Page MenuHomePhabricator

[DO NOT MERGE] X86 Mitigate for Load Value Injection (LVI)--All Code
Needs ReviewPublic

Authored by sconstab on Mar 10 2020, 10:00 AM.
This revision needs review, but there are no reviewers specified.

Details

Reviewers
None
Summary

This is an aggregation of six other patches that have been submitted separately to add LVI mitigation support to the X86 target, as well as driver support for clang to process new CLI options.

This combines the following diffs:
https://reviews.llvm.org/D75932 [1/6]
https://reviews.llvm.org/D75934 [2/6]
https://reviews.llvm.org/D75935 [3/6]
https://reviews.llvm.org/D75936 [4/6]
https://reviews.llvm.org/D75937 [5/6]
https://reviews.llvm.org/D76158 [6/6]

Note that there is a CLI option to load a plugin that can provide even better optimization, inserting fewer fences, while still mitigating all of the LVI gadgets. The plugin can be found here: https://github.com/intel/lvi-llvm-optimization-plugin, and a description of the pass's behavior with the plugin can be found here: https://software.intel.com/security-software-guidance/insights/optimized-mitigation-approach-load-value-injection.

Diff Detail

Event Timeline

sconstab created this revision.Mar 10 2020, 10:00 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 10 2020, 10:00 AM
sconstab edited the summary of this revision. (Show Details)Mar 11 2020, 12:37 PM
sconstab edited the summary of this revision. (Show Details)Mar 11 2020, 1:58 PM
sconstab updated this revision to Diff 250293.Mar 13 2020, 1:44 PM

Added inline assembly mitigation.

sconstab updated this revision to Diff 250585.Mar 16 2020, 9:28 AM
sconstab edited the summary of this revision. (Show Details)

Added updates for inline assembly mitigation and warnings.

sconstab retitled this revision from X86 Mitigate for Load Value Injection (LVI)--All Code to [DO NOT MERGE] X86 Mitigate for Load Value Injection (LVI)--All Code.Mar 24 2020, 6:34 PM