[PATCH] D86034: [WIP] Attribute harden_misspeculation

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
Herald added a reviewer: aaron.ballman.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
zbrid requested review of this revision.

Starting with if support first

- Parse attribute check for diagnosable issues with its usage


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D86034

Files:
  clang/include/clang/Basic/Attr.td
  clang/include/clang/Basic/AttrDocs.td
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/lib/Sema/SemaStmtAttr.cpp
  clang/test/SemaCXX/attr-harden-misspeculation-unsupported-target.cpp
  clang/test/SemaCXX/attr-harden-misspeculation.cpp

Index: clang/test/SemaCXX/attr-harden-misspeculation.cpp
===
--- /dev/null
+++ clang/test/SemaCXX/attr-harden-misspeculation.cpp
@@ -0,0 +1,19 @@
+// RUN: %clang_cc1 -std=c++11 -fsyntax-only %s -verify
+
+int b(int a, int b) {
+  if (a < b)
+  [[clang::harden_misspeculation]] { // expected-error {{'harden_misspeculation' attribute takes at least 1 argument}}
+a += 2;
+  }
+
+  if (a == b)
+  [[clang::harden_misspeculation(1)]] { // expected-error {{'harden_misspeculation' attribute requires an identifier}}
+a += 1;
+  }
+
+  if (a > b)
+[[clang::harden_misspeculation(a)]] // expected-error {{'harden_misspeculation' attribute is only allowed on compound statements (ie block statements)}}
+return a;
+
+  return a;
+}
Index: clang/test/SemaCXX/attr-harden-misspeculation-unsupported-target.cpp
===
--- /dev/null
+++ clang/test/SemaCXX/attr-harden-misspeculation-unsupported-target.cpp
@@ -0,0 +1,9 @@
+// RUN: %clang_cc1 -std=c++11 -triple armv7 -fsyntax-only %s -verify
+
+int b(int a, int b) {
+  if (a < b)
+  [[clang::harden_misspeculation(a)]] { // expected-error {{'harden_misspeculation' attribute is not supported for this target}}
+return a;
+  }
+  return b;
+}
Index: clang/lib/Sema/SemaStmtAttr.cpp
===
--- clang/lib/Sema/SemaStmtAttr.cpp
+++ clang/lib/Sema/SemaStmtAttr.cpp
@@ -10,14 +10,16 @@
 //
 //===--===//
 
-#include "clang/AST/EvaluatedExprVisitor.h"
-#include "clang/Sema/SemaInternal.h"
 #include "clang/AST/ASTContext.h"
+#include "clang/AST/EvaluatedExprVisitor.h"
 #include "clang/Basic/SourceManager.h"
+#include "clang/Basic/TargetInfo.h"
 #include "clang/Sema/DelayedDiagnostic.h"
 #include "clang/Sema/Lookup.h"
 #include "clang/Sema/ScopeInfo.h"
+#include "clang/Sema/SemaInternal.h"
 #include "llvm/ADT/StringExtras.h"
+#include "llvm/ADT/Triple.h"
 
 using namespace clang;
 using namespace sema;
@@ -51,6 +53,38 @@
   return ::new (S.Context) FallThroughAttr(S.Context, A);
 }
 
+static Attr *handleHardenMisspeculationAttr(Sema &S, Stmt *St,
+const ParsedAttr &A,
+SourceRange Range) {
+  if (!isa(St)) {
+S.Diag(A.getRange().getBegin(),
+   diag::err_harden_misspeculation_attr_wrong_target)
+<< A << St->getBeginLoc();
+  }
+
+  // FIXME: Support non-x86_64 targets
+  if (!(S.Context.getTargetInfo().getTriple().getArch() ==
+llvm::Triple::ArchType::x86_64)) {
+S.Diag(A.getLoc(), diag::err_attribute_unsupported) << A;
+return nullptr;
+  }
+
+  if (A.getNumArgs() < 1) {
+S.Diag(A.getLoc(), diag::err_attribute_too_few_arguments) << A << 1;
+return nullptr;
+  }
+
+  for (unsigned I = 0, E = A.getNumArgs(); I != E; ++I) {
+if (!A.isArgIdent(I)) {
+  S.Diag(A.getLoc(), diag::err_attribute_argument_type)
+  << A << AANT_ArgumentIdentifier;
+  return nullptr;
+}
+  }
+
+  return ::new (S.Context) HardenMisspeculationAttr(S.Context, A);
+}
+
 static Attr *handleSuppressAttr(Sema &S, Stmt *St, const ParsedAttr &A,
 SourceRange Range) {
   if (A.getNumArgs() < 1) {
@@ -374,6 +408,8 @@
 return handleOpenCLUnrollHint(S, St, A, Range);
   case ParsedAttr::AT_Suppress:
 return handleSuppressAttr(S, St, A, Range);
+  case ParsedAttr::AT_HardenMisspeculation:
+return handleHardenMisspeculationAttr(S, St, A, Range);
   case ParsedAttr::AT_NoMerge:
 return handleNoMergeAttr(S, St, A, Range);
   default:
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -9155,6 +9155,10 @@
   "fallthrough annotation in unreachable code">,
   InGroup, DefaultIgnore;
 
+def err_harden_misspeculation_attr_wrong_target
+: Error<"%0 attribute is only allowed on compound statements (ie block "
+"statements)">;
+
 def warn_unreachable_default : Warning<
   "default label in switch which covers all enumeration values">,
   InGroup,

[PATCH] D86033: This is mostly prototype code that should be deleted.

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
zbrid requested review of this revision.

Revert or squash this before uploading for review.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D86033

Files:
  clang/lib/Sema/SemaStmtAsm.cpp
  clang/lib/Sema/SemaStmtAttr.cpp

Index: clang/lib/Sema/SemaStmtAttr.cpp
===
--- clang/lib/Sema/SemaStmtAttr.cpp
+++ clang/lib/Sema/SemaStmtAttr.cpp
@@ -12,6 +12,7 @@
 
 #include "clang/AST/ASTContext.h"
 #include "clang/AST/EvaluatedExprVisitor.h"
+#include "clang/AST/StmtVisitor.h"
 #include "clang/Basic/SourceManager.h"
 #include "clang/Basic/TargetInfo.h"
 #include "clang/Sema/DelayedDiagnostic.h"
@@ -20,6 +21,7 @@
 #include "clang/Sema/SemaInternal.h"
 #include "llvm/ADT/StringExtras.h"
 #include "llvm/ADT/Triple.h"
+#include 
 
 using namespace clang;
 using namespace sema;
@@ -53,6 +55,26 @@
   return ::new (S.Context) FallThroughAttr(S.Context, A);
 }
 
+static void recur(SmallVectorImpl &V, const Stmt& S) {
+  for (auto Child: S.children()) {
+if (isa(Child))
+  std::cout << "is a declrefexpr" << std::endl;
+else
+  std::cout << "is NOT a declrefexpr" << std::endl;
+recur(V, *Child);
+  }
+}
+namespace {
+class DeclRefExprVisitor : public StmtVisitor {
+public:
+  SmallVector ExprNodesForAttrArgs;
+  ExprResult VisitDeclRefExpr(DeclRefExpr *E) {
+std::cout << "Found a decl ref expr!" << std::endl;
+ExprNodesForAttrArgs.emplace_back(&E);
+  }
+};
+} // namespace
+
 static Attr *handleHardenMisspeculationAttr(Sema &S, Stmt *St,
 const ParsedAttr &A,
 SourceRange Range) {
@@ -81,6 +103,38 @@
   return nullptr;
 }
   }
+  // We need to find the DeclRefExpr nodes that are for each variable passed
+  // into the attribute since we have to create a GCCAsmNode that references
+  // each variable later.
+
+  DeclRefExprVisitor DREV;
+  DREV.Visit(St);
+  for (unsigned i = 0; i < A.getNumArgs(); i++) {
+IdentifierLoc *CurrArg = A.getArg(i).get();
+  }
+//CurrArg->dump();
+// Create GCC node...
+// TODO: Figure out appropriate source location.
+//SourceLocation AsmLoc = SourceLocation();
+//bool IsSimple = false;
+//bool IsVolatile = true;
+//unsigned NumOutputs = 1;
+//unsigned NumInputs = 0;
+//IdentifierInfo **Names = nullptr; // TODO: What should this be?
+//StringLiteral *Constraint = nullptr; //StringLiteral("+r");
+//StringLiteral **Constraints = &Constraint;
+//StringLiteral **Clobbers= nullptr;
+//Expr **AsmExprs = &CurrArg;
+//StringLiteral * AsmString = nullptr; //StringLiteral("");
+//unsigned NumClobbers = 0;
+//unsigned NumLabels = 0;
+//SourceLocation RParenLoc = SourceLocation(); //TODO
+//
+//::new (S.Context)
+//  GCCAsmStmt(S.Context, AsmLoc, IsSimple, IsVolatile, NumOutputs,
+// NumInputs, Names, Constraints, AsmExprs, AsmString,
+// NumClobbers, Clobbers, NumLabels, RParenLoc);
+// } 
 
   return ::new (S.Context) HardenMisspeculationAttr(S.Context, A);
 }
Index: clang/lib/Sema/SemaStmtAsm.cpp
===
--- clang/lib/Sema/SemaStmtAsm.cpp
+++ clang/lib/Sema/SemaStmtAsm.cpp
@@ -24,6 +24,9 @@
 #include "llvm/ADT/ArrayRef.h"
 #include "llvm/ADT/StringSet.h"
 #include "llvm/MC/MCParser/MCAsmParser.h"
+#include 
+#include 
+#include 
 using namespace clang;
 using namespace sema;
 
