This is an archive of the discontinued LLVM Phabricator instance.

Differential D81506

[X86] Automatically harden inline assembly RET instructions against Load Value Injection (LVI)
ClosedPublic

Authored by sconstab on Jun 9 2020, 2:22 PM.

Details

Reviewers
craig.topper
mattdr
Commits
rG0cbe713c69f7: [X86] Automatically harden inline assembly RET instructions against Load Value…
Summary

Previously, the X86AsmParser would issue a warning whenever a ret instruction is encountered. This patch changes the behavior to automatically transform each ret instruction in an inline assembly stream into:

shlq $0, (%rsp)
lfence
ret

which is secure, according to https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions.

Diff Detail

Event Timeline

sconstab created this revision.Jun 9 2020, 2:22 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 9 2020, 2:22 PM
Herald added subscribers: jfb, hiraditya. · View Herald Transcript
craig.topper added inline comments.Jun 9 2020, 2:39 PM
llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp
3215

Why did emitInstruction have to get repeated everywhere? Aren't we still emitting the original ret from the user after the mitigation? So its not any different than inserting an LFENCE. Am I missing something?

sconstab marked an inline comment as done.Jun 9 2020, 3:39 PM
sconstab added inline comments.
llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp
3215

It's a little more complicated now because the ret mitigation requires the LFENCE to be inserted *before* ret, whereas all other loading instructions need the LFENCE after. But maybe there is a cleaner way to implement this that I am missing?

sconstab marked an inline comment as not done.Jun 9 2020, 3:39 PM
craig.topper added inline comments.Jun 9 2020, 4:09 PM
llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp
3215

right the others are after. why can't i ever remember that.

What if we called applyLVICFIMitigation before the emitInstruction and called applyLVILoadHardeningMitigation after?

sconstab updated this revision to Diff 269715.Jun 9 2020, 6:07 PM

Addressed suggestion by @craig.topper to consolidate calls to emitInstruction().

sconstab marked an inline comment as done.Jun 9 2020, 6:07 PM
craig.topper accepted this revision.Jun 10 2020, 11:17 AM

LGTM

This revision is now accepted and ready to land.Jun 10 2020, 11:17 AM
mattdr accepted this revision.Jun 10 2020, 3:50 PM

LGTM, one question about source locations

llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp
3199

Seems like this will have implications for debugging. Can we copy the SMLoc from the original instruction, for this and for the other MCInsts we're creating?

craig.topper added inline comments.Jun 10 2020, 4:17 PM
llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp
3199

You mean like debugging in GDB?

SMLoc is just the pointer into the memory buffer that holds the assembly text. It has no effect on debug locations in the final binary. It's main use is to print diagnostics in the compiler.

mattdr added a comment.Jun 10 2020, 4:43 PM

Ack, thanks for setting me straight on that. Yes, I was talking about the mapping of assembly instructions back to sourceloc that could be displayed in GDB.

craig.topper closed this revision.Jun 13 2020, 3:25 PM
craig.topper added a commit: rG0cbe713c69f7: [X86] Automatically harden inline assembly RET instructions against Load Value….

Committed in 0cbe713c69f7c12682855ffd61ecb0d7edc262e3

Revision Contents

PathSize
llvm/
lib/
Target/
X86/
AsmParser/
34 lines
test/
CodeGen/
X86/
25 lines

