Page MenuHomePhabricator
Differential D75940

[x86][seses] Add documentation for SESES
Needs ReviewPublic
Actions

Authored by zbrid on Mar 10 2020, 10:07 AM.

Details

Reviewers
craig.topper
jyknight
george.burgess.iv
mattdr
Summary

This patch includes documentation about the pass Speculative Execution
Side Effect Suppression. The document describes Load Value Injection,
the mitigation, and all the experiments ran on various LFENCE
placements.

One pager on Load Value Injection:
https://software.intel.com/security-software-guidance/software-guidance/load-value-injection

Deep dive on Load Value Injection:
https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection

Impl patch: https://reviews.llvm.org/D75939

Diff Detail

Event Timeline

zbrid created this revision.Mar 10 2020, 10:07 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 10 2020, 10:07 AM
Herald added subscribers: llvm-commits, jfb. · View Herald Transcript
zbrid added a reviewer: craig.topper.Mar 10 2020, 10:17 AM
zbrid added reviewers: jyknight, george.burgess.iv.Mar 10 2020, 10:23 AM
Harbormaster completed remote builds in B48710: Diff 249433.Mar 10 2020, 10:53 AM
craig.topper added inline comments.Mar 11 2020, 3:32 PM
llvm/docs/SpeculativeExecutionSideEffectSuppression.md
545

These commit ids are only valid for you local copy right? And would change any time you rebase.

craig.topper added inline comments.Mar 11 2020, 3:40 PM
llvm/docs/SpeculativeExecutionSideEffectSuppression.md
545

Or is this the baseline revision you applied your patches against?

zbrid added a parent revision: D75939: [x86][seses] Introduce SESES pass for LVI.Mar 12 2020, 2:51 PM
zbrid updated this revision to Diff 250065.Mar 12 2020, 2:57 PM
zbrid marked 3 inline comments as done.

Clarify what the Git commit IDs in the benchmark section refers to

Harbormaster completed remote builds in B49060: Diff 250065.Mar 12 2020, 4:18 PM
zbrid added a comment.Mar 12 2020, 4:55 PM

Updated based on comments. Thanks for the feedback!

llvm/docs/SpeculativeExecutionSideEffectSuppression.md
545

This the baseline revision I applied my patches against when I ran the benchmarks. I'll update the documentation to clarify that.

zbrid updated this revision to Diff 260351.Apr 27 2020, 9:12 AM

Update with info about this being a big hammer not only for LVI

zbrid added a comment.Apr 27 2020, 9:12 AM

@craig.topper Any other comments?

Harbormaster failed remote builds in B54818: Diff 260351!Apr 27 2020, 10:12 AM
zbrid updated this revision to Diff 260463.Apr 27 2020, 2:59 PM

[seses][docs] Mention req to use -mlvi-cfi; Format code-block

Harbormaster failed remote builds in B54877: Diff 260463!Apr 27 2020, 3:39 PM
zbrid added a comment.May 11 2020, 9:36 AM

@craig.topper @george.burgess.iv Friendly ping on this documentation.

zbrid added a reviewer: mattdr.May 11 2020, 11:45 AM
mattdr added a comment.Oct 6 2020, 4:23 PM

Blast from the past. It seems like there's still benefit in checking in this documentation, appropriately updated to reflect the fact that SESES is now actually in the tree.

But I think we should take a second look at how much detail to provide about variants of the mitigation. As it stands, we don't have solid advice for how to make the tradeoff between them, and if someone asked we'd tell them to use the defaults. Yet 50%+ of this doc is spent covering those variations.

Maybe it's enough to gesture vaguely in the direction of experimental options, but leave out the figures and discussion?

llvm/docs/SpeculativeExecutionSideEffectSuppression.md
18–19

need to update this to refer to the other LVI mitigation that's been checked in.

75

update wording now that SESES is committed

Herald added a subscriber: pengfei. · View Herald TranscriptOct 6 2020, 4:23 PM

Revision Contents
Changeset List

Diff 260463

View Options

llvm/docs/SpeculativeExecutionSideEffectSuppression.md

Loading...