@@ -245,11 +248,40 @@
  Expr *asmString, MultiExprArg clobbers,
  unsigned NumLabels,
  SourceLocation RParenLoc) {
+//  llvm::formatv("My asm statement args: {0}, {1}, {2}, {3}, {4}, {5}, {6}, "
+//"{7}, {8}, {9}, {10}, {11}, {12}",
+//AsmLoc, IsSimple, IsVolatile, NumOutputs, NumInputs, Names,
+//constraints, Exprs, asmString, clobbers->get, NumLabels);
+
+  std::cout << llvm::formatv("NumInputs: {0}\nNumOutputs: {1}\n", NumInputs, NumOutputs).str();
+  std::cout << llvm::formatv("IsSimple: {0}\nIsVolatile: {1}\n", IsSimple, IsVolatile).str();
+  asmString->dumpColor();
+  dyn_cast(asmString)->dumpPretty(Context);
+  std::cout << llvm::formatv("AsmString: \"{0}\"\n", asmString).str();
+  std::cout << llvm::formatv("NumLabels: {0}\n", NumLabels).str();
+  std::cout << llvm::formatv("NumExprs: {0}\n", Exprs.size()).str();
+  Exprs[0]->dumpColor();
   unsigned NumClobbers = clobbers.size();
+  std::cout << llvm::formatv("NumClobbers: {0}\n", NumClobbers).str();
+  std::cout << llvm::formatv("NumConstraints: {0}\n", constraints.size()).str();
   StringLiteral **Constraints =
 reinterpret_cast(constraints.data());
+  StringLiteral **CopyConstraints = Constraints;
+  int i = constraints.size();
+  while (i

[PATCH] D85039: [DO NOT SUBMIT][WIP] prototype

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
Herald added subscribers: llvm-commits, Sanitizers, cfe-commits, hiraditya.
Herald added projects: clang, Sanitizers, LLVM.
zbrid requested review of this revision.

Not intended to be reviewed. I only uploaded this patch to have a
link to share.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D85039

Files:
  clang/lib/CodeGen/BackendUtil.cpp
  compiler-rt/lib/asan/asan_globals.cpp
  llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
  load.c

Index: load.c
===
--- /dev/null
+++ load.c
@@ -0,0 +1,6 @@
+int load(int *p) { return *p; }
+
+int main() {
+  int i = 10;
+  load(&i);
+}
Index: llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
===
--- llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
+++ llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp
@@ -1058,6 +1058,12 @@
 getArgTLSPtr(), 0, Idx);
 }
 
+static void SetNoSanitizeMetadata(Instruction *I) {
+  I->setMetadata(
+  I->getParent()->getParent()->getParent()->getMDKindID("nosanitize"),
+  MDNode::get(I->getContext(), None));
+}
+
 Value *DFSanFunction::getShadow(Value *V) {
   if (!isa(V) && !isa(V))
 return DFS.ZeroShadow;
@@ -1073,8 +1079,10 @@
 DFS.ArgTLS ? &*F->getEntryBlock().begin()
: cast(ArgTLSPtr)->getNextNode();
 IRBuilder<> IRB(ArgTLSPos);
-Shadow =
+LoadInst *LI =
 IRB.CreateLoad(DFS.ShadowTy, getArgTLS(A->getArgNo(), ArgTLSPos));
+SetNoSanitizeMetadata(LI);
+Shadow = LI;
 break;
   }
   case DataFlowSanitizer::IA_Args: {
@@ -1105,9 +1113,11 @@
   assert(Addr != RetvalTLS && "Reinstrumenting?");
   IRBuilder<> IRB(Pos);
   Value *ShadowPtrMaskValue;
-  if (DFSanRuntimeShadowMask)
-ShadowPtrMaskValue = IRB.CreateLoad(IntptrTy, ExternalShadowMask);
-  else
+  if (DFSanRuntimeShadowMask) {
+LoadInst *LI = IRB.CreateLoad(IntptrTy, ExternalShadowMask);
+SetNoSanitizeMetadata(LI);
+ShadowPtrMaskValue = LI;
+  } else
 ShadowPtrMaskValue = ShadowPtrMask;
   return IRB.CreateIntToPtr(
   IRB.CreateMul(
@@ -1225,7 +1235,9 @@
 const auto i = AllocaShadowMap.find(AI);
 if (i != AllocaShadowMap.end()) {
   IRBuilder<> IRB(Pos);
-  return IRB.CreateLoad(DFS.ShadowTy, i->second);
+  LoadInst *LI = IRB.CreateLoad(DFS.ShadowTy, i->second);
+  SetNoSanitizeMetadata(LI);
+  return LI;
 }
   }
 
@@ -1366,7 +1378,8 @@
 const auto i = AllocaShadowMap.find(AI);
 if (i != AllocaShadowMap.end()) {
   IRBuilder<> IRB(Pos);
-  IRB.CreateStore(Shadow, i->second);
+  StoreInst *SI = IRB.CreateStore(Shadow, i->second);
+  SetNoSanitizeMetadata(SI);
   return;
 }
   }
@@ -1559,7 +1572,8 @@
 case DataFlowSanitizer::IA_TLS: {
   Value *S = DFSF.getShadow(RI.getReturnValue());
   IRBuilder<> IRB(&RI);
-  IRB.CreateStore(S, DFSF.getRetvalTLS());
+  StoreInst *SI = IRB.CreateStore(S, DFSF.getRetvalTLS());
+  SetNoSanitizeMetadata(SI);
   break;
 }
 case DataFlowSanitizer::IA_Args: {
@@ -1666,7 +1680,8 @@
 
   for (unsigned n = 0; i != CB.arg_end(); ++i, ++n) {
 auto LabelVAPtr = IRB.CreateStructGEP(LabelVATy, LabelVAAlloca, n);
-IRB.CreateStore(DFSF.getShadow(*i), LabelVAPtr);
+StoreInst *SI = IRB.CreateStore(DFSF.getShadow(*i), LabelVAPtr);
+SetNoSanitizeMetadata(SI);
   }
 
   Args.push_back(IRB.CreateStructGEP(LabelVATy, LabelVAAlloca, 0));
@@ -1702,6 +1717,7 @@
 if (!FT->getReturnType()->isVoidTy()) {
   LoadInst *LabelLoad =
   IRB.CreateLoad(DFSF.DFS.ShadowTy, DFSF.LabelReturnAlloca);
+  SetNoSanitizeMetadata(LabelLoad);
   DFSF.setShadow(CustomCI, LabelLoad);
 }
 
@@ -1716,8 +1732,9 @@
   FunctionType *FT = CB.getFunctionType();
   if (DFSF.DFS.getInstrumentedABI() == DataFlowSanitizer::IA_TLS) {
 for (unsigned i = 0, n = FT->getNumParams(); i != n; ++i) {
-  IRB.CreateStore(DFSF.getShadow(CB.getArgOperand(i)),
-  DFSF.getArgTLS(i, &CB));
+  StoreInst *SI = IRB.CreateStore(DFSF.getShadow(CB.getArgOperand(i)),
+  DFSF.getArgTLS(i, &CB));
+  SetNoSanitizeMetadata(SI);
 }
   }
 
@@ -1739,6 +1756,7 @@
 if (DFSF.DFS.getInstrumentedABI() == DataFlowSanitizer::IA_TLS) {
   IRBuilder<> NextIRB(Next);
   LoadInst *LI = NextIRB.CreateLoad(DFSF.DFS.ShadowTy, DFSF.getRetvalTLS());
+  SetNoSanitizeMetadata(LI);
   DFSF.SkipInsts.insert(LI);
   DFSF.setShadow(&CB, LI);
   DFSF.NonZeroChecks.push_back(LI);
@@ -1769,9 +1787,10 @@
"", &DFSF.F->getEntryBlock().front());
   Args.push_back(IRB.CreateConstGEP2_32(VarArgArrayTy, VarArgShadow, 0, 0));
   for (unsigne

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG9d9e499840af: [x86][seses] Add clang flag; Use lvi-cfi with 
seses (authored by zbrid).
Herald added a subscriber: jfb.

