Page MenuHomePhabricator

sconstab (Scott Constable)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 8 2020, 1:33 PM (44 w, 4 d)

Recent Activity

Oct 7 2020

sconstab accepted D88925: [X86] Fix bug in -mlvi-cfi that may clobber a live register.

LGTM

Oct 7 2020, 4:05 PM · Restricted Project
sconstab accepted D88924: [X86] Move findDeadCallerSavedReg() into X86RegisterInfo.

LGTM.

Oct 7 2020, 4:05 PM · Restricted Project

Oct 6 2020

sconstab updated the diff for D88925: [X86] Fix bug in -mlvi-cfi that may clobber a live register.

Update required by https://reviews.llvm.org/D88924.

Oct 6 2020, 8:08 PM · Restricted Project
sconstab added inline comments to D88924: [X86] Move findDeadCallerSavedReg() into X86RegisterInfo.
Oct 6 2020, 8:07 PM · Restricted Project
sconstab updated the diff for D88924: [X86] Move findDeadCallerSavedReg() into X86RegisterInfo.

Removed the Is64Bit parameter, which was redundant and unneeded.

Oct 6 2020, 8:06 PM · Restricted Project
sconstab requested review of D88925: [X86] Fix bug in -mlvi-cfi that may clobber a live register.
Oct 6 2020, 2:01 PM · Restricted Project
sconstab requested review of D88924: [X86] Move findDeadCallerSavedReg() into X86RegisterInfo.
Oct 6 2020, 1:57 PM · Restricted Project

Jul 30 2020

sconstab added a comment to D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.

@craig.topper Yes.

Jul 30 2020, 9:22 AM · Restricted Project

Jul 27 2020

sconstab updated the diff for D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.

Addressed @craig.topper 's comments, and also changed some autos to Edge/Node wherever possible to improve readability.

Jul 27 2020, 3:28 PM · Restricted Project
sconstab added inline comments to D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.
Jul 27 2020, 1:21 PM · Restricted Project
sconstab updated the diff for D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.
Jul 27 2020, 1:20 PM · Restricted Project
sconstab requested review of D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.
Jul 27 2020, 10:30 AM · Restricted Project
sconstab updated the diff for D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.

Made one further optimization.

Jul 27 2020, 10:30 AM · Restricted Project

Jul 24 2020

sconstab updated the diff for D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.

Addressed @mattdr 's lone comment on style.

Jul 24 2020, 4:32 PM · Restricted Project
sconstab added inline comments to D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.
Jul 24 2020, 1:25 PM · Restricted Project
sconstab updated the diff for D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations.

Addressed comments by @mattdr

Jul 24 2020, 1:24 PM · Restricted Project

Jul 23 2020

Herald added a project to D84471: [X86] Fix for ballooning compile times due to Load Value Injection (LVI) mitigations: Restricted Project.
Jul 23 2020, 3:52 PM · Restricted Project

Jun 29 2020

sconstab accepted D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses.

LGTM.

Jun 29 2020, 1:36 PM · Restricted Project, Restricted Project
sconstab accepted D82037: [x86][lvi][seses] Use SESES at O0 for LVI mitigation.
Jun 29 2020, 1:36 PM · Restricted Project
sconstab added a comment to D82037: [x86][lvi][seses] Use SESES at O0 for LVI mitigation.

Other than the inline comments, LGTM.

Jun 29 2020, 1:36 PM · Restricted Project

Jun 17 2020

sconstab added a comment to D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.

That doesn't change my mind though because one could say the same wrt optimized LVI and SESES and just add that SESES has a more redundant LFENCEs than unoptimized LVI.

Jun 17 2020, 12:56 PM · Restricted Project
sconstab added a comment to D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.

It may also be worth noting that this new unoptimized pass is equivalent to the behavior of the mitigation implemented for gcc through binutils. Given that I wonder if it makes sense to use this pass at O1 or O2 and save the mostly costly analysis for O3.

Jun 17 2020, 7:31 AM · Restricted Project

Jun 16 2020

sconstab added a comment to D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.