Diff 269715

llvm/lib/Target/X86/AsmParser/X86AsmParser.cpp

Show First 20 LinesShow All 932 Lines▼ Show 20 Linesprivate:
unsigned checkTargetMatchPredicate(MCInst &Inst) override; unsigned checkTargetMatchPredicate(MCInst &Inst) override;
bool validateInstruction(MCInst &Inst, const OperandVector &Ops); bool validateInstruction(MCInst &Inst, const OperandVector &Ops);
bool processInstruction(MCInst &Inst, const OperandVector &Ops); bool processInstruction(MCInst &Inst, const OperandVector &Ops);
// Load Value Injection (LVI) Mitigations for machine code // Load Value Injection (LVI) Mitigations for machine code
void emitWarningForSpecialLVIInstruction(SMLoc Loc); void emitWarningForSpecialLVIInstruction(SMLoc Loc);
bool applyLVICFIMitigation(MCInst &Inst); bool applyLVICFIMitigation(MCInst &Inst, MCStreamer &Out);
bool applyLVILoadHardeningMitigation(MCInst &Inst, MCStreamer &Out); bool applyLVILoadHardeningMitigation(MCInst &Inst, MCStreamer &Out);
/// Wrapper around MCStreamer::emitInstruction(). Possibly adds /// Wrapper around MCStreamer::emitInstruction(). Possibly adds
/// instrumentation around Inst. /// instrumentation around Inst.
void emitInstruction(MCInst &Inst, OperandVector &Operands, MCStreamer &Out); void emitInstruction(MCInst &Inst, OperandVector &Operands, MCStreamer &Out);
bool MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode, bool MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode,
OperandVector &Operands, MCStreamer &Out, OperandVector &Operands, MCStreamer &Out,
▲ Show 20 LinesShow All 2,223 Lines▼ Show 20 Lines
/// combine a load and a branch within a single instruction. To mitigate these /// combine a load and a branch within a single instruction. To mitigate these
/// instructions against LVI, they must be decomposed into separate load and /// instructions against LVI, they must be decomposed into separate load and
/// branch instructions, with an LFENCE in between. For more details, see: /// branch instructions, with an LFENCE in between. For more details, see:
/// - X86LoadValueInjectionRetHardening.cpp /// - X86LoadValueInjectionRetHardening.cpp
/// - X86LoadValueInjectionIndirectThunks.cpp /// - X86LoadValueInjectionIndirectThunks.cpp
/// - https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection /// - https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
/// ///
/// Returns `true` if a mitigation was applied or warning was emitted. /// Returns `true` if a mitigation was applied or warning was emitted.
bool X86AsmParser::applyLVICFIMitigation(MCInst &Inst) { bool X86AsmParser::applyLVICFIMitigation(MCInst &Inst, MCStreamer &Out) {
// Information on control-flow instructions that require manual mitigation can // Information on control-flow instructions that require manual mitigation can
// be found here: // be found here:
// https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions // https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions
switch (Inst.getOpcode()) { switch (Inst.getOpcode()) {
case X86::RETW: case X86::RETW:
case X86::RETL: case X86::RETL:
case X86::RETQ: case X86::RETQ:
case X86::RETIL: case X86::RETIL:
case X86::RETIQ: case X86::RETIQ:
case X86::RETIW: case X86::RETIW: {
MCInst ShlInst, FenceInst;
bool Parse32 = is32BitMode() || Code16GCC;
unsigned Basereg =
is64BitMode() ? X86::RSP : (Parse32 ? X86::ESP : X86::SP);
const MCExpr *Disp = MCConstantExpr::create(0, getContext());
auto ShlMemOp = X86Operand::CreateMem(getPointerWidth(), /*SegReg=*/0, Disp,
/*BaseReg=*/Basereg, /*IndexReg=*/0,
/*Scale=*/1, SMLoc{}, SMLoc{}, 0);
mattdrUnsubmitted
Not Done
ReplyInline Actions

Seems like this will have implications for debugging. Can we copy the SMLoc from the original instruction, for this and for the other MCInsts we're creating?

mattdr: Seems like this will have implications for debugging. Can we copy the SMLoc from the original…
craig.topperUnsubmitted
Not Done
ReplyInline Actions

You mean like debugging in GDB?

SMLoc is just the pointer into the memory buffer that holds the assembly text. It has no effect on debug locations in the final binary. It's main use is to print diagnostics in the compiler.

craig.topper: You mean like debugging in GDB? SMLoc is just the pointer into the memory buffer that holds…
ShlInst.setOpcode(X86::SHL64mi);
ShlMemOp->addMemOperands(ShlInst, 5);
ShlInst.addOperand(MCOperand::createImm(0));
FenceInst.setOpcode(X86::LFENCE);
Out.emitInstruction(ShlInst, getSTI());
Out.emitInstruction(FenceInst, getSTI());
return true;
}
case X86::JMP16m: case X86::JMP16m:
case X86::JMP32m: case X86::JMP32m:
case X86::JMP64m: case X86::JMP64m:
case X86::CALL16m: case X86::CALL16m:
case X86::CALL32m: case X86::CALL32m:
case X86::CALL64m: case X86::CALL64m:
emitWarningForSpecialLVIInstruction(Inst.getLoc()); emitWarningForSpecialLVIInstruction(Inst.getLoc());
return true; return true;
craig.topperUnsubmitted
Not Done
ReplyInline Actions

