[llvm-dev] Load Value Injection (LVI) Mitigation for X86
Constable, Scott D via llvm-dev
llvm-dev at lists.llvm.org
Tue Mar 10 10:07:38 PDT 2020
Hello LLVM Community,
Today, a new vulnerability called Load Value Injection (LVI) has been disclosed.
A brief document describing the vulnerability can be found here: https://software.intel.com/security-software-guidance/software-guidance/load-value-injection
A more detailed document can be found here: https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
A complete patch to LLVM has been pushed to Phabricator: https://reviews.llvm.org/D75938
The complete patch has been decomposed into 5 sub-patches:
https://reviews.llvm.org/D75932
https://reviews.llvm.org/D75934
https://reviews.llvm.org/D75935
https://reviews.llvm.org/D75936
https://reviews.llvm.org/D75937
A plugin that uses the SYMPHONY Mixed Integer-Linear Programming (MILP) solver to provide optimal mitigation can be found here: https://github.com/intel/lvi-llvm-optimization-plugin
(If this link does not work, then the following link might: https://github.com/intel/LLVM-Optimization-Plugin)
A document describing the optimization in more detail will also be published shortly.
Thanks and Regards,
Scott Constable
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20200310/8e61a422/attachment.html>
More information about the llvm-dev
mailing list