Changed prior to commit:
  https://reviews.llvm.org/D79910?vs=272117&id=275687#toc

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/l

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG9d9e499840af: [x86][seses] Add clang flag; Use lvi-cfi with 
seses (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276196.
zbrid added a comment.

rebase prior to commit


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
   "LFENCE instruction to

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276153.
zbrid added a comment.
Herald added a subscriber: jfb.

update seses flag


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h
  llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll

Index: llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
===
--- llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
+++ llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression.ll
@@ -1,8 +1,8 @@
 ; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable %s -o - | FileCheck %s
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
-; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi %s -o - | FileCheck %s
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-one-lfence-per-bb %s -o - | FileCheck %s --check-prefix=X86-ONE-LFENCE
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-omit-branch-lfences %s -o - | FileCheck %s --check-prefix=X86-OMIT-BR
+; RUN: llc -mtriple=x86_64-unknown-linux-gnu -x86-seses-enable-without-lvi-cfi -x86-seses-only-lfence-non-const %s -o - | FileCheck %s --check-prefix=X86-NON-CONST
 
 define void @_Z4buzzv() {
 ; CHECK-LABEL: _Z4buzzv:
Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -30,7 +30,7 @@
 STATISTIC(NumLFENCEsInserted, "Number of lfence instructions inserted");
 
 static cl::opt EnableSpeculativeExecutionSideEffectSuppression(
-"x86-seses-enable",
+"x86-seses-enable-without-lvi-cfi",
 cl::desc("Force enable speculative execution side effect suppression. "
  "(Note: User must pass -mlvi-cfi in order to mitigate indirect "
  "branches and returns.)"),
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
  

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 276147.
zbrid added a comment.

rebase


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -442,6 +442,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -759,6 +762,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -91,10 +91,12 @@
   const auto &OptLevel = MF.getTarget().getOptLevel();
   const X86Subtarget &Subtarget = MF.getSubtarget();
 
-  // Check whether SESES needs to run as the fallback for LVI at O0 or if the
-  // user explicitly passed the SESES flag.
+  // Check whether SESES needs to run as the fallback for LVI at O0, whether the
+  // user explicitly passed an SESES flag, or whether the SESES target feature
+  // was set.
   if (!EnableSpeculativeExecutionSideEffectSuppression &&
-  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None))
+  !(Subtarget.useLVILoadHardening() && OptLevel == CodeGenOpt::None) &&
+  !Subtarget.useSpeculativeExecutionSideEffectSuppression())
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -455,6 +455,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o 

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

@sconstab @craig.topper - Ping for review


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 2 inline comments as done.
zbrid added inline comments.



Comment at: clang/include/clang/Driver/Options.td:2244
   HelpText<"Disable control-flow mitigations for Load Value Injection (LVI)">;
+def m_seses : Flag<["-"], "mseses">, Group, Flags<[CoreOption, 
DriverOption]>,
+  HelpText<"Enable speculative execution side effect suppression (SESES). "

MaskRay wrote:
> CoreOption is accepted by clang-cl. You need a `%clang_cl` test if you use 
> CoreOption.
Is there a typical place to put this test? Is this a .cc -> LLVM IR test that's 
wanted? Any examples you can point to?


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272117.
zbrid added a comment.

Fix accidentally deleted clang command line ref


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -444,6 +444,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-RETPO

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

@sconstab @craig.topper @mattdr -- This is ready for another round of review.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272114.
zbrid added a comment.

seses implies lvi-cfi

also enable-seses -> enable-seses-without-lvi-cfi


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -444,6 +444,15 @@
   "LFENCE instruction to serialize control flow. Also decompose RET "
   "instructions into a POP+LFENCE+JMP sequence.">;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches. Implies LVI Control Flow integrity.",
+  [FeatureLVIControlFlowIntegrity]>;
+
 // Mitigate LVI attacks against data loads
 def FeatureLVILoadHardening
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck 

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid added inline comments.



Comment at: 
llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp:90
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)

zbrid wrote:
> sconstab wrote:
> > Is it really necessary to have the target feature and the CLI flag? If 
> > SESES is required for, say, a *.ll file, then `+seses` can always be added 
> > as a target feature.
> I think there should be a way to turn on SESES without lvi-cfi. Similar to 
> how there are flags to turn on SLH in various configurations. I'll see if I 
> can lower the number of flags while still enabling that possibility.
Ah I think I'll change the SESES-only flag to enable-without-lvi-cfi, so it's 
more explicit it's missing functionality/security. Updates will come soon.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 272105.
zbrid marked an inline comment as done.
zbrid added a comment.

Update Clang Command Ref with automated tool


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -435,6 +435,13 @@
   "ourselves. Only has effect when combined with some other retpoline "
   "feature", [FeatureRetpolineIndirectCalls]>;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches.">;
 // Mitigate LVI attacks against indirect calls/branches and call returns
 def FeatureLVIControlFlowIntegrity
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' not allowed with 'mseses'
+// RUN: %clang -target i386-linux-gnu -mseses -mretpoline %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-RETPOLINE %s
+//

[PATCH] D79910: [x86][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 2 inline comments as done.
zbrid added a comment.

Thanks for the ping, Scott. I'll update this so I can get it submitted soon.




Comment at: clang/lib/Driver/ToolChains/Arch/X86.cpp:200
+if (!Args.hasArg(options::OPT_mno_lvi_cfi)) {
+  Features.push_back("+lvi-cfi");
+  LVIOpt = options::OPT_mlvi_cfi;

sconstab wrote:
> Would it be better to add `FeatureLVIControlFlowIntegrity` as a dependency 
> for `FeatureSpeculativeExecutionSideEffectSuppression` in 
> `llvm/lib/Target/X86/X86.td`?
Thanks for the tip! Yeah, I will update to do that, but it looks like that only 
ensures an error will be thrown if they aren't used together rather than 
ensuring one is enabled when the other is enabled. Am I misunderstanding?



Comment at: 
llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp:90
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)

sconstab wrote:
> Is it really necessary to have the target feature and the CLI flag? If SESES 
> is required for, say, a *.ll file, then `+seses` can always be added as a 
> target feature.
I think there should be a way to turn on SESES without lvi-cfi. Similar to how 
there are flags to turn on SLH in various configurations. I'll see if I can 
lower the number of flags while still enabling that possibility.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79910/new/

https://reviews.llvm.org/D79910



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG60ee88599098: [clang][asm goto][slh] Warn if asm goto + SLH 
(authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/Parse/ParseStmtAsm.cpp
  clang/test/Parser/slh-asm-goto-no-warn.cpp
  clang/test/Parser/slh-asm-goto.cpp


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load 
hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening 
-fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -246,6 +246,11 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto
+  : Warning<"Speculative load hardening does not protect functions with "
+"asm goto">,
+InGroup>;
 }
 
 // Sema && Serialization


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -246,6 +246,11 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto
+  : Warning<"Speculative load hardening does not protect functions with "
+"asm goto">,
+InGroup>;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 265282.
zbrid added a comment.

ClangFormat diagnostic definition


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/Parse/ParseStmtAsm.cpp
  clang/test/Parser/slh-asm-goto-no-warn.cpp
  clang/test/Parser/slh-asm-goto.cpp


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load 
hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening 
-fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,11 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto
+  : Warning<"Speculative load hardening does not protect functions with "
+"asm goto">,
+InGroup>;
 }
 
 // Sema && Serialization


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,11 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto
+  : Warning<"Speculative load hardening does not protect functions with "
+"asm goto">,
+InGroup>;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

In D79743#2044676 , @jyu2 wrote:

> This looks good to me.  Could you also add a test to use this new DiagGroup 
> (-Wno-slh-asm-goto)?
>
> Thanks.
>
> Jennifer


Done.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 265081.
zbrid added a comment.

