[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG9d9e499840af: [x86][seses] Add clang flag; Use lvi-cfi with 
seses (authored by zbrid).
Herald added a subscriber: jfb.

Changed prior to commit:
  https://reviews.llvm.org/D79910?vs=272117&id=275687#toc

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/l

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG9d9e499840af: [x86][seses] Add clang flag; Use lvi-cfi with 
seses (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276196.
zbrid added a comment.

rebase prior to commit


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
   "LFENCE instruction to

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276153.
zbrid added a comment.
Herald added a subscriber: jfb.

update seses flag


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
  

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276147.
zbrid added a comment.

rebase


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o 

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Craig Topper via Phabricator via cfe-commits]

craig.topper added inline comments.



Comment at: clang/lib/Driver/ToolChains/Arch/X86.cpp:200
+if (!Args.hasArg(options::OPT_mno_lvi_cfi)) {
+  Features.push_back("+lvi-cfi");
+  LVIOpt = options::OPT_mlvi_cfi;

sconstab wrote:
> zbrid wrote:
> > sconstab wrote:
> > > Would it be better to add `FeatureLVIControlFlowIntegrity` as a 
> > > dependency for `FeatureSpeculativeExecutionSideEffectSuppression` in 
> > > `llvm/lib/Target/X86/X86.td`?
> > Thanks for the tip! Yeah, I will update to do that, but it looks like that 
> > only ensures an error will be thrown if they aren't used together rather 
> > than ensuring one is enabled when the other is enabled. Am I 
> > misunderstanding?
> I'm not certain about this either. @craig.topper opinion?
Making them dependent in X86.td will make +sese imply +lvi-cfi and make 
-lvi-cfi imply -sese. So sese can never be enabled without lvi-cfi also enabled.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Scott Constable via Phabricator via cfe-commits]

sconstab accepted this revision.
sconstab added a comment.
This revision is now accepted and ready to land.

LGTM.




Comment at: clang/lib/Driver/ToolChains/Arch/X86.cpp:200
+if (!Args.hasArg(options::OPT_mno_lvi_cfi)) {
+  Features.push_back("+lvi-cfi");
+  LVIOpt = options::OPT_mlvi_cfi;

zbrid wrote:
> sconstab wrote:
> > Would it be better to add `FeatureLVIControlFlowIntegrity` as a dependency 
> > for `FeatureSpeculativeExecutionSideEffectSuppression` in 
> > `llvm/lib/Target/X86/X86.td`?
> Thanks for the tip! Yeah, I will update to do that, but it looks like that 
> only ensures an error will be thrown if they aren't used together rather than 
> ensuring one is enabled when the other is enabled. Am I misunderstanding?
I'm not certain about this either. @craig.topper opinion?


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

@sconstab @craig.topper - Ping for review


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 2 inline comments as done.
zbrid added inline comments.



Comment at: clang/include/clang/Driver/Options.td:2244
   HelpText<"Disable control-flow mitigations for Load Value Injection (LVI)">;
+def m_seses : Flag<["-"], "mseses">, Group, Flags<[CoreOption, 
DriverOption]>,
+  HelpText<"Enable speculative execution side effect suppression (SESES). "

MaskRay wrote:
> CoreOption is accepted by clang-cl. You need a `%clang_cl` test if you use 
> CoreOption.
Is there a typical place to put this test? Is this a .cc -> LLVM IR test that's 
wanted? Any examples you can point to?


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Fangrui Song via Phabricator via cfe-commits]

MaskRay added inline comments.



Comment at: clang/include/clang/Driver/Options.td:2244
   HelpText<"Disable control-flow mitigations for Load Value Injection (LVI)">;
+def m_seses : Flag<["-"], "mseses">, Group, Flags<[CoreOption, 
DriverOption]>,
+  HelpText<"Enable speculative execution side effect suppression (SESES). "

CoreOption is accepted by clang-cl. You need a `%clang_cl` test if you use 
CoreOption.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272117.
zbrid added a comment.

