[llvm-dev] RFC: Speculative Load Hardening (a Spectre variant #1 mitigation)
Friedman, Eli via llvm-dev
llvm-dev at lists.llvm.org
Wed Jul 11 11:24:00 PDT 2018
On 7/11/2018 4:02 AM, Chandler Carruth via llvm-dev wrote:
>
> I believe this approach has the advantage that:
> a) it makes it possible to only insert a mitigation in specific
> locations if
> the programmer is capable of inserting intrinsics manually.
>
>
> This is definitely an area of great interest long-term.
Annotating specific loads that need to be protected seems like a trap to
me. See https://reviews.llvm.org/D41761#989799 . (And Bounds Check
Bypass Store variants open up other possibilities, like overwriting a
spill slot.)
Maybe we can come up with some workable approach to "whitelist" certain
pointers: a pointer could be marked "speculatively-dereferenceable(N)"
if it points to N bytes of non-secret data. (We could apply this as
load metadata, like !dereferenceable, or it could be explicitly applied
using an intrinsic.)
-Eli
--
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20180711/1f2ef831/attachment.html>
More information about the llvm-dev
mailing list