Add test; Update command for existing test

Also rename file to match warning flag


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/Parse/ParseStmtAsm.cpp
  clang/test/Parser/slh-asm-goto-no-warn.cpp
  clang/test/Parser/slh-asm-goto.cpp


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load 
hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening 
-fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,9 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto : Warning<
+"Speculative load hardening does not protect functions with asm goto">, 
InGroup>;
 }
 
 // Sema && Serialization


Index: clang/test/Parser/slh-asm-goto.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load hardening does not protect functions with asm goto}}
+}
Index: clang/test/Parser/slh-asm-goto-no-warn.cpp
===
--- /dev/null
+++ clang/test/Parser/slh-asm-goto-no-warn.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 -Wno-slh-asm-goto -mspeculative-load-hardening -fsyntax-only -verify %s
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-no-diagnostics
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,9 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto : Warning<
+"Speculative load hardening does not protect functions with asm goto">, InGroup>;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 264740.
zbrid marked an inline comment as done.
zbrid added a comment.

Update to emit the warning in the parser


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/Parse/ParseStmtAsm.cpp
  clang/test/Parser/asm-goto-slh.cpp


Index: clang/test/Parser/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Parser/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu 
-emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load 
hardening does not protect functions with asm goto}}
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,9 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto : Warning<
+"Speculative load hardening does not protect functions with asm goto">, 
InGroup>;
 }
 
 // Sema && Serialization


Index: clang/test/Parser/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Parser/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu -emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{Speculative load hardening does not protect functions with asm goto}}
+}
Index: clang/lib/Parse/ParseStmtAsm.cpp
===
--- clang/lib/Parse/ParseStmtAsm.cpp
+++ clang/lib/Parse/ParseStmtAsm.cpp
@@ -729,6 +729,9 @@
   if (parseGNUAsmQualifierListOpt(GAQ))
 return StmtError();
 
+  if (GAQ.isGoto() && getLangOpts().SpeculativeLoadHardening)
+Diag(Loc, diag::warn_slh_does_not_support_asm_goto);
+
   BalancedDelimiterTracker T(*this, tok::l_paren);
   T.consumeOpen();
 
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,9 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_asm_goto : Warning<
+"Speculative load hardening does not protect functions with asm goto">, InGroup>;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

@jyu2 and @mattdr - updated to address your comments.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 3 inline comments as done.
zbrid added a comment.

> Do you mean runtime crash? If so, I think error should be emit, so that 
> programmer can remove use of "asm goto" and recompile.

This would be a compile time crash. At some point the 
X86SpeculativeLoadHardening pass in the backend will notice asm goto is being 
used and give up. As far as I can tell it's hard to determine that asm goto was 
the root cause of that crash in the backend, so I want to emit it earlier in 
Clang. Does that make sense? Let me know if not :)

> It to me,  you can emit error somewhere in ParseAsmStatement when “goto” is 
> parsed.  Let me know if you have problem.

Thanks for the pointer! I'll send an update that emits at that point.

In D79743#2036814 , @jyu2 wrote:

> I don’t know what consequences is of using asm goto under SLH.
>
> In general, if asm-goto is not allowed, the diagnostic should be emitted 
> during the parser.  If asm-goto is not allowed under specified condition, the 
> diagnostic should be emitted during sema.  Diagnostic should not be emitted 
> in the lower(codegen) in general (exception may be for target related).


Ah okay. Asm goto isn't allowed with SLH in general, so sounds like this should 
be in the parser based on your comment here. Thanks for the explanation.

Thanks for the comments, everyone.




Comment at: clang/include/clang/Basic/DiagnosticCommonKinds.td:248-249
+  def warn_slh_does_not_support_gcc_asm_goto : Warning<
+"speculative load hardening does not support use of GCC asm goto. asm goto 
"
+"detected with SLH">, InGroup>;
 }

mattdr wrote:
> I think at the UI level this feature is just called "asm goto" with no "GCC". 
> See e.g. https://lists.llvm.org/pipermail/llvm-dev/2018-October/127239.html
> 
> Also, since this is a warning (vs. an error), we probably want to hint about 
> the consequences of continuing despite the warning.
> 
> My attempt:
> "Speculative load hardening may not fully protect functions with 'asm goto'"
> 
I believe the DiagGroup is required for all new warnings (see: 
https://github.com/llvm/llvm-project/blob/master/clang/test/Misc/warning-flags.c)
  and I didn't notice one that fit this particular flag well. In addition I saw 
that adding a diag group in this way was used in the other places (like the 
warning right before the one I added), so I think this is an okay addition. If 
we add other slh related flags, we could perhaps generalize the diagnostic 
group to cover all those flags at that point.

Good points wrt the error message. I'll update it not to mention gcc and to 
explain what will happen if they use asm goto with SLH.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79894: [clang][slh] Add test for SLH feature checking macro

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG18a855da431e: [clang][slh] Add test for SLH feature checking 
macro (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79894/new/

https://reviews.llvm.org/D79894

Files:
  clang/test/Lexer/has_feature_speculative_load_hardening.cpp


Index: clang/test/Lexer/has_feature_speculative_load_hardening.cpp
===
--- /dev/null
+++ clang/test/Lexer/has_feature_speculative_load_hardening.cpp
@@ -0,0 +1,15 @@
+// RUN: %clang -E -mspeculative-load-hardening %s -o - | FileCheck 
--check-prefix=CHECK-SLH %s
+// RUN: %clang -E -mno-speculative-load-hardening %s -o - | FileCheck 
--check-prefix=CHECK-NOSLH %s
+// RUN: %clang -E %s -o - | FileCheck --check-prefix=CHECK-DEFAULT %s
+
+#if __has_feature(speculative_load_hardening)
+int SpeculativeLoadHardeningEnabled();
+#else
+int SpeculativeLoadHardeningDisabled();
+#endif
+
+// CHECK-SLH: SpeculativeLoadHardeningEnabled
+
+// CHECK-NOSLH: SpeculativeLoadHardeningDisabled
+
+// CHECK-DEFAULT: SpeculativeLoadHardeningDisabled


Index: clang/test/Lexer/has_feature_speculative_load_hardening.cpp
===
--- /dev/null
+++ clang/test/Lexer/has_feature_speculative_load_hardening.cpp
@@ -0,0 +1,15 @@
+// RUN: %clang -E -mspeculative-load-hardening %s -o - | FileCheck --check-prefix=CHECK-SLH %s
+// RUN: %clang -E -mno-speculative-load-hardening %s -o - | FileCheck --check-prefix=CHECK-NOSLH %s
+// RUN: %clang -E %s -o - | FileCheck --check-prefix=CHECK-DEFAULT %s
+
+#if __has_feature(speculative_load_hardening)
+int SpeculativeLoadHardeningEnabled();
+#else
+int SpeculativeLoadHardeningDisabled();
+#endif
+
+// CHECK-SLH: SpeculativeLoadHardeningEnabled
+
+// CHECK-NOSLH: SpeculativeLoadHardeningDisabled
+
+// CHECK-DEFAULT: SpeculativeLoadHardeningDisabled
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79910: [WIP][seses] Add clang flag; Use lvi-cfi with seses

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: sconstab, craig.topper, mattdr.
Herald added subscribers: llvm-commits, cfe-commits, hiraditya.
Herald added projects: clang, LLVM.

This patch creates a clang flag to enable SESES. This flag also ensures that
lvi-cfi is on when using seses via clang.

SESES should use lvi-cfi to mitigate returns and indirect branches.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D79910

Files:
  clang/docs/ClangCommandLineReference.rst
  clang/include/clang/Driver/Options.td
  clang/lib/Driver/ToolChains/Arch/X86.cpp
  clang/test/Driver/x86-target-features.c
  llvm/lib/Target/X86/X86.td
  llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
  llvm/lib/Target/X86/X86Subtarget.h

Index: llvm/lib/Target/X86/X86Subtarget.h
===
--- llvm/lib/Target/X86/X86Subtarget.h
+++ llvm/lib/Target/X86/X86Subtarget.h
@@ -437,6 +437,9 @@
   /// POP+LFENCE+JMP sequence.
   bool UseLVIControlFlowIntegrity = false;
 
+  /// Enable Speculative Execution Side Effect Suppression
+  bool UseSpeculativeExecutionSideEffectSuppression = false;
+
   /// Insert LFENCE instructions to prevent data speculatively injected into
   /// loads from being used maliciously.
   bool UseLVILoadHardening = false;
@@ -744,6 +747,9 @@
   bool useGLMDivSqrtCosts() const { return UseGLMDivSqrtCosts; }
   bool useLVIControlFlowIntegrity() const { return UseLVIControlFlowIntegrity; }
   bool useLVILoadHardening() const { return UseLVILoadHardening; }
+  bool useSpeculativeExecutionSideEffectSuppression() const {
+return UseSpeculativeExecutionSideEffectSuppression;
+  }
 
   unsigned getPreferVectorWidth() const { return PreferVectorWidth; }
   unsigned getRequiredVectorWidth() const { return RequiredVectorWidth; }
Index: llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
+++ llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
@@ -86,13 +86,14 @@
 
 bool X86SpeculativeExecutionSideEffectSuppression::runOnMachineFunction(
 MachineFunction &MF) {
-  if (!EnableSpeculativeExecutionSideEffectSuppression)
+  const X86Subtarget &Subtarget = MF.getSubtarget();
+  if (!Subtarget.useSpeculativeExecutionSideEffectSuppression() &&
+  !EnableSpeculativeExecutionSideEffectSuppression)
 return false;
 
