Index: llvm/trunk/lib/Target/X86/X86SpeculativeLoadHardening.cpp =================================================================== --- llvm/trunk/lib/Target/X86/X86SpeculativeLoadHardening.cpp +++ llvm/trunk/lib/Target/X86/X86SpeculativeLoadHardening.cpp @@ -168,7 +168,7 @@ SmallVector tracePredStateThroughCFG(MachineFunction &MF, ArrayRef Infos); - void checkAllLoads(MachineFunction &MF); + void hardenAllLoads(MachineFunction &MF); unsigned saveEFLAGS(MachineBasicBlock &MBB, MachineBasicBlock::iterator InsertPt, DebugLoc Loc); @@ -504,8 +504,8 @@ } } - // Now check all of the loads using the predicate state. - checkAllLoads(MF); + // Now harden all of the loads in the function using the predicate state. + hardenAllLoads(MF); // Now rewrite all the uses of the pred state using the SSA updater so that // we track updates through the CFG. @@ -1224,7 +1224,24 @@ return MBB.isLiveIn(X86::EFLAGS); } -void X86SpeculativeLoadHardeningPass::checkAllLoads(MachineFunction &MF) { +/// Harden all of the loads (including implicit loads) in the function. +/// +/// This operates in two passes. First, we analyze the loads to determine which +/// strategy will be used to harden them: hardening the address or hardening the +/// loaded value when loaded into a register amenable to hardening. We have to +/// process these first because the two strategies may interact -- later +/// hardening may change what strategy we wish to use. We also will analyze +/// data dependencies between loads and avoid hardening those loads that are +/// data dependent on a load with a hardened address. We also skip hardening +/// loads already behind an LFENCE as that is sufficient to harden them against +/// misspeculation. +/// +/// Second, we apply the hardening steps we determined necessary in the first +/// pass. +/// +/// These two passes are applied to each basic block. We operate one block at +/// a time to simplify reasoning about reachability and sequencing. +void X86SpeculativeLoadHardeningPass::hardenAllLoads(MachineFunction &MF) { // If the actual checking of loads is disabled, skip doing anything here. if (!HardenLoads) return;