Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add -fcf-protection. #4437
Add -fcf-protection. #4437
Changes from 3 commits
f3eff0c
e452d59
f756c1c
c015a00
f511013
c0a3904
81dd27d
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you wanted to add a enum instead of a bunch of version there is
__traits(getInfo, "string_key")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
__traits(getTargetInfo, "key")
, might be a good idea. clang's__CET__
can be used as bitmask, whereas checking for branch-protection with the currentversion
s would probably be something ugly likeThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
getTargetInfo
, that was what I meant to say. Also it is not immediately obvious what__CET_n__
refer to. I agree that addingVersionCondition::addPredefinedGlobalIdent("LDC_BranchCFProtection");
is much better.(as an aside, does GCC/GDC have something similar? if so we should try to have a common interface
"D_BranchControlFlowProtection"
? @ibuclaw).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
GDC supports CET but I don't think it sets any predefined version
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the help here :)
__traits(getTargetInfo, "__CET__")
for similarity with C ? Or without the underscores?No version needed then,
static if (__traits(getTargetInfo, "key") > 0)
would suffice. I'm thinking that__CET__
is very rarely needed; the only usecase I can think of is writing assembly (I see in cet.h the bitmasking usecase the Martin mentioned).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct. The druntime library is compiled with
-fversion=CET
because I've not ported fibers to work with both branch protection or shadow stack.I gather otherwise the end user shouldn't really care about it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
BTW, I went with
-fversion
because the code that really needs to be aware of it in druntime (asm Fibers) is a bunch of nested version conditions and declarations.