clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-21 09:57:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

JIT: Add IBT support (#8636)

Browse Source 
Indirect Branch Tracking (IBT) is part of Intel's Control-Flow
Enforcement Technology (CET). IBT is hardware based, forward edge
Control-Flow-Integrity mechanism where any indirect CALL/JMP must target
an ENDBR instruction or suffer #CP.

This commit adds IBT support for JIT:
1. Add endbr32/64 instruction in Dynasm.
2. Insert endbr32/64 in indirect branch target for jitted code.

gcc support CET since v8.1 and set it to default since gcc 11. With this
commit, endbr is inserted in jitted code if PHP is compiled with "gcc
-fcf-protection=full/branch".

Signed-off-by: Chen, Hu <hu1.chen@intel.com>
This commit is contained in:
Chen, Hu 2022-05-31 14:29:40 +08:00 committed by GitHub
parent 2d1a320ba9
commit c1fcd45eeb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ext/opcache/jit/dynasm/dasm_x86.lua
View File

@ -1147,6 +1147,8 @@ local map_op = {
rep_0 = "F3",
repe_0 = "F3",
repz_0 = "F3",
endbr32_0 = "F30F1EFB",
endbr64_0 = "F30F1EFA",
-- F4: *hlt
cmc_0 = "F5",
-- F6: test... mb,i; div... mb

13
ext/opcache/jit/zend_jit_x86.dasc
View File

@ -1623,6 +1623,16 @@ static size_t tsrm_tls_offset;
|| }
|.endmacro
|.macro ENDBR
||#if defined (__CET__) && (__CET__ & 1) != 0
| .if X64
| endbr64
| .else
| endbr32
| .endif
||#endif
|.endmacro
static bool reuse_ip = 0;
static bool delayed_call_chain = 0;
static uint32_t delayed_call_level = 0;
@ -2292,6 +2302,7 @@ static int zend_jit_hybrid_hot_code_stub(dasm_State **Dst)
*/
static int zend_jit_hybrid_hot_counter_stub(dasm_State **Dst, uint32_t cost)
{
| ENDBR
| mov r0, EX->func
| mov r1, aword [r0 + offsetof(zend_op_array, reserved[zend_func_info_rid])]
| mov r2, aword [r1 + offsetof(zend_jit_op_array_hot_extension, counter)]
@ -2362,6 +2373,7 @@ static int zend_jit_hybrid_hot_trace_stub(dasm_State **Dst)
static int zend_jit_hybrid_trace_counter_stub(dasm_State **Dst, uint32_t cost)
{
| ENDBR
| mov r0, EX->func
| mov r1, aword [r0 + offsetof(zend_op_array, reserved[zend_func_info_rid])]
| mov r1, aword [r1 + offsetof(zend_jit_op_array_trace_extension, offset)]
@ -3049,6 +3061,7 @@ static int zend_jit_align_func(dasm_State **Dst)
static int zend_jit_prologue(dasm_State **Dst)
{
| ENDBR
if (zend_jit_vm_kind == ZEND_VM_KIND_HYBRID) {
| SUB_HYBRID_SPAD
} else if (GCC_GLOBAL_REGS) {