[PATCH] D41723: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715, "Branch Target Injection", and is one of the two halves to Spectre..

Eli Friedman via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Jan 4 11:56:41 PST 2018


efriedma added a comment.

There are some references to X86::CALL64r/X86::CALL64m in X86FrameLowering.cpp and X86MCInstLower.cpp which look like they could be relevant, but aren't addressed by this patch.

When a function called using a retpoline returns, will the ret be predicted correctly?



================
Comment at: llvm/lib/CodeGen/IndirectBrExpandPass.cpp:113
+      // index.
+      if (BBIndex == -1) {
+        BBIndex = BBs.size();
----------------
blockaddresses are uniqued, so no block should ever have more than one blockaddress user.  So this should probably be an assertion.


https://reviews.llvm.org/D41723





More information about the llvm-commits mailing list