[PATCH] D76812: [X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3]
Scott Constable via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Mar 25 16:49:20 PDT 2020
sconstab created this revision.
sconstab added reviewers: craig.topper, andrew.w.kaylor, zbrid, chandlerc.
Herald added subscribers: jfb, hiraditya.
sconstab added a parent revision: D76811: [X86] Refactor X86IndirectThunks.cpp to Accomodate Mitigations other than Retpoline [2/3].
sconstab retitled this revision from "Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3]" to "[X86] Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [3/3]".
This pass replaces each indirect call/jump with a direct call to a thunk that looks like:
lfence
jmpq *%r11
This ensures that if the value in register `%r11` was loaded from memory, then
the value in `%r11` is (architecturally) correct prior to the jump.
Also adds a new target feature to X86: +lvi-cfi
("cfi" meaning control-flow integrity)
The feature can be added via clang CLI using `-mlvi-cfi`.
This is an alternate implementation to https://reviews.llvm.org/D75934 That merges the thunk insertion functionality with the existing X86 retpoline code.
https://reviews.llvm.org/D76812
Files:
clang/include/clang/Driver/Options.td
clang/lib/Driver/ToolChains/Arch/X86.cpp
llvm/lib/Target/X86/X86.td
llvm/lib/Target/X86/X86ISelLowering.cpp
llvm/lib/Target/X86/X86IndirectThunks.cpp
llvm/lib/Target/X86/X86Subtarget.h
llvm/test/CodeGen/X86/lvi-hardening-indirectbr.ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D76812.252705.patch
Type: text/x-patch
Size: 17102 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200325/57b36cd7/attachment-0001.bin>
More information about the cfe-commits
mailing list