Why did emitInstruction have to get repeated everywhere? Aren't we still emitting the original ret from the user after the mitigation? So its not any different than inserting an LFENCE. Am I missing something?

craig.topper: Why did emitInstruction have to get repeated everywhere? Aren't we still emitting the original…
sconstabAuthorUnsubmitted
Not Done
ReplyInline Actions

It's a little more complicated now because the ret mitigation requires the LFENCE to be inserted *before* ret, whereas all other loading instructions need the LFENCE after. But maybe there is a cleaner way to implement this that I am missing?

sconstab: It's a little more complicated now because the `ret` mitigation requires the `LFENCE` to be…
craig.topperUnsubmitted
Done
ReplyInline Actions

right the others are after. why can't i ever remember that.

What if we called applyLVICFIMitigation before the emitInstruction and called applyLVILoadHardeningMitigation after?

craig.topper: right the others are after. why can't i ever remember that. What if we called…
} }
return false; return false;
} }
/// To mitigate LVI, every instruction that performs a load can be followed by /// To mitigate LVI, every instruction that performs a load can be followed by
/// an LFENCE instruction to squash any potential mis-speculation. There are /// an LFENCE instruction to squash any potential mis-speculation. There are
/// some instructions that require additional considerations, and may requre /// some instructions that require additional considerations, and may requre
/// manual mitigation. For more details, see: /// manual mitigation. For more details, see:
Show All 27 Lines if ((Flags & X86::IP_HAS_REPEAT) || (Flags & X86::IP_HAS_REPEAT_NE)) {
return true; return true;
} }
const MCInstrDesc &MCID = MII.get(Inst.getOpcode()); const MCInstrDesc &MCID = MII.get(Inst.getOpcode());
// LFENCE has the mayLoad property, don't double fence. // LFENCE has the mayLoad property, don't double fence.
if (MCID.mayLoad() && Inst.getOpcode() != X86::LFENCE) { if (MCID.mayLoad() && Inst.getOpcode() != X86::LFENCE) {
MCInst FenceInst; MCInst FenceInst;
FenceInst.setOpcode(X86::LFENCE); FenceInst.setOpcode(X86::LFENCE);
FenceInst.setLoc(Inst.getLoc());
Out.emitInstruction(FenceInst, getSTI()); Out.emitInstruction(FenceInst, getSTI());
return true; return true;
} }
return false; return false;
} }
void X86AsmParser::emitInstruction(MCInst &Inst, OperandVector &Operands, void X86AsmParser::emitInstruction(MCInst &Inst, OperandVector &Operands,
MCStreamer &Out) { MCStreamer &Out) {
Out.emitInstruction(Inst, getSTI()); bool MitigatedLVICFI = false;
if (LVIInlineAsmHardening) { if (LVIInlineAsmHardening) {
if (getSTI().getFeatureBits()[X86::FeatureLVIControlFlowIntegrity] && if (getSTI().getFeatureBits()[X86::FeatureLVIControlFlowIntegrity])
applyLVICFIMitigation(Inst)) MitigatedLVICFI = applyLVICFIMitigation(Inst, Out);
return; }
Out.emitInstruction(Inst, getSTI());
if (LVIInlineAsmHardening && !MitigatedLVICFI) {
if (getSTI().getFeatureBits()[X86::FeatureLVILoadHardening]) if (getSTI().getFeatureBits()[X86::FeatureLVILoadHardening])
applyLVILoadHardeningMitigation(Inst, Out); applyLVILoadHardeningMitigation(Inst, Out);
} }
} }
bool X86AsmParser::MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode, bool X86AsmParser::MatchAndEmitInstruction(SMLoc IDLoc, unsigned &Opcode,
OperandVector &Operands, OperandVector &Operands,
MCStreamer &Out, uint64_t &ErrorInfo, MCStreamer &Out, uint64_t &ErrorInfo,
▲ Show 20 LinesShow All 871 LinesShow Last 20 Lines