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
   bool Modified = false;
-  const X86Subtarget &Subtarget = MF.getSubtarget();
   const X86InstrInfo *TII = Subtarget.getInstrInfo();
   for (MachineBasicBlock &MBB : MF) {
 MachineInstr *FirstTerminator = nullptr;
Index: llvm/lib/Target/X86/X86.td
===
--- llvm/lib/Target/X86/X86.td
+++ llvm/lib/Target/X86/X86.td
@@ -435,6 +435,13 @@
   "ourselves. Only has effect when combined with some other retpoline "
   "feature", [FeatureRetpolineIndirectCalls]>;
 
+// Enable SESES to mitigate speculative execution attacks
+def FeatureSpeculativeExecutionSideEffectSuppression
+: SubtargetFeature<
+  "seses", "UseSpeculativeExecutionSideEffectSuppression", "true",
+  "Prevent speculative execution side channel timing attacks by "
+  "inserting a speculation barrier before memory reads, memory writes, "
+  "and conditional branches.">;
 // Mitigate LVI attacks against indirect calls/branches and call returns
 def FeatureLVIControlFlowIntegrity
 : SubtargetFeature<
Index: clang/test/Driver/x86-target-features.c
===
--- clang/test/Driver/x86-target-features.c
+++ clang/test/Driver/x86-target-features.c
@@ -178,6 +178,27 @@
 // RUN: %clang -target i386-linux-gnu -mlvi-hardening -mretpoline-external-thunk %s -### -o %t.o 2>&1 | FileCheck -check-prefix=LVIHARDENING-RETPOLINE-EXTERNAL-THUNK %s
 // LVIHARDENING-RETPOLINE-EXTERNAL-THUNK: error: invalid argument 'mretpoline-external-thunk' not allowed with 'mlvi-hardening'
 
+// RUN: %clang -target i386-linux-gnu -mseses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES %s
+// RUN: %clang -target i386-linux-gnu -mno-seses %s -### -o %t.o 2>&1 | FileCheck -check-prefix=NO-SESES %s
+// SESES: "-target-feature" "+seses"
+// SESES: "-target-feature" "+lvi-cfi"
+// NO-SESES-NOT: seses
+// NO-SESES-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mno-lvi-cfi %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-NOLVICFI %s
+// SESES-NOLVICFI: "-target-feature" "+seses"
+// SESES-NOLVICFI-NOT: lvi-cfi
+
+// RUN: %clang -target i386-linux-gnu -mseses -mspeculative-load-hardening %s -### -o %t.o 2>&1 | FileCheck -check-prefix=SESES-SLH %s
+// SESES-SLH: error: invalid argument 'mspeculative-load-hardening' 

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

In D79743#2034792 , @jyu2 wrote:

> Two questions:
>  1>   What happen under SLH, will asm goto gets removed, or a runtime problem?
>  2>   Should we emit error or warning in the Parser instead?




1. SLH crashes with an unhelpful error message.
2. I'd be happy to emit the warning in the Parser. Could you give me a pointer 
to where in the parser would be appropriate? I'm not super familiar with the 
clang codebase. Also why do you think the parser would be a better place? 
(Asking to learn since I'm new to this area)


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 263819.
zbrid added a comment.

Update to fix failing test


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79743/new/

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/CodeGen/CGStmt.cpp
  clang/test/Sema/asm-goto-slh.cpp


Index: clang/test/Sema/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Sema/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu 
-emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{speculative load 
hardening does not support use of GCC asm goto. asm goto detected with SLH}}
+}
Index: clang/lib/CodeGen/CGStmt.cpp
===
--- clang/lib/CodeGen/CGStmt.cpp
+++ clang/lib/CodeGen/CGStmt.cpp
@@ -2300,6 +2300,10 @@
  /* IsAlignStack */ false, AsmDialect);
   std::vector RegResults;
   if (IsGCCAsmGoto) {
+const auto LO = getLangOpts();
+if (LO.SpeculativeLoadHardening)
+  CGM.getDiags().Report(S.getAsmLoc(),
+diag::warn_slh_does_not_support_gcc_asm_goto);
 llvm::CallBrInst *Result =
 Builder.CreateCallBr(IA, Fallthrough, Transfer, Args);
 EmitBlock(Fallthrough);
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,10 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_gcc_asm_goto : Warning<
+"speculative load hardening does not support use of GCC asm goto. asm goto 
"
+"detected with SLH">, InGroup>;
 }
 
 // Sema && Serialization


Index: clang/test/Sema/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Sema/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu -emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{speculative load hardening does not support use of GCC asm goto. asm goto detected with SLH}}
+}
Index: clang/lib/CodeGen/CGStmt.cpp
===
--- clang/lib/CodeGen/CGStmt.cpp
+++ clang/lib/CodeGen/CGStmt.cpp
@@ -2300,6 +2300,10 @@
  /* IsAlignStack */ false, AsmDialect);
   std::vector RegResults;
   if (IsGCCAsmGoto) {
+const auto LO = getLangOpts();
+if (LO.SpeculativeLoadHardening)
+  CGM.getDiags().Report(S.getAsmLoc(),
+diag::warn_slh_does_not_support_gcc_asm_goto);
 llvm::CallBrInst *Result =
 Builder.CreateCallBr(IA, Fallthrough, Transfer, Args);
 EmitBlock(Fallthrough);
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,10 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_gcc_asm_goto : Warning<
+"speculative load hardening does not support use of GCC asm goto. asm goto "
+"detected with SLH">, InGroup>;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79894: [clang][slh] Add test for SLH feature checking macro

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: craig.topper, mattdr.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.

I forgot to include a test in this commit:
https://reviews.llvm.org/rG379e68a763097bed6c6dc7453e4b732e3d68

Here's the test. It passes after that commit and fails before that commit.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D79894

Files:
  clang/test/Lexer/has_feature_speculative_load_hardening.cpp


Index: clang/test/Lexer/has_feature_speculative_load_hardening.cpp
===
--- /dev/null
+++ clang/test/Lexer/has_feature_speculative_load_hardening.cpp
@@ -0,0 +1,15 @@
+// RUN: %clang -E -mspeculative-load-hardening %s -o - | FileCheck 
--check-prefix=CHECK-SLH %s
+// RUN: %clang -E -mno-speculative-load-hardening %s -o - | FileCheck 
--check-prefix=CHECK-NOSLH %s
+// RUN: %clang -E %s -o - | FileCheck --check-prefix=CHECK-DEFAULT %s
+
+#if __has_feature(speculative_load_hardening)
+int SpeculativeLoadHardeningEnabled();
+#else
+int SpeculativeLoadHardeningDisabled();
+#endif
+
+// CHECK-SLH: SpeculativeLoadHardeningEnabled
+
+// CHECK-NOSLH: SpeculativeLoadHardeningDisabled
+
+// CHECK-DEFAULT: SpeculativeLoadHardeningDisabled


Index: clang/test/Lexer/has_feature_speculative_load_hardening.cpp
===
--- /dev/null
+++ clang/test/Lexer/has_feature_speculative_load_hardening.cpp
@@ -0,0 +1,15 @@
+// RUN: %clang -E -mspeculative-load-hardening %s -o - | FileCheck --check-prefix=CHECK-SLH %s
+// RUN: %clang -E -mno-speculative-load-hardening %s -o - | FileCheck --check-prefix=CHECK-NOSLH %s
+// RUN: %clang -E %s -o - | FileCheck --check-prefix=CHECK-DEFAULT %s
+
+#if __has_feature(speculative_load_hardening)
+int SpeculativeLoadHardeningEnabled();
+#else
+int SpeculativeLoadHardeningDisabled();
+#endif
+
+// CHECK-SLH: SpeculativeLoadHardeningEnabled
+
+// CHECK-NOSLH: SpeculativeLoadHardeningDisabled
+
+// CHECK-DEFAULT: SpeculativeLoadHardeningDisabled
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79733: [clang][SLH] Add __has_feature(speculative_load_hardening)

