On Thu, Apr 19, 2018 at 3:30 PM, H.J. Lu <[email protected]> wrote:
> On Wed, Apr 18, 2018 at 01:35:33PM +0200, Richard Biener wrote:
>> On Wed, Apr 18, 2018 at 1:24 PM, H.J. Lu <[email protected]> wrote:
>> > On Tue, Apr 17, 2018 at 12:25 PM, H.J. Lu <[email protected]> wrote:
>> >> On Tue, Apr 17, 2018 at 12:25 PM, H.J. Lu <[email protected]> wrote:
>> >>> On Tue, Apr 17, 2018 at 12:03 PM, H.J. Lu <[email protected]> wrote:
>> >>>> On Tue, Apr 17, 2018 at 11:55 AM, Uros Bizjak <[email protected]> wrote:
>> >>>>> On Tue, Apr 17, 2018 at 8:42 PM, H.J. Lu <[email protected]> wrote:
>> >>>>>> -fcf-protection -mcet can't be used with IFUNC features, like symbol
>> >>>>>> multiversioning or target clone, since IBT/SHSTK are applied to the
>> >>>>>> whole
>> >>>>>> program and they may be disabled in some functions. But
>> >>>>>> -fcf-protection
>> >>>>>> is implemented with multi-byte NOPs on all 64-bit processors as well
>> >>>>>> as
>> >>>>>> 32-bit processors starting with Pentium Pro. If -fcf-protection
>> >>>>>> requires
>> >>>>>> -mcet, IFUNC features can't be used on Linux when -fcf-protection is
>> >>>>>> enabled by default.
>> >>>>>>
>> >>>>>> This patch changes -fcf-protection to to enable the NOP portion of CET
>> >>>>>> ISAs unless IBT and/or SHSTK are disabled explicitly. The rest of CET
>> >>>>>> ISAs, including intrinsics, still requires -mcet, -mibt or -mshstk.
>> >>>>>>
>> >>>>>> OK for trunk?
>> >>>>>
>> >>>>> As said in the PR, NOP sequences have non-zero cost in the executable
>> >>>>> (they enlarge the executable), so I don't think this feature should be
>> >>>>> enabled by default.
>> >>>>>
>> >>>>> There is always a configure option if someone wants their compiler to
>> >>>>> always emit relevant multi-byte nops.
>> >>>>
>> >>>> What we need is an option to enable -fcf-function with multi-byte NOPs
>> >>>> without -mcet which enables the full CET ISAs. A configure option
>> >>>> without the corresponding the command-line option makes test and
>> >>>> debug difficult. I can add
>> >>>>
>> >>>> --enable-cf-function-nop or --with-cf-function-nop
>> >>>>
>> >>>> with
>> >>>>
>> >>>> -fct-function-nop
>> >>>>
>> >>>
>> >>> How about adding -mno-cet, which enables the NOP portion of CET
>> >>
>> >> I meant -mnop-cet, not -mno-cet.
>> >>
>> >
>> > Here is a patch to add -mnop and use it with -fcf-protection.
>>
>> +mnop
>> +Target Report Var(flag_nop) Init(0)
>> +Support multi-byte NOP code generation.
>>
>> the option name is incredibly bad and the documentation doesn't make it
>> better either. The invoke.texi docs refer to duplicate {-mcet}.
>>
>> Isn't there a -fcf-protection sub-set that can be used to automatically
>> enable this? Or simply do this mode by default when
>> -fcf-protection is used but neither -mcet nor -mibt is enabled?
>>
>
> Since multi-byte NOPs are used to implement -fcf-protection on x86, we
> propose a new design for -fcf-protection:
>
> 1. -fcf-protection option will report the unsupported error on non-x86
> platform. On x86 platform it's supported and inserts endbr-nop
> instructions and properties, depending on its value (full/branch/return)
> 2. -mcet/-mibt/-mshstk options control intrinsics only.
> 3. These options are independent and do not influence each other so no
> need for cross checking between them.
>
> OK for trunk?
I think it makes more sense this way, thanks for doing the change
(this isn't an approval).
Richard.
>
> H.J.
> ----
> ----
> -fcf-protection -mcet can't be used with IFUNC features, like symbol
> multiversioning or target clone, since IBT/SHSTK are applied to the whole
> program and they may be disabled in some functions. But -fcf-protection
> is implemented with multi-byte NOPs on all 64-bit processors as well as
> 32-bit processors starting with Pentium Pro. If -fcf-protection requires
> -mcet, IFUNC features can't be used on Linux when -fcf-protection is
> enabled by default.
>
> This patch changes -fcf-protection to implement indirect branch and
> return address tracking with multi-byte NOPs. -mibt and -mshstk are
> changed to only CET built-in functions. CET tests are updated to
> allow -fcf-protection without -mibt, -mshstk and -mcet on x86.