@zbrid From a practical perspective I think you are correct. SESES mitigates a superset of gadgets that this pass mitigates, and therefore for code reuse/maintainability reasons it would make sense to replace this pass with SESES.

Jun 16 2020, 6:05 PM · Restricted Project

Jun 15 2020

sconstab added a comment to D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses.

Any progress on this patch? D75939 has been merged, but the SESES feature will not be secure until it has CFI protections.

Jun 15 2020, 8:40 AM · Restricted Project, Restricted Project

Jun 9 2020

sconstab updated the diff for D81506: [X86] Automatically harden inline assembly RET instructions against Load Value Injection (LVI).

Addressed suggestion by @craig.topper to consolidate calls to emitInstruction().

Jun 9 2020, 6:15 PM · Restricted Project
sconstab added inline comments to D81506: [X86] Automatically harden inline assembly RET instructions against Load Value Injection (LVI).
Jun 9 2020, 4:04 PM · Restricted Project
sconstab created D81506: [X86] Automatically harden inline assembly RET instructions against Load Value Injection (LVI).
Jun 9 2020, 2:22 PM · Restricted Project

Jun 5 2020

sconstab added a comment to D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.

Isn't this pass basically SESES? https://github.com/llvm/llvm-project/blob/master/llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp

Perhaps there's an opportunity to unify the two.

Jun 5 2020, 4:48 PM · Restricted Project

Jun 3 2020

sconstab added a comment to D80064: [X86] Disable LVI load hardening pass at O0.

@nikic I have posted https://reviews.llvm.org/D80964 as an alternative to this patch.

Jun 3 2020, 6:45 PM · Restricted Project

Jun 1 2020

sconstab added a comment to D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.

I should add that I am submitting this patch as an alternative to D80064. That revision invisibly disables the mitigation at -O0, which may not be secure for some users.

Jun 1 2020, 5:21 PM · Restricted Project
sconstab created D80964: [X86] Add an Unoptimized Load Value Injection (LVI) Load Hardening Pass.
Jun 1 2020, 5:21 PM · Restricted Project

May 26 2020

sconstab added a comment to D80064: [X86] Disable LVI load hardening pass at O0.

I can accept this change if the driver can also emit a warning when LVI hardening is enabled with -O0. We already have a similar warning when LVI CFI protections are enabled with retpoline. The warning is emitted in clang/lib/Driver/ToolChains/Arch/X86.cpp.

IIUC, this warning triggers only on particular command-line settings. However, the pass is activated by a function attribute, which may be enabled in different ways. I think there should be a warning if there is any function with the attribute but the pass not enabled.

May 26 2020, 4:55 PM · Restricted Project
sconstab added inline comments to D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses.
May 26 2020, 4:55 PM · Restricted Project, Restricted Project
sconstab abandoned D75938: [DO NOT MERGE] X86 Mitigate for Load Value Injection (LVI)--All Code.

Changes have been merged.

May 26 2020, 4:23 PM · Restricted Project

May 16 2020

sconstab added a comment to D80064: [X86] Disable LVI load hardening pass at O0.

I can accept this change if the driver can also emit a warning when LVI hardening is enabled with -O0. We already have a similar warning when LVI CFI protections are enabled with retpoline. The warning is emitted in clang/lib/Driver/ToolChains/Arch/X86.cpp.

May 16 2020, 10:01 AM · Restricted Project

May 12 2020

sconstab added a comment to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

This change causes a 0.8% compile-time regression for unoptimized builds. Based on the pipeline test diffs, I expect this is because the new pass requests a bunch of analyses, which it most likely (LVI load hardening disabled) will not need. Would it be possible to compute the analyses only if LVI load hardening is actually enabled?

May 12 2020, 12:21 PM · Restricted Project, Restricted Project

May 7 2020

sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
May 7 2020, 11:57 PM · Restricted Project, Restricted Project
sconstab updated the diff for D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Addressed comments by @mattdr.

May 7 2020, 11:57 PM · Restricted Project, Restricted Project
sconstab added a comment to D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Isn't that binutils patch adding IRET (opcode 0xcf)? LRET(opcodes 0xca and 0xcb) were already there.