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG379e68a76309: [clang][SLH] Add 
__has_feature(speculative_load_hardening) (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79733/new/

https://reviews.llvm.org/D79733

Files:
  clang/include/clang/Basic/Features.def
  clang/include/clang/Basic/LangOptions.def
  clang/lib/Driver/ToolChains/Clang.cpp
  clang/lib/Frontend/CompilerInvocation.cpp


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3382,6 +3382,7 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardening = Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5361,8 +5361,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
Index: clang/include/clang/Basic/LangOptions.def
===
--- clang/include/clang/Basic/LangOptions.def
+++ clang/include/clang/Basic/LangOptions.def
@@ -368,6 +368,8 @@
  "Key used for return address signing")
 LANGOPT(BranchTargetEnforcement, 1, 0, "Branch-target enforcement enabled")
 
+LANGOPT(SpeculativeLoadHardening, 1, 0, "Speculative load hardening enabled")
+
 #undef LANGOPT
 #undef COMPATIBLE_LANGOPT
 #undef BENIGN_LANGOPT
Index: clang/include/clang/Basic/Features.def
===
--- clang/include/clang/Basic/Features.def
+++ clang/include/clang/Basic/Features.def
@@ -36,6 +36,7 @@
 #define EXTENSION(Name, Predicate)
 #endif
 
+FEATURE(speculative_load_hardening, LangOpts.SpeculativeLoadHardening)
 FEATURE(address_sanitizer,
 LangOpts.Sanitize.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress))


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3382,6 +3382,7 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardening = Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5361,8 +5361,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
Index: clang/include/clang/Basic/LangOptions.def
===
--- clang/include/clang/Basic/LangOptions.def
+++ clang/include/clang/Basic/LangOptions.def
@@ -368,6 +368,8 @@
  "Key used for return address signing")
 LANGOPT(BranchTargetEnforcement, 1, 0, "Branch-target enforcement enabled")
 
+LANGOPT(SpeculativeLoadHardening, 1, 0, "Speculative load hardening enabled")
+
 #undef LANGOPT
 #undef COMPATIBLE_LANGOPT
 #undef BENIGN_LANGOPT
Index: clang/include/clang/Basic/Features.def
===
--- clang/include/clang/Basic/Features.def
+++ clang/include/clang/Basic/Features.def
@@ -36,6 +36,7 @@
 #define EXTENSION(Name, Predicate)
 #endif
 
+FEATURE(speculative_load_hardening, LangOpts.SpeculativeLoadHardening)
 FEATURE(address_sanitizer,
 LangOpts.Sanitize.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress))
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79743: [clang][asm goto][slh] Warn if asm goto + SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: mattdr, rsmith.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.

Asm goto is not supported by SLH. Warn if an instance of asm goto is detected
while SLH is enabled.

Test included.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D79743

Files:
  clang/include/clang/Basic/DiagnosticCommonKinds.td
  clang/lib/CodeGen/CGStmt.cpp
  clang/test/Sema/asm-goto-slh.cpp


Index: clang/test/Sema/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Sema/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu 
-emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{speculative load 
hardening does not support use of GCC asm goto. asm goto detected with SLH}}
+}
Index: clang/lib/CodeGen/CGStmt.cpp
===
--- clang/lib/CodeGen/CGStmt.cpp
+++ clang/lib/CodeGen/CGStmt.cpp
@@ -2300,6 +2300,10 @@
  /* IsAlignStack */ false, AsmDialect);
   std::vector RegResults;
   if (IsGCCAsmGoto) {
+const auto LO = getLangOpts();
+if (LO.SpeculativeLoadHardening)
+  CGM.getDiags().Report(S.getAsmLoc(),
+diag::warn_slh_does_not_support_gcc_asm_goto);
 llvm::CallBrInst *Result =
 Builder.CreateCallBr(IA, Fallthrough, Transfer, Args);
 EmitBlock(Fallthrough);
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,10 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack 
clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_gcc_asm_goto : Warning<
+"speculative load hardening does not support use of GCC asm goto. asm goto 
"
+"detected with SLH">;
 }
 
 // Sema && Serialization


Index: clang/test/Sema/asm-goto-slh.cpp
===
--- /dev/null
+++ clang/test/Sema/asm-goto-slh.cpp
@@ -0,0 +1,5 @@
+// RUN: %clang_cc1 %s -mspeculative-load-hardening -triple x86_64-pc-linux-gnu -emit-llvm -S
+
+void f() {
+  __asm goto("movl %ecx, %edx"); // expected-warning {{speculative load hardening does not support use of GCC asm goto. asm goto detected with SLH}}
+}
Index: clang/lib/CodeGen/CGStmt.cpp
===
--- clang/lib/CodeGen/CGStmt.cpp
+++ clang/lib/CodeGen/CGStmt.cpp
@@ -2300,6 +2300,10 @@
  /* IsAlignStack */ false, AsmDialect);
   std::vector RegResults;
   if (IsGCCAsmGoto) {
+const auto LO = getLangOpts();
+if (LO.SpeculativeLoadHardening)
+  CGM.getDiags().Report(S.getAsmLoc(),
+diag::warn_slh_does_not_support_gcc_asm_goto);
 llvm::CallBrInst *Result =
 Builder.CreateCallBr(IA, Fallthrough, Transfer, Args);
 EmitBlock(Fallthrough);
Index: clang/include/clang/Basic/DiagnosticCommonKinds.td
===
--- clang/include/clang/Basic/DiagnosticCommonKinds.td
+++ clang/include/clang/Basic/DiagnosticCommonKinds.td
@@ -243,6 +243,10 @@
   def warn_stack_clash_protection_inline_asm : Warning<
 "Unable to protect inline asm that clobbers stack pointer against stack clash">,
 InGroup>;
+
+  def warn_slh_does_not_support_gcc_asm_goto : Warning<
+"speculative load hardening does not support use of GCC asm goto. asm goto "
+"detected with SLH">;
 }
 
 // Sema && Serialization
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79733: [clang][SLH] Add __has_feature(speculative_load_hardening)

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 263247.
zbrid added a comment.

Change langopt type + SpeculativeLoadHardeningEnabled -> 
SpeculativeLoadHardening

This is to match the CodeGenOpt for SLH that already exists and to address
mattdr's feedback.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79733/new/

https://reviews.llvm.org/D79733

Files:
  clang/include/clang/Basic/Features.def
  clang/include/clang/Basic/LangOptions.def
  clang/lib/Driver/ToolChains/Clang.cpp
  clang/lib/Frontend/CompilerInvocation.cpp


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3372,6 +3372,7 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardening = Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5354,8 +5354,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
Index: clang/include/clang/Basic/LangOptions.def
===
--- clang/include/clang/Basic/LangOptions.def
+++ clang/include/clang/Basic/LangOptions.def
@@ -366,6 +366,8 @@
  "Key used for return address signing")
 LANGOPT(BranchTargetEnforcement, 1, 0, "Branch-target enforcement enabled")
 
+LANGOPT(SpeculativeLoadHardening, 1, 0, "Speculative load hardening enabled")
+
 #undef LANGOPT
 #undef COMPATIBLE_LANGOPT
 #undef BENIGN_LANGOPT
Index: clang/include/clang/Basic/Features.def
===
--- clang/include/clang/Basic/Features.def
+++ clang/include/clang/Basic/Features.def
@@ -36,6 +36,7 @@
 #define EXTENSION(Name, Predicate)
 #endif
 
+FEATURE(speculative_load_hardening, LangOpts.SpeculativeLoadHardening)
 FEATURE(address_sanitizer,
 LangOpts.Sanitize.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress))


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3372,6 +3372,7 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardening = Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5354,8 +5354,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
Index: clang/include/clang/Basic/LangOptions.def
===
--- clang/include/clang/Basic/LangOptions.def
+++ clang/include/clang/Basic/LangOptions.def
@@ -366,6 +366,8 @@
  "Key used for return address signing")
 LANGOPT(BranchTargetEnforcement, 1, 0, "Branch-target enforcement enabled")
 
+LANGOPT(SpeculativeLoadHardening, 1, 0, "Speculative load hardening enabled")
+
 #undef LANGOPT
 #undef COMPATIBLE_LANGOPT
 #undef BENIGN_LANGOPT
Index: clang/include/clang/Basic/Features.def
===
--- clang/include/clang/Basic/Features.def
+++ clang/include/clang/Basic/Features.def
@@ -36,6 +36,7 @@
 #define EXTENSION(Name, Predicate)
 #endif
 
+FEATURE(speculative_load_hardening, LangOpts.SpeculativeLoadHardening)
 FEATURE(address_sanitizer,
 LangOpts.Sanitize.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress))
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailm

[PATCH] D79733: [clang][SLH] Add __has_feature(speculative_load_hardening)

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked an inline comment as done.
zbrid added inline comments.