> -fcf-protection=none are also added to tests which fail with
> -fcf-protection so that -fcf-protection can be added to RUNTESTFLAGS
> to verify -fcf-protection implementation.
>
> gcc/
>
> PR target/85417
> * config/i386/cet.c (file_end_indicate_exec_stack_and_cet):
> Check flag_cf_protection instead of TARGET_IBT and TARGET_SHSTK.
> * config/i386/i386-c.c (ix86_target_macros_internal): Also
> define __IBT__ and __SHSTK__ for -fcf-protection.
> * config/i386/i386.c (pass_insert_endbranch::gate): Don't check
> TARGET_IBT.
> (ix86_trampoline_init): Likewise.
> (x86_output_mi_thunk): Likewise.
> (ix86_notrack_prefixed_insn_p): Likewise.
> (ix86_option_override_internal): Don't disallow -fcf-protection.
> * config/i386/i386.md (rdssp<mode>): Also enable for
> -fcf-protection.
> (incssp<mode>): Likewise.
> (nop_endbr): Likewise.
> * config/i386/i386.opt (mcet): Change help message to built-in
> functions only.
> (mibt): Likewise.
> (mshstk): Likewise.
> * doc/invoke.texi: Remove -mcet, -mibt and -mshstk condition
> on -fcf-protection. Change -mcet, -mibt and -mshstk to only
> enable CET built-in functions.
>
> gcc/testsuite/
>
> PR target/85417
> * c-c++-common/attr-nocf-check-1.c: Compile with
> -fcf-protection=none.
> * c-c++-common/attr-nocf-check-3.c: Likewise.
> * gcc.dg/march-generic.c: Likewise.
> * gcc.target/i386/align-limit.c: Likewise.
> * gcc.target/i386/cet-notrack-icf-1.c: Likewise.
> * gcc.target/i386/cet-notrack-icf-3.c: Likewise.
> * gcc.target/i386/cet-property-2.c: Likewise.
> * gcc.target/i386/ret-thunk-26.c: Likewise.
> * c-c++-common/fcf-protection-1.c: Remove dg-error for x86
> targets.
> * c-c++-common/fcf-protection-2.c: Likewise.
> * c-c++-common/fcf-protection-3.c: Likewise.
> * c-c++-common/fcf-protection-5.c: Likewise.
> * c-c++-common/fcf-protection-6.c: Likewise.
> * c-c++-common/fcf-protection-7.c: Likewise.
> * gcc.target/i386/cet-label-3.c: New test.
> * gcc.target/i386/cet-property-3.c: Likewise.
> * gcc.target/i386/cet-sjlj-7.c: Likewise.
> * gcc.target/i386/pr85417-1.c: Likewise.
> * gcc.target/i386/indirect-thunk-attr-7.c: Also expect
> __x86_indirect_thunk_nt_(r|e)ax
> * gcc.target/i386/indirect-thunk-extern-7.c: Likewise.
> * gcc.target/i386/pr85403.c: Remove dg-error,
> ---
> gcc/config/i386/cet.c | 4 +-
> gcc/config/i386/i386-c.c | 6 ++-
> gcc/config/i386/i386.c | 54
> +++-------------------
> gcc/config/i386/i386.md | 6 +--
> gcc/config/i386/i386.opt | 9 ++--
> gcc/doc/invoke.texi | 28 ++++-------
> gcc/testsuite/c-c++-common/attr-nocf-check-1.c | 1 +
> gcc/testsuite/c-c++-common/attr-nocf-check-3.c | 1 +
> gcc/testsuite/c-c++-common/fcf-protection-1.c | 1 -
> gcc/testsuite/c-c++-common/fcf-protection-2.c | 1 -
> gcc/testsuite/c-c++-common/fcf-protection-3.c | 1 -
> gcc/testsuite/c-c++-common/fcf-protection-5.c | 1 -
> gcc/testsuite/c-c++-common/fcf-protection-6.c | 2 -
> gcc/testsuite/c-c++-common/fcf-protection-7.c | 2 -
> gcc/testsuite/gcc.dg/march-generic.c | 2 +-
> gcc/testsuite/gcc.target/i386/align-limit.c | 2 +-
> gcc/testsuite/gcc.target/i386/cet-label-3.c | 16 +++++++
> gcc/testsuite/gcc.target/i386/cet-notrack-icf-1.c | 2 +-
> gcc/testsuite/gcc.target/i386/cet-notrack-icf-3.c | 2 +-
> gcc/testsuite/gcc.target/i386/cet-property-2.c | 2 +-
> gcc/testsuite/gcc.target/i386/cet-property-3.c | 11 +++++
> gcc/testsuite/gcc.target/i386/cet-sjlj-7.c | 48 +++++++++++++++++++
