[PATCH] D54555: [clang][slh] add attribute for speculative load hardening
Chandler Carruth via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Nov 16 14:58:23 PST 2018
chandlerc added a comment.
In https://reviews.llvm.org/D54555#1301087, @kristof.beyls wrote:
> In https://reviews.llvm.org/D54555#1301084, @aaron.ballman wrote:
>
> > Does this hardening impact the ABI in any way? e.g., do we have to do anything special to handle calls through function pointers where the bound function pointer is marked with this attribute?
>
>
> Not entirely sure, but I don't think so.
It influences the ABI, but not in a way that breaks compatibility.
> The way this is implemented both for x86 (if I understood the code correctly) and how this most likely will be implemented for AArch64 (see https://reviews.llvm.org/D49069 for what I expect will become the basis to implement SLH for AArch64) is that an illegal value is put in the stack pointer to signal misspeculation having happened. So, in that respect, having that illegal value in the stack pointer is an ABI rule to communicate mis-speculation across function boundaries.
> However, given that this is ABI only used on miss-speculated paths, and miss-speculated paths get corrected eventually, programs will keep on working correctly if functions calling each other don't follow the same ABI in this respect. Obviously, you'll lose some protection against cross-function call miss-speculation.
A good way to think about this is that SLH introduces a backwards compatible extension to the ABI. Two SLH'ed functions need to agree on their ABI, but they can be freely mixed with non-SLH functions.
Repository:
rL LLVM
https://reviews.llvm.org/D54555
More information about the llvm-commits
mailing list