Comment at: clang/lib/Driver/ToolChains/Clang.cpp:5357
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))

This is a style fix only.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79733/new/

https://reviews.llvm.org/D79733



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79733: [clang][SLH] Add __has_feature(speculative_load_hardening)

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked an inline comment as done.
zbrid added inline comments.



Comment at: clang/lib/Driver/ToolChains/Clang.cpp:5357
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))

zbrid wrote:
> This is a style fix only.
Err, I mean the change in this line is only a style fix. The rest of the patch 
is the functional change.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D79733/new/

https://reviews.llvm.org/D79733



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D79733: [clang][SLH] Add __has_feature(speculative_load_hardening)

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: craig.topper, echristo.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
zbrid marked an inline comment as done.
zbrid added inline comments.
zbrid marked an inline comment as done.



Comment at: clang/lib/Driver/ToolChains/Clang.cpp:5357
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))

This is a style fix only.



Comment at: clang/lib/Driver/ToolChains/Clang.cpp:5357
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))

zbrid wrote:
> This is a style fix only.
Err, I mean the change in this line is only a style fix. The rest of the patch 
is the functional change.


SLH doesn't support asm goto and is unlikely to ever support it. Users of asm
goto need a way to choose whether to use asm goto or fallback to an SLH
compatible code path when SLH is enabled. This feature flag will give users
this ability.

Tested via unit test


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D79733

Files:
  clang/include/clang/Basic/Features.def
  clang/include/clang/Basic/LangOptions.def
  clang/lib/Driver/ToolChains/Clang.cpp
  clang/lib/Frontend/CompilerInvocation.cpp


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3372,6 +3372,8 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardeningEnabled =
+  Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5354,8 +5354,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
Index: clang/include/clang/Basic/LangOptions.def
===
--- clang/include/clang/Basic/LangOptions.def
+++ clang/include/clang/Basic/LangOptions.def
@@ -366,6 +366,9 @@
  "Key used for return address signing")
 LANGOPT(BranchTargetEnforcement, 1, 0, "Branch-target enforcement enabled")
 
+BENIGN_LANGOPT(SpeculativeLoadHardeningEnabled, 1, 0,
+   "Speculative load hardening enabled")
+
 #undef LANGOPT
 #undef COMPATIBLE_LANGOPT
 #undef BENIGN_LANGOPT
Index: clang/include/clang/Basic/Features.def
===
--- clang/include/clang/Basic/Features.def
+++ clang/include/clang/Basic/Features.def
@@ -36,6 +36,7 @@
 #define EXTENSION(Name, Predicate)
 #endif
 
+FEATURE(speculative_load_hardening, LangOpts.SpeculativeLoadHardeningEnabled)
 FEATURE(address_sanitizer,
 LangOpts.Sanitize.hasOneOf(SanitizerKind::Address |
SanitizerKind::KernelAddress))


Index: clang/lib/Frontend/CompilerInvocation.cpp
===
--- clang/lib/Frontend/CompilerInvocation.cpp
+++ clang/lib/Frontend/CompilerInvocation.cpp
@@ -3372,6 +3372,8 @@
   }
 
   Opts.BranchTargetEnforcement = Args.hasArg(OPT_mbranch_target_enforce);
+  Opts.SpeculativeLoadHardeningEnabled =
+  Args.hasArg(OPT_mspeculative_load_hardening);
 }
 
 static bool isStrictlyPreprocessorAction(frontend::ActionKind Action) {
Index: clang/lib/Driver/ToolChains/Clang.cpp
===
--- clang/lib/Driver/ToolChains/Clang.cpp
+++ clang/lib/Driver/ToolChains/Clang.cpp
@@ -5354,8 +5354,8 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, options::OPT_mno_speculative_load_hardening,
-   false))
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening,
+   options::OPT_mno_speculative_load_hardening, false))
 CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOpti

[PATCH] D78953: [libcxx][docs][dfsan] Fix rst rendering related typos

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rGc750847e0c3b: [libcxx][docs][dfsan] Fix rst rendering 
related typos (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78953/new/

https://reviews.llvm.org/D78953

Files:
  clang/docs/DataFlowSanitizer.rst


Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -24,13 +24,14 @@
 ==
 
 DFSan requires either all of your code to be instrumented or for uninstrumented
-functions to be listed as``uninstrumented`` in the `ABI list`_.
+functions to be listed as ``uninstrumented`` in the `ABI list`_.
 
 If you'd like to have instrumented libc++ functions, then you need to build it
 with DFSan instrumentation from source. Here is an example of how to build
 libc++ and the libc++ ABI with data flow sanitizer instrumentation.
 
 .. code-block:: console
+
   cd libcxx-build
 
   # An example using ninja


Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -24,13 +24,14 @@
 ==
 
 DFSan requires either all of your code to be instrumented or for uninstrumented
-functions to be listed as``uninstrumented`` in the `ABI list`_.
+functions to be listed as ``uninstrumented`` in the `ABI list`_.
 
 If you'd like to have instrumented libc++ functions, then you need to build it
 with DFSan instrumentation from source. Here is an example of how to build
 libc++ and the libc++ ABI with data flow sanitizer instrumentation.
 
 .. code-block:: console
+
   cd libcxx-build
 
   # An example using ninja
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78953: [libcxx][docs][dfsan] Fix rst rendering related typos

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: ldionne, EricWF.
Herald added subscribers: cfe-commits, dexonsmith.
Herald added a project: clang.

- Fix the code block disappearance problem by adding a new line
- Fix the typo where I forgot a space


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D78953

Files:
  clang/docs/DataFlowSanitizer.rst


Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -24,13 +24,14 @@
 ==
 
 DFSan requires either all of your code to be instrumented or for uninstrumented
-functions to be listed as``uninstrumented`` in the `ABI list`_.
+functions to be listed as ``uninstrumented`` in the `ABI list`_.
 
 If you'd like to have instrumented libc++ functions, then you need to build it
 with DFSan instrumentation from source. Here is an example of how to build
 libc++ and the libc++ ABI with data flow sanitizer instrumentation.
 
 .. code-block:: console
+
   cd libcxx-build
 
   # An example using ninja


Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -24,13 +24,14 @@
 ==
 
 DFSan requires either all of your code to be instrumented or for uninstrumented
-functions to be listed as``uninstrumented`` in the `ABI list`_.
+functions to be listed as ``uninstrumented`` in the `ABI list`_.
 
 If you'd like to have instrumented libc++ functions, then you need to build it
 with DFSan instrumentation from source. Here is an example of how to build
 libc++ and the libc++ ABI with data flow sanitizer instrumentation.
 
 .. code-block:: console
+
   cd libcxx-build
 
   # An example using ninja
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rG0f12480bd13a: [dfsan] Add "DataFlow" option to 
LLVM_USE_SANITIZER (authored by zbrid).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -907,6 +907,8 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,31 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build libc++ with DFSan
+==
+
+DFSan requires either all of your code to be instrumented or for uninstrumented
+functions to be listed as``uninstrumented`` in the `ABI list`_.
+
+If you'd like to have instrumented libc++ functions, then you need to build it
+with DFSan instrumentation from source. Here is an example of how to build
+libc++ and the libc++ ABI with data flow sanitizer instrumentation.
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
+Note: Ensure you are building with a sufficiently new version of Clang.
+
 Usage
 =
 
@@ -33,6 +58,8 @@
 For further information about each function, please refer to the header
 file.
 
+.. _ABI list:
+
 ABI List
 
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

Bug: https://bugs.llvm.org/show_bug.cgi?id=45621


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 258789.
zbrid added a comment.

Rebase


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -907,6 +907,8 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,31 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build libc++ with DFSan
+==
+
+DFSan requires either all of your code to be instrumented or for uninstrumented
+functions to be listed as``uninstrumented`` in the `ABI list`_.
+
+If you'd like to have instrumented libc++ functions, then you need to build it
+with DFSan instrumentation from source. Here is an example of how to build
+libc++ and the libc++ ABI with data flow sanitizer instrumentation.
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
+Note: Ensure you are building with a sufficiently new version of Clang.
+
 Usage
 =
 
@@ -33,6 +58,8 @@
 For further information about each function, please refer to the header
 file.
 
+.. _ABI list:
+
 ABI List
 
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

Gonna land this and file a bug for the failing tests. The tests shouldn't block 
anyone upstream since I'm only adding a build mode. I'll do some more digging 
into those failures in the future.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 258608.
zbrid added a comment.