> .../gcc.target/i386/indirect-thunk-attr-7.c | 2 +-
> .../gcc.target/i386/indirect-thunk-extern-7.c | 2 +-
> gcc/testsuite/gcc.target/i386/pr85403.c | 2 +-
> gcc/testsuite/gcc.target/i386/pr85417-1.c | 17 +++++++
> gcc/testsuite/gcc.target/i386/ret-thunk-26.c | 2 +-
> 27 files changed, 133 insertions(+), 94 deletions(-)
> create mode 100644 gcc/testsuite/gcc.target/i386/cet-label-3.c
> create mode 100644 gcc/testsuite/gcc.target/i386/cet-property-3.c
> create mode 100644 gcc/testsuite/gcc.target/i386/cet-sjlj-7.c
> create mode 100644 gcc/testsuite/gcc.target/i386/pr85417-1.c
>
> diff --git a/gcc/config/i386/cet.c b/gcc/config/i386/cet.c
> index 4a1e013fdde..eb3be171471 100644
> --- a/gcc/config/i386/cet.c
> +++ b/gcc/config/i386/cet.c
> @@ -34,11 +34,11 @@ file_end_indicate_exec_stack_and_cet (void)
>
> unsigned int feature_1 = 0;
>
> - if (TARGET_IBT)
> + if (flag_cf_protection & CF_BRANCH)
> /* GNU_PROPERTY_X86_FEATURE_1_IBT. */
> feature_1 |= 0x1;
>
> - if (TARGET_SHSTK)
> + if (flag_cf_protection & CF_RETURN)
> /* GNU_PROPERTY_X86_FEATURE_1_SHSTK. */
> feature_1 |= 0x2;
>
> diff --git a/gcc/config/i386/i386-c.c b/gcc/config/i386/i386-c.c
> index 2e0e9f66c9e..9961d418ee9 100644
> --- a/gcc/config/i386/i386-c.c
> +++ b/gcc/config/i386/i386-c.c
> @@ -499,13 +499,15 @@ ix86_target_macros_internal (HOST_WIDE_INT isa_flag,
> def_or_undef (parse_in, "__RDPID__");
> if (isa_flag & OPTION_MASK_ISA_GFNI)
> def_or_undef (parse_in, "__GFNI__");
> - if (isa_flag2 & OPTION_MASK_ISA_IBT)
> + if ((isa_flag2 & OPTION_MASK_ISA_IBT)
> + || (flag_cf_protection & CF_BRANCH))
> {
> def_or_undef (parse_in, "__IBT__");
> if (flag_cf_protection != CF_NONE)
> def_or_undef (parse_in, "__CET__");
> }
> - if (isa_flag & OPTION_MASK_ISA_SHSTK)
> + if ((isa_flag & OPTION_MASK_ISA_SHSTK)
> + || (flag_cf_protection & CF_RETURN))
> {
> def_or_undef (parse_in, "__SHSTK__");
> if (flag_cf_protection != CF_NONE)
> diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
> index d24c81b0dfe..2a628734068 100644
> --- a/gcc/config/i386/i386.c
> +++ b/gcc/config/i386/i386.c
> @@ -2701,7 +2701,7 @@ public:
> /* opt_pass methods: */
> virtual bool gate (function *)
> {
> - return ((flag_cf_protection & CF_BRANCH) && TARGET_IBT);
> + return ((flag_cf_protection & CF_BRANCH));
> }
>
> virtual unsigned int execute (function *)
> @@ -4931,49 +4931,9 @@ ix86_option_override_internal (bool main_args_p,
> target_option_default_node = target_option_current_node
> = build_target_option_node (opts);
>
> - /* Do not support control flow instrumentation if CET is not enabled. */
> - cf_protection_level cf_protection
> - = (cf_protection_level) (opts->x_flag_cf_protection & ~CF_SET);
> - if (cf_protection != CF_NONE)
> - {
> - switch (cf_protection)
> - {
> - case CF_BRANCH:
> - if (! TARGET_IBT_P (opts->x_ix86_isa_flags2))
> - {
> - error ("%<-fcf-protection=branch%> requires Intel CET "
> - "support. Use -mcet or -mibt option to enable CET");
> - flag_cf_protection = CF_NONE;
> - return false;
> - }
> - break;
> - case CF_RETURN:
> - if (! TARGET_SHSTK_P (opts->x_ix86_isa_flags))
> - {
> - error ("%<-fcf-protection=return%> requires Intel CET "
> - "support. Use -mcet or -mshstk option to enable CET");
> - flag_cf_protection = CF_NONE;
> - return false;
> - }
> - break;
> - case CF_FULL:
> - if ( ! TARGET_IBT_P (opts->x_ix86_isa_flags2)
> - || ! TARGET_SHSTK_P (opts->x_ix86_isa_flags))
> - {
> - error ("%<-fcf-protection=full%> requires Intel CET "
> - "support. Use -mcet or both of -mibt and "
> - "-mshstk options to enable CET");
> - flag_cf_protection = CF_NONE;
> - return false;
> - }
> - break;
> - default:
> - gcc_unreachable ();
> - }
> -
> - opts->x_flag_cf_protection =
> - (cf_protection_level) (cf_protection | CF_SET);
> - }
> + if (opts->x_flag_cf_protection != CF_NONE)
> + opts->x_flag_cf_protection =
> + (cf_protection_level) (opts->x_flag_cf_protection | CF_SET);
>
> if (ix86_tune_features [X86_TUNE_AVOID_128FMA_CHAINS])
> maybe_set_param_value (PARAM_AVOID_FMA_MAX_BITS, 128,
> @@ -30408,7 +30368,7 @@ ix86_trampoline_init (rtx m_tramp, tree fndecl, rtx
> chain_value)
> rtx mem, fnaddr;
> int opcode;
> int offset = 0;
> - bool need_endbr = (flag_cf_protection & CF_BRANCH) && TARGET_IBT;
> + bool need_endbr = (flag_cf_protection & CF_BRANCH);
>
> fnaddr = XEXP (DECL_RTL (fndecl), 0);
>
> @@ -41766,7 +41726,7 @@ x86_output_mi_thunk (FILE *file, tree, HOST_WIDE_INT
> delta,
> emit_note (NOTE_INSN_PROLOGUE_END);
>
> /* CET is enabled, insert EB instruction. */
> - if ((flag_cf_protection & CF_BRANCH) && TARGET_IBT)
> + if ((flag_cf_protection & CF_BRANCH))
> emit_insn (gen_nop_endbr ());
>
> /* If VCALL_OFFSET, we'll need THIS in a register. Might as well
> @@ -49766,7 +49726,7 @@ ix86_bnd_prefixed_insn_p (rtx insn)
> static bool
> ix86_notrack_prefixed_insn_p (rtx insn)
> {
> - if (!insn || !((flag_cf_protection & CF_BRANCH) && TARGET_IBT))
> + if (!insn || !((flag_cf_protection & CF_BRANCH)))
> return false;
>
> if (CALL_P (insn))
> diff --git a/gcc/config/i386/i386.md b/gcc/config/i386/i386.md
> index 95ca2cf9e3d..48daff1c9eb 100644
> --- a/gcc/config/i386/i386.md
> +++ b/gcc/config/i386/i386.md
> @@ -20278,7 +20278,7 @@
> (define_insn "rdssp<mode>"
> [(set (match_operand:SWI48x 0 "register_operand" "=r")
> (unspec_volatile:SWI48x [(const_int 0)] UNSPECV_NOP_RDSSP))]
> - "TARGET_SHSTK"
> + "TARGET_SHSTK || (flag_cf_protection & CF_RETURN)"
> "xor{l}\t%k0, %k0\n\trdssp<mskmodesuffix>\t%0"
> [(set_attr "length" "6")
> (set_attr "type" "other")])
> @@ -20286,7 +20286,7 @@
> (define_insn "incssp<mode>"
> [(unspec_volatile [(match_operand:SWI48x 0 "register_operand" "r")]
> UNSPECV_INCSSP)]
> - "TARGET_SHSTK"
> + "TARGET_SHSTK || (flag_cf_protection & CF_RETURN)"
> "incssp<mskmodesuffix>\t%0"
> [(set_attr "length" "4")
> (set_attr "type" "other")])
> @@ -20341,7 +20341,7 @@
>
> (define_insn "nop_endbr"
> [(unspec_volatile [(const_int 0)] UNSPECV_NOP_ENDBR)]
> - "TARGET_IBT"
> + "TARGET_IBT || (flag_cf_protection & CF_BRANCH)"
> "*
> { return (TARGET_64BIT)? \"endbr64\" : \"endbr32\"; }"
> [(set_attr "length" "4")
> diff --git a/gcc/config/i386/i386.opt b/gcc/config/i386/i386.opt
> index c063ae8b1ae..e55acf83d97 100644
> --- a/gcc/config/i386/i386.opt
> +++ b/gcc/config/i386/i386.opt
> @@ -1008,17 +1008,16 @@ Generate code which uses only the general registers.
>
> mcet
> Target Report Var(flag_cet) Init(0)
> -Support Control-flow Enforcement Technology (CET) built-in functions
> -and code generation.
> +Support Control-flow Enforcement Technology (CET) built-in functions.
>
> mibt
> Target Report Mask(ISA_IBT) Var(ix86_isa_flags2) Save
> -Specifically enables an indirect branch tracking feature from Control-flow
> -Enforcement Technology (CET).