I admit I don't know the opcodes offhand, but I agree with your reading of the code. From what I can see that commit does seem to be the first time lret appears in comments, and it appears to add a number of lret test cases.

May 7 2020, 11:57 PM · Restricted Project

May 4 2020

sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Rebase onto master.

May 4 2020, 5:13 PM · Restricted Project
sconstab updated the diff for D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

Rebase onto master.

May 4 2020, 5:13 PM · Restricted Project
sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
May 4 2020, 5:13 PM · Restricted Project, Restricted Project
sconstab updated the diff for D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Addressed the previously unaddressed comments, as pointed out by @craig.topper.

May 4 2020, 5:13 PM · Restricted Project, Restricted Project

Apr 27 2020

sconstab requested review of D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

Eliminated the NoFixedLoads feature in D75936, which simplified this patch quite a bit.

Apr 27 2020, 1:27 PM · Restricted Project
sconstab added inline comments to D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].
Apr 27 2020, 1:27 PM · Restricted Project
sconstab updated the diff for D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

Addressed comments from @mattdr.

Apr 27 2020, 1:27 PM · Restricted Project
sconstab updated the diff for D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Removed the -x86-lvi-no-fixed CLI flag. This change simplifies the code flow quite a bit.

Apr 27 2020, 1:27 PM · Restricted Project, Restricted Project
sconstab added inline comments to D75939: [x86][seses] Introduce SESES pass for LVI.
Apr 27 2020, 12:22 PM · Restricted Project
sconstab added a comment to D75939: [x86][seses] Introduce SESES pass for LVI.

I don't think that this feature will be secure unless it is also used with -mlvi-cfi. Specifically, it is not sufficient to mitigate a RET simply by placing an LFENCE before it. There must also be a read from RSP's pointee just prior to that LFENCE. Also, indirect calls/jumps from memory must be decomposed into discrete load and call/jump from register operations with an interposed LFENCE. The -mlvi-cfi enables an X86 target feature that performs both of these mitigations correctly.

Apr 27 2020, 11:51 AM · Restricted Project

Apr 26 2020

sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Addressed comments from @craig.topper.

Apr 26 2020, 10:37 AM · Restricted Project

Apr 23 2020

sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Addressed comment by @craig.topper about the position of the CLI argument.

Apr 23 2020, 9:10 PM · Restricted Project
sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Previous diff had an error.

Apr 23 2020, 9:10 PM · Restricted Project
sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

Added a CLI option to enable the inline asm hardening feature, which is now disabled by default. There is also a disclaimer in the CLI description that this feature is experimental.

Apr 23 2020, 3:49 PM · Restricted Project
sconstab added inline comments to D75935: Add RET-hardening Support to X86 to mitigate Load Value Injection (LVI) [3/6].
Apr 23 2020, 3:15 PM · Restricted Project
sconstab abandoned D76458: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [by modifying X86RetpolineThunks.cpp].

Superseded by D76810, D76811, and D76812.

Apr 23 2020, 3:15 PM
sconstab added a comment to D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

@mattdr Thanks for the very scrupulous review!

Apr 23 2020, 3:15 PM · Restricted Project
sconstab updated the diff for D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

Addressed feedback from @mattdr

Apr 23 2020, 3:15 PM · Restricted Project

Apr 16 2020

sconstab commandeered D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 16 2020, 12:14 PM · Restricted Project, Restricted Project
sconstab commandeered D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].
Apr 16 2020, 12:14 PM · Restricted Project

Apr 9 2020

sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 9 2020, 7:03 PM · Restricted Project, Restricted Project
sconstab requested review of D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

@craig.topper @mattdr

Apr 9 2020, 6:44 PM · Restricted Project
sconstab updated the diff for D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].

There is now a more complete set of documentation for instructions that must be manually mitigated:

Apr 9 2020, 6:44 PM · Restricted Project
sconstab added inline comments to D75935: Add RET-hardening Support to X86 to mitigate Load Value Injection (LVI) [3/6].
Apr 9 2020, 6:12 PM · Restricted Project

Apr 7 2020

sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 7 2020, 3:49 PM · Restricted Project, Restricted Project
sconstab added inline comments to D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].
Apr 7 2020, 1:36 PM · Restricted Project
sconstab requested review of D77584: [X86] Fix to X86LoadValueInjectionRetHardeningPass for possible segfault.

