..fac61af 100644
 --- a/gcc/config/i386/i386-options.c
 +++ b/gcc/config/i386/i386-options.c
-@@ -3049,6 +3049,14 @@ ix86_option_override_internal (bool main_args_p,
+@@ -3049,6 +3049,9 @@ ix86_option_override_internal (bool main_args_p,
          = build_target_option_node (opts, opts_set);
      }
  
-+  if (opts->x_flag_cf_protection == CF_UNSET)
-+    {
-+      if (TARGET_64BIT && TARGET_CMOV)
-+	opts->x_flag_cf_protection = DEFAULT_FLAG_CF;
-+      else
-+	opts->x_flag_cf_protection = CF_NONE;
-+    }
++  if (TARGET_64BIT && TARGET_CMOV)
++    SET_OPTION_IF_UNSET (opts, opts_set, flag_cf_protection, DEFAULT_FLAG_CF);
 +
    if (opts->x_flag_cf_protection != CF_NONE)
      {
@@ -73,33 +53,6 @@ index 0f6cd78..5694412 100644
  /* By default, the C++ compiler will use function addresses in the
     vtable entries.  Setting this nonzero tells the compiler to use
     function descriptors instead.  The value of this macro says how
-diff --git a/gcc/flag-types.h b/gcc/flag-types.h
-index a038c8f..61be0b1 100644
---- a/gcc/flag-types.h
-+++ b/gcc/flag-types.h
-@@ -389,6 +389,7 @@ enum gfc_convert
- /* Control-Flow Protection values.  */
- enum cf_protection_level
- {
-+  CF_UNSET = -1,
-   CF_NONE = 0,
-   CF_BRANCH = 1 << 0,
-   CF_RETURN = 1 << 1,
-diff --git a/gcc/toplev.c b/gcc/toplev.c
-index ea0a2a1..bac60eb 100644
---- a/gcc/toplev.c
-+++ b/gcc/toplev.c
-@@ -1297,7 +1297,9 @@ process_options (void)
- 	   "%<-floop-nest-optimize%>, %<-floop-parallelize-all%>)");
- #endif
- 
--  if (flag_cf_protection != CF_NONE
-+  /* Gentoo: we add CF_UNSET here just to be safe, but we only patch the default
-+     for amd64 + when CET is definitely enabled anyway. */
-+  if ((flag_cf_protection != CF_NONE) && (flag_cf_protection != CF_UNSET)
-       && !(flag_cf_protection & CF_SET))
-     {
-       if (flag_cf_protection == CF_FULL)
 -- 
 2.34.1