> +Specifically enable indirect branch tracking built-in functions from
> +Control-flow Enforcement Technology (CET).
>
> mshstk
> Target Report Mask(ISA_SHSTK) Var(ix86_isa_flags) Save
> -Specifically enables an shadow stack support feature from Control-flow
> +Specifically enable shadow stack built-in functions from Control-flow
> Enforcement Technology (CET).
>
> mcet-switch
> diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
> index 8c0d275626f..1d8a0bd0ca0 100644
> --- a/gcc/doc/invoke.texi
> +++ b/gcc/doc/invoke.texi
> @@ -11833,9 +11833,7 @@ which functions and calls should be skipped from
> instrumentation
> (@pxref{Function Attributes}).
>
> Currently the x86 GNU/Linux target provides an implementation based
> -on Intel Control-flow Enforcement Technology (CET). Instrumentation
> -for x86 is controlled by target-specific options @option{-mcet},
> -@option{-mibt} and @option{-mshstk} (@pxref{x86 Options}).
> +on Intel Control-flow Enforcement Technology (CET).
>
> @item -fstack-protector
> @opindex fstack-protector
> @@ -27345,11 +27343,9 @@ the file containing the CPU detection code should be
> compiled without
> these options.
>
> The @option{-mcet} option turns on the @option{-mibt} and @option{-mshstk}
> -options. The @option{-mibt} option enables indirect branch tracking support
> -and the @option{-mshstk} option enables shadow stack support from
> -Intel Control-flow Enforcement Technology (CET). The compiler also provides
> -a number of built-in functions for fine-grained control in a CET-based
> -application. See @xref{x86 Built-in Functions}, for more information.
> +options. The compiler provides a number of built-in functions for
> +fine-grained control in a CET-based application. See
> +@xref{x86 Built-in Functions}, for more information.
>
> @item -mdump-tune-features
> @opindex mdump-tune-features
> @@ -27445,19 +27441,15 @@ This option enables use of the @code{movbe}
> instruction to implement
>
> @item -mibt
> @opindex mibt
> -This option tells the compiler to use indirect branch tracking support
> -(for indirect calls and jumps) from x86 Control-flow Enforcement
> -Technology (CET). The option has effect only if the
> -@option{-fcf-protection=full} or @option{-fcf-protection=branch} option
> -is specified. The option @option{-mibt} is on by default when the
> -@code{-mcet} option is specified.
> +This option enables indirect branch tracking built-in functions from
> +x86 Control-flow Enforcement Technology (CET). The option
> +@option{-mibt} is on by default when the @code{-mcet} option is
> +specified.
>
> @item -mshstk
> @opindex mshstk
> -This option tells the compiler to use shadow stack support (return
> -address tracking) from x86 Control-flow Enforcement Technology (CET).
> -The option has effect only if the @option{-fcf-protection=full} or
> -@option{-fcf-protection=return} option is specified. The option
> +This option enables shadow stack built-in functions from x86
> +Control-flow Enforcement Technology (CET). The option
> @option{-mshstk} is on by default when the @option{-mcet} option is
> specified.
>
> diff --git a/gcc/testsuite/c-c++-common/attr-nocf-check-1.c
> b/gcc/testsuite/c-c++-common/attr-nocf-check-1.c
> index 15f69731b91..c5ac7cb9f86 100644
> --- a/gcc/testsuite/c-c++-common/attr-nocf-check-1.c
> +++ b/gcc/testsuite/c-c++-common/attr-nocf-check-1.c
> @@ -1,4 +1,5 @@
> /* { dg-do compile } */
> +/* { dg-additional-options "-fcf-protection=none" } */
>
> int func (int) __attribute__ ((nocf_check)); /* { dg-warning "'nocf_check'
> attribute ignored" } */
> int (*fptr) (int) __attribute__ ((nocf_check)); /* { dg-warning
> "'nocf_check' attribute ignored" } */
> diff --git a/gcc/testsuite/c-c++-common/attr-nocf-check-3.c
> b/gcc/testsuite/c-c++-common/attr-nocf-check-3.c
> index ad1ca7eec9b..02b56cb155e 100644
> --- a/gcc/testsuite/c-c++-common/attr-nocf-check-3.c
> +++ b/gcc/testsuite/c-c++-common/attr-nocf-check-3.c
> @@ -1,4 +1,5 @@
> /* { dg-do compile } */
> +/* { dg-additional-options "-fcf-protection=none" } */
>
