[PATCH] D75939: [x86][seses] Introduce SESES pass for LVI
Zola Bridges via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Apr 27 12:22:50 PDT 2020
zbrid added a comment.
In D75939#2005920 <https://reviews.llvm.org/D75939#2005920>, @sconstab wrote:
> I don't think that this feature will be secure unless it is also used with `-mlvi-cfi`. Specifically, it is not sufficient to mitigate a RET simply by placing an LFENCE before it. There must also be a read from RSP's pointee just prior to that LFENCE. Also, indirect calls/jumps from memory must be decomposed into discrete load and call/jump from register operations with an interposed LFENCE. The `-mlvi-cfi` enables an X86 target feature that performs both of these mitigations correctly.
>
> Also, I think that all of your lit tests for various option combinations can be combined into a single file, with different FileCheck prefixes corresponding to different mitigation configurations.
- Good point on the tests, I'll update them accordingly.
- Also thanks for reminding me about the -mlvi-cfi flag. I'll add a change to enable that along with this pass.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D75939/new/
https://reviews.llvm.org/D75939
More information about the llvm-commits
mailing list