@craig.topper Anyone else I should add as a reviewer? Or can we just go ahead and merge?

Apr 7 2020, 1:36 PM · Restricted Project
sconstab added a comment to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Summary points for @craig.topper who has commandeered this diff:

  • fix the typo that Matt pointed out
  • SizeT should not be a template parameter, and size_type should be fixed to int.
  • Maybe have a member reference in MachineGadgetGraph to the associated MachineFunction.
  • Determine how this pass (and other X86 machine passes) should fail on unsupported X86 subtargets.
Apr 7 2020, 1:06 PM · Restricted Project, Restricted Project

Apr 6 2020

sconstab created D77584: [X86] Fix to X86LoadValueInjectionRetHardeningPass for possible segfault.
Apr 6 2020, 1:37 PM · Restricted Project

Apr 4 2020

sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 4 2020, 1:49 PM · Restricted Project, Restricted Project
sconstab added inline comments to D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].
Apr 4 2020, 1:49 PM · Restricted Project
sconstab added a comment to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Overall, the restyling by @craig.topper looks much better than what I had committed before. I agree that std::unique_ptr<T *> is the right "container" in this circumstance. And the addition of ArrayRef<> accessors is also a nice touch. A few extra inline comments.

Apr 4 2020, 1:17 PM · Restricted Project, Restricted Project
sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 4 2020, 9:32 AM · Restricted Project, Restricted Project
sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 4 2020, 9:00 AM · Restricted Project, Restricted Project

Apr 3 2020

sconstab added inline comments to D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].
Apr 3 2020, 10:10 PM · Restricted Project
sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Apr 3 2020, 10:10 PM · Restricted Project, Restricted Project
sconstab added inline comments to D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].
Apr 3 2020, 10:10 PM · Restricted Project
sconstab created D77431: [X86] Add tests to clang Driver to ensure that SLH/Retpoline features are not enabled with LVI-hardening.
Apr 3 2020, 2:09 PM
sconstab created D77427: [X86] Add tests to clang Driver to ensure that SLH/Retpoline features are not enabled with LVI-CFI.
Apr 3 2020, 12:57 PM · Restricted Project

Apr 2 2020

sconstab added inline comments to D76158: Add inline assembly load hardening mitigation for Load Value Injection (LVI) on X86 [6/6].
Apr 2 2020, 10:45 PM · Restricted Project

Apr 1 2020

sconstab updated the diff for D76812: [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3].

@craig.topper I think that removing spurious MBBs is not really necessary because the emitted machine code doesn't contain the spurious MBBs, from what I have observed. I added the check anyways, if only because others may look at this discrepancy and have the same question.

Apr 1 2020, 12:57 PM · Restricted Project

Mar 31 2020

sconstab added a comment to D76811: [X86] Refactor X86IndirectThunks.cpp to Accommodate Mitigations other than Retpoline [2/3].

4x agree.

Mar 31 2020, 5:06 PM · Restricted Project
sconstab added a comment to D76811: [X86] Refactor X86IndirectThunks.cpp to Accommodate Mitigations other than Retpoline [2/3].

By the way, I had initially implemented this patch with a pure virtual base class and a retpoline thunk (and later LVI thunk) class that implements the interface. However, I could not for the life of me structure the classes in a manner that would allow the compiler to devirtualize. Using CRTP admittedly sacrifices some readability, but it does not prevent the compiler from inlining RetpolineThunkInserter's methods.

Asking to learn here. I've not heard of CRTP and don't quite understand your explanation.

Recommend the article here: https://en.wikipedia.org/wiki/Curiously_recurring_template_pattern

  • What do you mean by allowing the compiler to devirtualize?

Suppose you have

struct Base { virtual void foo() = 0; };
struct D1 : Base { void foo() { … }; };
struct D2 final : Base { void foo() { … }; };
Mar 31 2020, 3:27 PM · Restricted Project
sconstab updated the diff for D76812: [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3].

