[PATCH] D109157: [ARM] Mitigate the cve-2021-35465 security vulnurability.
Sjoerd Meijer via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Sep 6 05:14:08 PDT 2021
SjoerdMeijer added inline comments.
================
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1666
+ CmdArgs.push_back("-mllvm");
+ if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
+ CmdArgs.push_back("-arm-fix-cmse-cve-2021-35465=1");
----------------
If `-mcpu=cortex-[m33|m35|m55]` was provided, then `-arm-fix-cmse-cve-2021-35465=1` is already set and we are adding another option here? For example, for
-mcpu=cortex-m33 -mcmse -mfix-cmse-cve-2021-35465
I am expecting:
"-mllvm" "-arm-fix-cmse-cve-2021-35465=1" "-mllvm" "-arm-fix-cmse-cve-2021-35465=1"
and with `-mno-fix-cmse-cve-2021-35465`:
"-mllvm" "-arm-fix-cmse-cve-2021-35465=1" "-mllvm" "-arm-fix-cmse-cve-2021-35465=0"
Probably it's nicer to just pass this once.
Also, in the tests, I think cases are missing for `-mcpu=...` and `-m[no-]fix-cmse-cve-2021-35465`.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D109157/new/
https://reviews.llvm.org/D109157
More information about the cfe-commits
mailing list