[all-commits] [llvm/llvm-project] 5b519c: [X86] Add Indirect Thunk Support to X86 to mitigat...
Scott Constable via All-commits
all-commits at lists.llvm.org
Fri Apr 3 00:35:49 PDT 2020
Branch: refs/heads/master
Home: https://github.com/llvm/llvm-project
Commit: 5b519cf1fc6737054cf90b53667e7ddd3a51225f
https://github.com/llvm/llvm-project/commit/5b519cf1fc6737054cf90b53667e7ddd3a51225f
Author: Scott Constable <scott.d.constable at intel.com>
Date: 2020-04-03 (Fri, 03 Apr 2020)
Changed paths:
M clang/docs/ClangCommandLineReference.rst
M clang/include/clang/Driver/Options.td
M clang/lib/Driver/ToolChains/Arch/X86.cpp
M clang/test/Driver/x86-target-features.c
M llvm/lib/Target/X86/X86.td
M llvm/lib/Target/X86/X86ISelLowering.cpp
M llvm/lib/Target/X86/X86IndirectThunks.cpp
M llvm/lib/Target/X86/X86Subtarget.h
A llvm/test/CodeGen/X86/lvi-hardening-indirectbr.ll
Log Message:
-----------
[X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI)
This pass replaces each indirect call/jump with a direct call to a thunk that looks like:
lfence
jmpq *%r11
This ensures that if the value in register %r11 was loaded from memory, then
the value in %r11 is (architecturally) correct prior to the jump.
Also adds a new target feature to X86: +lvi-cfi
("cfi" meaning control-flow integrity)
The feature can be added via clang CLI using -mlvi-cfi.
This is an alternate implementation to https://reviews.llvm.org/D75934 That merges the thunk insertion functionality with the existing X86 retpoline code.
Differential Revision: https://reviews.llvm.org/D76812
More information about the All-commits
mailing list