> int foo (void) __attribute__ ((nocf_check)); /* { dg-warning "'nocf_check'
> attribute ignored" } */
> void (*foo1) (void) __attribute__((nocf_check)); /* { dg-warning
> "'nocf_check' attribute ignored" } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-1.c
> b/gcc/testsuite/c-c++-common/fcf-protection-1.c
> index 8e71f47dde0..f59a8fbdfdc 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-1.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-1.c
> @@ -1,4 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection=full" } */
> -/* { dg-error "'-fcf-protection=full' requires Intel CET.*-mcet.*-mibt and
> -mshstk option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=full' is not supported for this target" "" {
> target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-2.c
> b/gcc/testsuite/c-c++-common/fcf-protection-2.c
> index d7d6db0e95d..61059725af6 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-2.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-2.c
> @@ -1,4 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection=branch" } */
> -/* { dg-error "'-fcf-protection=branch' requires Intel CET.*-mcet or -mibt
> option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=branch' is not supported for this target" ""
> { target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-3.c
> b/gcc/testsuite/c-c++-common/fcf-protection-3.c
> index 5b903c5fa51..257e944c4a6 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-3.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-3.c
> @@ -1,4 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection=return" } */
> -/* { dg-error "'-fcf-protection=return' requires Intel CET.*-mcet or -mshstk
> option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=return' is not supported for this target" ""
> { target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-5.c
> b/gcc/testsuite/c-c++-common/fcf-protection-5.c
> index d7a67801e2e..dc317f84b07 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-5.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-5.c
> @@ -1,4 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection" } */
> -/* { dg-error "'-fcf-protection=full' requires Intel CET.*-mcet.*-mibt and
> -mshstk option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=full' is not supported for this target" "" {
> target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-6.c
> b/gcc/testsuite/c-c++-common/fcf-protection-6.c
> index 532e76e6915..61059725af6 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-6.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-6.c
> @@ -1,5 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection=branch" } */
> -/* { dg-additional-options "-mshstk" { target { i?86-*-* x86_64-*-* } } } */
> -/* { dg-error "'-fcf-protection=branch' requires Intel CET.*-mcet or -mibt
> option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=branch' is not supported for this target" ""
> { target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/c-c++-common/fcf-protection-7.c
> b/gcc/testsuite/c-c++-common/fcf-protection-7.c
> index 4c879692708..257e944c4a6 100644
> --- a/gcc/testsuite/c-c++-common/fcf-protection-7.c
> +++ b/gcc/testsuite/c-c++-common/fcf-protection-7.c
> @@ -1,5 +1,3 @@
> /* { dg-do compile } */
> /* { dg-options "-fcf-protection=return" } */
> -/* { dg-additional-options "-mibt" { target { i?86-*-* x86_64-*-* } } } */
> -/* { dg-error "'-fcf-protection=return' requires Intel CET.*-mcet or -mshstk
> option" "" { target { "i?86-*-* x86_64-*-*" } } 0 } */
> /* { dg-error "'-fcf-protection=return' is not supported for this target" ""
> { target { ! "i?86-*-* x86_64-*-*" } } 0 } */
> diff --git a/gcc/testsuite/gcc.dg/march-generic.c
> b/gcc/testsuite/gcc.dg/march-generic.c
> index fb5b83c7d74..f9c00e4a1c1 100644
> --- a/gcc/testsuite/gcc.dg/march-generic.c
> +++ b/gcc/testsuite/gcc.dg/march-generic.c
> @@ -1,6 +1,6 @@
> /* { dg-do compile { target i?86-*-* x86_64-*-* } } */
> /* { dg-skip-if "" { *-*-* } { "-march=*" } { "" } } */
> -/* { dg-options "-march=generic" } */