Added a comment to the header of X86IndirectThunks.cpp to indicate support for LVI thunks.

Mar 31 2020, 7:44 AM · Restricted Project
sconstab added a comment to D76811: [X86] Refactor X86IndirectThunks.cpp to Accommodate Mitigations other than Retpoline [2/3].

By the way, I had initially implemented this patch with a pure virtual base class and a retpoline thunk (and later LVI thunk) class that implements the interface. However, I could not for the life of me structure the classes in a manner that would allow the compiler to devirtualize. Using CRTP admittedly sacrifices some readability, but it does not prevent the compiler from inlining RetpolineThunkInserter's methods.

Mar 31 2020, 7:44 AM · Restricted Project
sconstab updated the diff for D76810: [X86][NFC] Generalize the naming of "Retpoline Thunks" and related code to "Indirect Thunks" [1/3].

Updated to address @zbrid and @craig.topper 's comments.

Mar 31 2020, 7:44 AM · Restricted Project

Mar 25 2020

sconstab retitled D76812: [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3] from Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3] to [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3].
Mar 25 2020, 4:49 PM · Restricted Project
sconstab abandoned D76639: Change X86RetpolineThunks from a MachineFunctionPass to a ModulePass.

Due to performance/memory reasons, it is not a good idea to refactor this pass into a ModulePass.

Mar 25 2020, 4:49 PM
sconstab created D76812: [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3].
Mar 25 2020, 4:49 PM · Restricted Project
sconstab created D76811: [X86] Refactor X86IndirectThunks.cpp to Accommodate Mitigations other than Retpoline [2/3].
Mar 25 2020, 4:49 PM · Restricted Project
sconstab created D76810: [X86][NFC] Generalize the naming of "Retpoline Thunks" and related code to "Indirect Thunks" [1/3].
Mar 25 2020, 4:49 PM · Restricted Project

Mar 24 2020

sconstab retitled D75938: [DO NOT MERGE] X86 Mitigate for Load Value Injection (LVI)--All Code from X86 Mitigate for Load Value Injection (LVI)--All Code to [DO NOT MERGE] X86 Mitigate for Load Value Injection (LVI)--All Code.
Mar 24 2020, 6:36 PM · Restricted Project

Mar 23 2020

sconstab added a comment to D76639: Change X86RetpolineThunks from a MachineFunctionPass to a ModulePass.

This probably has a hidden side effect on the pass manager construction. Inserting a module pass into the middle of the pipeline effectively introduces a serialization point in the middle of the pipeline. This means all functions have to reach this point in the pipeline before any function can continue. I believe this will cause the Machine IR for all functions to become resident in memory at once. This will substantially increase the memory usage of the compiler.

Mar 23 2020, 1:38 PM
sconstab created D76639: Change X86RetpolineThunks from a MachineFunctionPass to a ModulePass.
Mar 23 2020, 1:06 PM

Mar 19 2020

sconstab created D76458: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [by modifying X86RetpolineThunks.cpp].
Mar 19 2020, 3:22 PM

Mar 18 2020

sconstab updated the diff for D75937: Add Support to X86 for Load Hardening to Mitigate Load Value Injection (LVI) [5/6].

One fix to correctly count the number of fences inserted.

Mar 18 2020, 7:32 PM · Restricted Project
sconstab added inline comments to D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].
Mar 18 2020, 7:32 PM · Restricted Project, Restricted Project
sconstab updated the diff for D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6].

Addressed Zola's comments.

Mar 18 2020, 7:32 PM · Restricted Project, Restricted Project
sconstab added inline comments to D75935: Add RET-hardening Support to X86 to mitigate Load Value Injection (LVI) [3/6].
Mar 18 2020, 5:55 PM · Restricted Project
sconstab updated the diff for D75935: Add RET-hardening Support to X86 to mitigate Load Value Injection (LVI) [3/6].

Addressed Zola's comments.

Mar 18 2020, 5:55 PM · Restricted Project
sconstab added inline comments to D75934: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [2/6].
Mar 18 2020, 3:46 PM · Restricted Project