mirror of
https://github.com/RPCS3/llvm-mirror.git
synced 2024-11-25 20:23:11 +01:00
fb4c3562b1
implementing the proposed mitigation technique described in the original design document. The idea is to check after calls that the return address used to arrive at that location is in fact the correct address. In the event of a mis-predicted return which reaches a *valid* return but not the *correct* return, this will detect the mismatch much like it would a mispredicted conditional branch. This is the last published attack vector that I am aware of in the Spectre v1 space which is not mitigated by SLH+retpolines. However, don't read *too* much into that: this is an area of ongoing research where we expect more issues to be discovered in the future, and it also makes no attempt to mitigate Spectre v4. Still, this is an important completeness bar for SLH. The change here is of course delightfully simple. It was predicated on cutting support for post-instruction symbols into LLVM which was not at all simple. Many thanks to Hal Finkel, Reid Kleckner, and Justin Bogner who helped me figure out how to do a bunch of the complex changes involved there. Differential Revision: https://reviews.llvm.org/D50837 llvm-svn: 341358 |
||
|---|---|---|
| .. | ||
| Analysis | ||
| AsmParser | ||
| BinaryFormat | ||
| Bitcode | ||
| CodeGen | ||
| DebugInfo | ||
| Demangle | ||
| ExecutionEngine | ||
| Fuzzer | ||
| FuzzMutate | ||
| IR | ||
| IRReader | ||
| LineEditor | ||
| Linker | ||
| LTO | ||
| MC | ||
| Object | ||
| ObjectYAML | ||
| Option | ||
| Passes | ||
| ProfileData | ||
| Support | ||
| TableGen | ||
| Target | ||
| Testing | ||
| ToolDrivers | ||
| Transforms | ||
| WindowsManifest | ||
| XRay | ||
| CMakeLists.txt | ||
| LLVMBuild.txt | ||