llvm/test/CodeGen/X86/lvi-hardening-inline-asm.ll

; RUN: llc -verify-machineinstrs -mtriple=x86_64-unknown -mattr=+lvi-load-hardening -mattr=+lvi-cfi -x86-experimental-lvi-inline-asm-hardening < %s -o %t.out 2> %t.err ; RUN: llc -verify-machineinstrs -mtriple=x86_64-unknown -mattr=+lvi-load-hardening -mattr=+lvi-cfi -x86-experimental-lvi-inline-asm-hardening < %s -o %t.out 2> %t.err
; RUN: FileCheck %s --check-prefix=X86 < %t.out ; RUN: FileCheck %s --check-prefix=X86 < %t.out
; RUN: FileCheck %s --check-prefix=WARN < %t.err ; RUN: FileCheck %s --check-prefix=WARN < %t.err
; Test module-level assembly ; Test module-level assembly
module asm "pop %rbx" module asm "pop %rbx"
module asm "ret" module asm "ret"
; WARN: warning: Instruction may be vulnerable to LVI ; X86: popq %rbx
; WARN-NEXT: ret ; X86-NEXT: lfence
; WARN-NEXT: ^ ; X86-NEXT: shlq $0, (%rsp)
; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information ; X86-NEXT: lfence
; X86-NEXT: retq
; Function Attrs: noinline nounwind optnone uwtable ; Function Attrs: noinline nounwind optnone uwtable
define dso_local void @test_inline_asm() { define dso_local void @test_inline_asm() {
entry: entry:
; X86-LABEL: test_inline_asm: ; X86-LABEL: test_inline_asm:
call void asm sideeffect "mov 0x3fed(%rip),%rax", "~{dirflag},~{fpsr},~{flags}"() #1 call void asm sideeffect "mov 0x3fed(%rip),%rax", "~{dirflag},~{fpsr},~{flags}"() #1
; X86: movq 16365(%rip), %rax ; X86: movq 16365(%rip), %rax
; X86-NEXT: lfence ; X86-NEXT: lfence
▲ Show 20 LinesShow All 81 Lines▼ Show 20 Lines
; WARN: warning: Instruction may be vulnerable to LVI ; WARN: warning: Instruction may be vulnerable to LVI
; WARN-NEXT: repnz ; WARN-NEXT: repnz
; WARN-NEXT: ^ ; WARN-NEXT: ^
; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information ; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
call void asm sideeffect "pinsrw $$0x6,(%eax),%xmm0", "~{dirflag},~{fpsr},~{flags}"() #1 call void asm sideeffect "pinsrw $$0x6,(%eax),%xmm0", "~{dirflag},~{fpsr},~{flags}"() #1
; X86: pinsrw $6, (%eax), %xmm0 ; X86: pinsrw $6, (%eax), %xmm0
; X86-NEXT: lfence ; X86-NEXT: lfence
call void asm sideeffect "ret", "~{dirflag},~{fpsr},~{flags}"() #1 call void asm sideeffect "ret", "~{dirflag},~{fpsr},~{flags}"() #1
; WARN: warning: Instruction may be vulnerable to LVI ; X86: shlq $0, (%rsp)
; WARN-NEXT: ret ; X86-NEXT: lfence
; WARN-NEXT: ^ ; X86-NEXT: retq
; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
; X86: retq
; X86-NOT: lfence ; X86-NOT: lfence
call void asm sideeffect "ret $$8", "~{dirflag},~{fpsr},~{flags}"() #1 call void asm sideeffect "ret $$8", "~{dirflag},~{fpsr},~{flags}"() #1
; WARN: warning: Instruction may be vulnerable to LVI ; X86: shlq $0, (%rsp)
; WARN-NEXT: ret $8 ; X86-NEXT: lfence
; WARN-NEXT: ^ ; X86-NEXT: retq $8
; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
; X86: retq $8
; X86-NOT: lfence ; X86-NOT: lfence
call void asm sideeffect "jmpq *(%rdx)", "~{dirflag},~{fpsr},~{flags}"() #1 call void asm sideeffect "jmpq *(%rdx)", "~{dirflag},~{fpsr},~{flags}"() #1
; WARN: warning: Instruction may be vulnerable to LVI ; WARN: warning: Instruction may be vulnerable to LVI
; WARN-NEXT: jmpq *(%rdx) ; WARN-NEXT: jmpq *(%rdx)
; WARN-NEXT: ^ ; WARN-NEXT: ^
; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information ; WARN-NEXT: note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
; X86: jmpq *(%rdx) ; X86: jmpq *(%rdx)
; X86-NOT: lfence ; X86-NOT: lfence
Show All 28 Lines