Fix accidentally deleted clang command line ref


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -444,6 +444,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-RETPO

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

@sconstab @craig.topper @mattdr -- This is ready for another round of review.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272114.
zbrid added a comment.

seses implies lvi-cfi

also enable-seses -> enable-seses-without-lvi-cfi


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -444,6 +444,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck 

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added inline comments.



Comment at: 
llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp:90
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)

zbrid wrote:
> sconstab wrote:
> > Is it really necessary to have the target feature and the CLI flag? If 
> > SESES is required for, say, a *.ll file, then `+seses` can always be added 
> > as a target feature.
> I think there should be a way to turn on SESES without lvi-cfi. Similar to 
> how there are flags to turn on SLH in various configurations. I'll see if I 
> can lower the number of flags while still enabling that possibility.
Ah I think I'll change the SESES-only flag to enable-without-lvi-cfi, so it's 
more explicit it's missing functionality/security. Updates will come soon.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272105.
zbrid marked an inline comment as done.
zbrid added a comment.

Update Clang Command Ref with automated tool


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -435,6 +435,13 @@
   "ourselves. Only has effect when combined with some other retpoline "
   "feature", [FeatureRetpolineIndirectCalls]>;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches.">;
 // Mitigate LVI attacks against indirect calls/branches and call returns
 def FeatureLVIControlFlowIntegrity
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-RETPOLINE %s
+//

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 2 inline comments as done.
zbrid added a comment.

Thanks for the ping, Scott. I'll update this so I can get it submitted soon.




Comment at: clang/lib/Driver/ToolChains/Arch/X86.cpp:200
+if (!Args.hasArg(options::OPT_mno_lvi_cfi)) {
+  Features.push_back("+lvi-cfi");
+  LVIOpt = options::OPT_mlvi_cfi;

sconstab wrote:
> Would it be better to add `FeatureLVIControlFlowIntegrity` as a dependency 
> for `FeatureSpeculativeExecutionSideEffectSuppression` in 
> `llvm/lib/Target/X86/X86.td`?
Thanks for the tip! Yeah, I will update to do that, but it looks like that only 
ensures an error will be thrown if they aren't used together rather than 
ensuring one is enabled when the other is enabled. Am I misunderstanding?



Comment at: 
llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp:90
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)

sconstab wrote:
> Is it really necessary to have the target feature and the CLI flag? If SESES 
> is required for, say, a *.ll file, then `+seses` can always be added as a 
> target feature.
I think there should be a way to turn on SESES without lvi-cfi. Similar to how 
there are flags to turn on SLH in various configurations. I'll see if I can 
lower the number of flags while still enabling that possibility.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Scott Constable via Phabricator via cfe-commits]

sconstab added a comment.

Any progress on this patch? D75939  has been 
merged, but the SESES feature will not be secure until it has CFI protections.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Scott Constable via Phabricator via cfe-commits]

sconstab added inline comments.



Comment at: clang/lib/Driver/ToolChains/Arch/X86.cpp:200
+if (!Args.hasArg(options::OPT_mno_lvi_cfi)) {
+  Features.push_back("+lvi-cfi");
+  LVIOpt = options::OPT_mlvi_cfi;

Would it be better to add `FeatureLVIControlFlowIntegrity` as a dependency for 
`FeatureSpeculativeExecutionSideEffectSuppression` in 
`llvm/lib/Target/X86/X86.td`?



Comment at: 
llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp:90
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)

Is it really necessary to have the target feature and the CLI flag? If SESES is 
required for, say, a *.ll file, then `+seses` can always be added as a target 
feature.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Matthew Riley via Phabricator via cfe-commits]

mattdr added a comment.

Took a quick look and seems sane -- will look after Craig's comment is 
addressed and build is passing


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Craig Topper via Phabricator via cfe-commits]

craig.topper added inline comments.



Comment at: clang/docs/ClangCommandLineReference.rst:2632
 
+.. option:: -mseses, -mno-seses
+

This file is in alphabetical order and is normally generated by a running 
clang-tblgen. See comment at the top of the file.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits