[PATCH] D41723: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715, "Branch Target Injection", and is one of the two halves to Spectre..

Chandler Carruth via llvm-commits llvm-commits at lists.llvm.org
Thu Jan 4 08:40:23 PST 2018


Replying via email as Phab is ... sad still.

On Thu, Jan 4, 2018 at 9:55 AM Tom Stellard via Phabricator via
llvm-commits <llvm-commits at lists.llvm.org> wrote:

> tstellar added a comment.
>
> Does this CVE affect all previous versions of clang/llvm ?
>

It's orthogonal. The CVE is a hardware issue. This patch allows specific,
sensitive software systems to mitigate this CVE with a new suite of
compiler features.

So the CVE doesn't affect any particular version, but everyone *is*
affected and we should try to get this feature into all mainstream versions
of clang/llvm to help users mitigate it.


>
> The Project Zero blog post mention that this issue affects ARM CPUs, does
> clang/llvm need a similar fix for ARM?
>

Perhaps, but it will need to be reasonably tailored to ARM processors. The
technique of using a "ret" as a constrained prediction domain indirect
branch is a pretty x86-specific trick.

All the other components are generic and should be easily adapted to other
processors if they need them.


>
> Is this fix important enough to do a special 5.0.2 release for it?
>

IMO, absolutely. I'd love to get this landed, backported, and a 5.0.2
release out within O(days) because that way distros can pick it up rapidly.

I view this as relatively low risk as it is an entirely optional code path.
It may have bugs, but it shouldn't make existing things buggy.


>
>
> https://reviews.llvm.org/D41723
>
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180104/33c2a88b/attachment.html>


More information about the llvm-commits mailing list