> +/* { dg-options "-march=generic -fcf-protection=none" } */
> /* { dg-error "'generic' CPU can be used only for '-mtune=' switch" "" {
> target *-*-* } 0 } */
> /* { dg-bogus "march" "" { target *-*-* } 0 } */
> int i;
> diff --git a/gcc/testsuite/gcc.target/i386/align-limit.c
> b/gcc/testsuite/gcc.target/i386/align-limit.c
> index d3d8dc5656e..849d741189c 100644
> --- a/gcc/testsuite/gcc.target/i386/align-limit.c
> +++ b/gcc/testsuite/gcc.target/i386/align-limit.c
> @@ -1,5 +1,5 @@
> /* { dg-do compile } */
> -/* { dg-options "-O2 -falign-functions=64 -flimit-function-alignment
> -march=amdfam10" } */
> +/* { dg-options "-O2 -falign-functions=64 -flimit-function-alignment
> -march=amdfam10 -fcf-protection=none" } */
> /* { dg-final { scan-assembler ".p2align 6,,1" } } */
> /* { dg-final { scan-assembler-not ".p2align 6,,63" } } */
>
> diff --git a/gcc/testsuite/gcc.target/i386/cet-label-3.c
> b/gcc/testsuite/gcc.target/i386/cet-label-3.c
> new file mode 100644
> index 00000000000..5e0892e5b4d
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/cet-label-3.c
> @@ -0,0 +1,16 @@
> +/* Verify that -fcf-protection works without -mcet. */
> +/* { dg-do compile } */
> +/* { dg-options "-O -fcf-protection" } */
> +/* { dg-final { scan-assembler-times "endbr32" 3 { target ia32 } } } */
> +/* { dg-final { scan-assembler-times "endbr64" 3 { target { ! ia32 } } } } */
> +
> +int func (int arg)
> +{
> + static void *array[] = { &&foo, &&bar };
> +
> + goto *array[arg];
> +foo:
> + return arg*111;
> +bar:
> + return arg*777;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/cet-notrack-icf-1.c
> b/gcc/testsuite/gcc.target/i386/cet-notrack-icf-1.c
> index 7987d53d305..0bddf54862a 100644
> --- a/gcc/testsuite/gcc.target/i386/cet-notrack-icf-1.c
> +++ b/gcc/testsuite/gcc.target/i386/cet-notrack-icf-1.c
> @@ -1,6 +1,6 @@
> /* Verify nocf_check functions are not ICF optimized. */
> /* { dg-do compile } */
> -/* { dg-options "-O2" } */
> +/* { dg-options "-O2 -fcf-protection=none" } */
> /* { dg-final { scan-assembler-not "endbr" } } */
> /* { dg-final { scan-assembler-not "fn3:" } } */
> /* { dg-final { scan-assembler "set\[ \t]+fn2,fn1" } } */
> diff --git a/gcc/testsuite/gcc.target/i386/cet-notrack-icf-3.c
> b/gcc/testsuite/gcc.target/i386/cet-notrack-icf-3.c
> index 07c4a6b61ef..ed2d53ac5ef 100644
> --- a/gcc/testsuite/gcc.target/i386/cet-notrack-icf-3.c
> +++ b/gcc/testsuite/gcc.target/i386/cet-notrack-icf-3.c
> @@ -1,6 +1,6 @@
> /* Verify nocf_check function calls are not ICF optimized. */
> /* { dg-do compile } */
> -/* { dg-options "-O2" } */
> +/* { dg-options "-O2 -fcf-protection=none" } */
> /* { dg-final { scan-assembler-not "endbr" } } */
> /* { dg-final { scan-assembler-not "fn2:" } } */
> /* { dg-final { scan-assembler "set\[ \t]+fn2,fn1" } } */
> diff --git a/gcc/testsuite/gcc.target/i386/cet-property-2.c
> b/gcc/testsuite/gcc.target/i386/cet-property-2.c
> index 5a87dab92f1..bca6f6cdeb7 100644
> --- a/gcc/testsuite/gcc.target/i386/cet-property-2.c
> +++ b/gcc/testsuite/gcc.target/i386/cet-property-2.c
> @@ -1,5 +1,5 @@
> /* { dg-do compile } */
> -/* { dg-options "-mcet" } */
> +/* { dg-options "-mcet -fcf-protection=none" } */
> /* { dg-final { scan-assembler-not ".note.gnu.property" } } */
>
> extern void foo (void);
> diff --git a/gcc/testsuite/gcc.target/i386/cet-property-3.c
> b/gcc/testsuite/gcc.target/i386/cet-property-3.c
> new file mode 100644
> index 00000000000..3e211c970aa
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/cet-property-3.c
> @@ -0,0 +1,11 @@
> +/* { dg-do compile { target *-*-linux* } } */
> +/* { dg-options "-fcf-protection" } */
> +/* { dg-final { scan-assembler ".note.gnu.property" } } */
> +
> +extern void foo (void);
> +
> +void
> +bar (void)
> +{
> + foo ();
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/cet-sjlj-7.c
> b/gcc/testsuite/gcc.target/i386/cet-sjlj-7.c
> new file mode 100644
> index 00000000000..1b624327d0f
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/cet-sjlj-7.c
> @@ -0,0 +1,48 @@
> +/* { dg-do compile } */
