HomePhabricator

[X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI)

Authored by sconstab on Apr 2 2020, 9:59 PM.

Description

[X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI)

This pass replaces each indirect call/jump with a direct call to a thunk that looks like:

lfence
jmpq *%r11

This ensures that if the value in register %r11 was loaded from memory, then
the value in %r11 is (architecturally) correct prior to the jump.
Also adds a new target feature to X86: +lvi-cfi
("cfi" meaning control-flow integrity)
The feature can be added via clang CLI using -mlvi-cfi.

This is an alternate implementation to https://reviews.llvm.org/D75934 That merges the thunk insertion functionality with the existing X86 retpoline code.

Differential Revision: https://reviews.llvm.org/D76812