> +/* { dg-options "-O -fcf-protection" } */
> +/* { dg-final { scan-assembler-times "endbr32" 2 { target ia32 } } } */
> +/* { dg-final { scan-assembler-times "endbr64" 2 { target { ! ia32 } } } } */
> +/* { dg-final { scan-assembler-times "call _?setjmp" 1 } } */
> +/* { dg-final { scan-assembler-times "call longjmp" 1 } } */
> +
> +#include <stdio.h>
> +#include <setjmp.h>
> +
> +jmp_buf buf;
> +static int bar (int);
> +
> +__attribute__ ((noinline, noclone))
> +static int
> +foo (int i)
> +{
> + int j = i * 11;
> +
> + if (!setjmp (buf))
> + {
> + j += 33;
> + printf ("After setjmp: j = %d\n", j);
> + bar (j);
> + }
> +
> + return j + i;
> +}
> +
> +__attribute__ ((noinline, noclone))
> +static int
> +bar (int i)
> +{
> + int j = i;
> +
> + j -= 111;
> + printf ("In longjmp: j = %d\n", j);
> + longjmp (buf, 1);
> +
> + return j;
> +}
> +
> +int
> +main ()
> +{
> + foo (10);
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c
> b/gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c
> index d53fc887dcc..ffe7350fce4 100644
> --- a/gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c
> +++ b/gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c
> @@ -37,7 +37,7 @@ bar (int i)
> }
>
> /* { dg-final { scan-assembler "mov(?:l|q)\[ \t\]*\.L\[0-9\]+\\(,%" { target
> *-*-linux* } } } */
> -/* { dg-final { scan-assembler "jmp\[ \t\]*__x86_indirect_thunk_(r|e)ax" } }
> */
> +/* { dg-final { scan-assembler "jmp\[
> \t\]*__x86_indirect_thunk(_nt|)_(r|e)ax" } } */
> /* { dg-final { scan-assembler-not {\t(lfence|pause)} } } */
> /* { dg-final { scan-assembler-not "jmp\[ \t\]*\.LIND" } } */
> /* { dg-final { scan-assembler-not "call\[ \t\]*\.LIND" } } */
> diff --git a/gcc/testsuite/gcc.target/i386/indirect-thunk-extern-7.c
> b/gcc/testsuite/gcc.target/i386/indirect-thunk-extern-7.c
> index 2b9a33e93dc..b7339745116 100644
> --- a/gcc/testsuite/gcc.target/i386/indirect-thunk-extern-7.c
> +++ b/gcc/testsuite/gcc.target/i386/indirect-thunk-extern-7.c
> @@ -36,7 +36,7 @@ bar (int i)
> }
>
> /* { dg-final { scan-assembler "mov(?:l|q)\[ \t\]*\.L\[0-9\]+\\(,%" { target
> *-*-linux* } } } */
> -/* { dg-final { scan-assembler "jmp\[ \t\]*__x86_indirect_thunk_(r|e)ax" } }
> */
> +/* { dg-final { scan-assembler "jmp\[
> \t\]*__x86_indirect_thunk(_nt|)_(r|e)ax" } } */
> /* { dg-final { scan-assembler-not {\t(lfence|pause)} } } */
> /* { dg-final { scan-assembler-not "jmp\[ \t\]*\.LIND" } } */
> /* { dg-final { scan-assembler-not "call\[ \t\]*\.LIND" } } */
> diff --git a/gcc/testsuite/gcc.target/i386/pr85403.c
> b/gcc/testsuite/gcc.target/i386/pr85403.c
> index f4fb12dd4e2..0bbd7ca5610 100644
> --- a/gcc/testsuite/gcc.target/i386/pr85403.c
> +++ b/gcc/testsuite/gcc.target/i386/pr85403.c
> @@ -7,4 +7,4 @@ int
> foo ()
> {
> return -2;
> -} /* { dg-error "requires Intel CET support" } */
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/pr85417-1.c
> b/gcc/testsuite/gcc.target/i386/pr85417-1.c
> new file mode 100644
> index 00000000000..17d52403744
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/pr85417-1.c
> @@ -0,0 +1,17 @@
> +/* { dg-do compile } */
> +/* { dg-require-ifunc "" } */
> +/* { dg-options "-O3 -fcf-protection" } */
> +/* { dg-final { scan-assembler "vpshufb" } } */
> +/* { dg-final { scan-assembler "punpcklbw" } } */
> +
> +__attribute__((target_clones("arch=core-avx2","arch=slm","default")))
> +void
> +foo(char *in, char *out, int size)
> +{
> + int i;
> + for(i = 0; i < size; i++)
> + {
> + out[2 * i] = in[i];
> + out[2 * i + 1] = in[i];
> + }
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/ret-thunk-26.c
> b/gcc/testsuite/gcc.target/i386/ret-thunk-26.c
> index 9144e988735..dc722c2f5f9 100644
> --- a/gcc/testsuite/gcc.target/i386/ret-thunk-26.c
> +++ b/gcc/testsuite/gcc.target/i386/ret-thunk-26.c
> @@ -1,6 +1,6 @@
> /* PR target/r84530 */
> /* { dg-do run } */
> -/* { dg-options "-Os -mfunction-return=thunk" } */
> +/* { dg-options "-Os -mfunction-return=thunk -fcf-protection=none" } */
>
> struct S { int i; };
> __attribute__((const, noinline, noclone))
> --
> 2.14.3
>