- Remove dfsan feature based on review comment


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -907,6 +907,8 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,31 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build libc++ with DFSan
+==
+
+DFSan requires either all of your code to be instrumented or for uninstrumented
+functions to be listed as``uninstrumented`` in the `ABI list`_.
+
+If you'd like to have instrumented libc++ functions, then you need to build it
+with DFSan instrumentation from source. Here is an example of how to build
+libc++ and the libc++ ABI with data flow sanitizer instrumentation.
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
+Note: Ensure you are building with a sufficiently new version of Clang.
+
 Usage
 =
 
@@ -33,6 +58,8 @@
 For further information about each function, please refer to the header
 file.
 
+.. _ABI list:
+
 ABI List
 
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/Handle

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 258462.
zbrid added a comment.

Update nit from Matt


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -909,6 +909,9 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
+self.config.available_features.add('dfsan')
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,31 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build libc++ with DFSan
+==
+
+DFSan requires either all of your code to be instrumented or for uninstrumented
+functions to be listed as``uninstrumented`` in the `ABI list`_.
+
+If you'd like to have instrumented libc++ functions, then you need to build it
+with DFSan instrumentation from source. Here is an example of how to build
+libc++ and the libc++ ABI with data flow sanitizer instrumentation.
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
+Note: Ensure you are building with a sufficiently new version of Clang.
+
 Usage
 =
 
@@ -33,6 +58,8 @@
 For further information about each function, please refer to the header
 file.
 
+.. _ABI list:
+
 ABI List
 
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
==

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked an inline comment as done.
zbrid added inline comments.



Comment at: libcxx/utils/libcxx/test/config.py:914
+self.cxx.flags += ['-fsanitize=dataflow']
+self.config.available_features.add('dfsan')
 else:

broadwaylamb wrote:
> I'm not sure we need a new feature if none of the tests actually use the 
> feature.
What is are these features used for? Will not having this mean some tests fail 
as a result of dfsan being enabled?


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 258447.
zbrid added a comment.

Update documentation based on Matt's comments.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -909,6 +909,9 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
+self.config.available_features.add('dfsan')
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,31 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build
+
+
+DFSan requires either all of your code to be instrumented or for uninstrumented
+functions to be listed as``uninstrumented`` in the `ABI list`_.
+
+If you'd like to have instrumented libc++ functions, then you need to build it
+with DFSan instrumentation from source. Here is an example of how to build
+libc++ and the libc++ ABI with data flow sanitizer instrumentation.
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
+Note: Ensure you are building with a sufficiently new version of Clang.
+
 Usage
 =
 
@@ -33,6 +58,8 @@
 For further information about each function, please refer to the header
 file.
 
+.. _ABI list:
+
 ABI List
 
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- 

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 258383.
zbrid added a comment.
Herald added a subscriber: broadwaylamb.

Update config.py to support data flow sanitizer


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  libcxx/utils/libcxx/test/config.py
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/utils/libcxx/test/config.py
===
--- libcxx/utils/libcxx/test/config.py
+++ libcxx/utils/libcxx/test/config.py
@@ -909,6 +909,10 @@
 self.cxx.flags += ['-fsanitize=thread']
 self.config.available_features.add('tsan')
 self.config.available_features.add('sanitizer-new-delete')
+elif san == 'DataFlow':
+self.cxx.flags += ['-fsanitize=dataflow']
+self.config.available_features.add('dfsan')
+self.config.available_features.add('sanitizer-new-delete')
 else:
 self.lit_config.fatal('unsupported value for '
   'use_sanitizer: {0}'.format(san))
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,26 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build
+
+
+Build LLVM/Clang with `CMake `_.
+
+To build libc++ and the libc++ ABI with data flow sanitizer instrumentation:
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
 Usage
 =
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+ 

[PATCH] D78390: [dfsan] Add "DataFlow" option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

Oh I found some lit tests that fail by running `check-cxx`. I'll address that.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D78390/new/

https://reviews.llvm.org/D78390



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D78390: [dfsan] Add dataflow option to LLVM_USE_SANITIZER

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added a reviewer: morehouse.
Herald added subscribers: libcxx-commits, cfe-commits, mgorny.
Herald added projects: clang, libc++.
Herald added a reviewer: libc++.
zbrid added a reviewer: EricWF.
zbrid edited the summary of this revision.

This patch add the dataflow option to LLVM_USE_SANITIZER and documents
it.

I tested this manually by trying it out on my set up. Let me know if that's not 
sufficient.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D78390

Files:
  clang/docs/DataFlowSanitizer.rst
  libcxx/CMakeLists.txt
  llvm/cmake/modules/HandleLLVMOptions.cmake
  llvm/docs/CMake.rst


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, 
``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined 
-fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsanitize=thread)
+elseif (USE_SANITIZER STREQUAL "DataFlow")
+  append_flags(SANITIZER_FLAGS -fsanitize=dataflow)
 else()
   message(WARNING "Unsupported value of LLVM_USE_SANITIZER: 
${USE_SANITIZER}")
 endif()
Index: clang/docs/DataFlowSanitizer.rst
===
--- clang/docs/DataFlowSanitizer.rst
+++ clang/docs/DataFlowSanitizer.rst
@@ -20,6 +20,26 @@
 dynamic data flow analysis framework to be used by clients to help
 detect application-specific issues within their own code.
 
+How to build
+
+
+Build LLVM/Clang with `CMake `_.
+
+To build libc++ and the libc++ ABI with data flow sanitizer instrumentation:
+
+.. code-block:: console
+  cd libcxx-build
+
+  # An example using ninja
+  cmake -GNinja path/to/llvm-project/llvm \
+-DCMAKE_C_COMPILER=clang \
+-DCMAKE_CXX_COMPILER=clang++ \
+-DLLVM_USE_SANITIZER="DataFlow" \
+-DLLVM_ENABLE_LIBCXX=ON \
+-DLLVM_ENABLE_PROJECTS="libcxx;libcxxabi"
+
+  ninja cxx cxxabi
+
 Usage
 =
 


Index: llvm/docs/CMake.rst
===
--- llvm/docs/CMake.rst
+++ llvm/docs/CMake.rst
@@ -422,7 +422,7 @@
 **LLVM_USE_SANITIZER**:STRING
   Define the sanitizer used to build LLVM binaries and tests. Possible values
   are ``Address``, ``Memory``, ``MemoryWithOrigins``, ``Undefined``, ``Thread``,
-  and ``Address;Undefined``. Defaults to empty string.
+  ``DataFlow``, and ``Address;Undefined``. Defaults to empty string.
 
 **LLVM_ENABLE_LTO**:STRING
   Add ``-flto`` or ``-flto=`` flags to the compile and link command
Index: llvm/cmake/modules/HandleLLVMOptions.cmake
===
--- llvm/cmake/modules/HandleLLVMOptions.cmake
+++ llvm/cmake/modules/HandleLLVMOptions.cmake
@@ -728,6 +728,8 @@
 elseif (LLVM_USE_SANITIZER STREQUAL "Thread")
   append_common_sanitizer_flags()
   append("-fsanitize=thread" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
+elseif (LLVM_USE_SANITIZER STREQUAL "DataFlow")
+  append("-fsanitize=dataflow" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
 elseif (LLVM_USE_SANITIZER STREQUAL "Address;Undefined" OR
 LLVM_USE_SANITIZER STREQUAL "Undefined;Address")
   append_common_sanitizer_flags()
Index: libcxx/CMakeLists.txt
===
--- libcxx/CMakeLists.txt
+++ libcxx/CMakeLists.txt
@@ -682,6 +682,8 @@
   append_flags(SANITIZER_FLAGS "-fsanitize=address,undefined -fno-sanitize=vptr,function -fno-sanitize-recover=all")
 elseif (USE_SANITIZER STREQUAL "Thread")
   append_flags(SANITIZER_FLAGS -fsan

[PATCH] D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6]

[Zola Bridges via Phabricator via cfe-commits]

zbrid accepted this revision.
zbrid added a subscriber: jyknight.
zbrid added a comment.
This revision is now accepted and ready to land.

LGTM. I would prefer if an actual LLVM maintainer also gave LGTM. @jyknight, 
@george.burgess.iv, @craig.topper?


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D75936/new/

https://reviews.llvm.org/D75936



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D76458: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [by modifying X86RetpolineThunks.cpp]

[Zola Bridges via Phabricator via cfe-commits]

zbrid added inline comments.



Comment at: llvm/lib/Target/X86/X86.td:437
+: SubtargetFeature<
+  "lvi-cfi", "UseLVIControlFlowIntegrity", "true",
+  "Prevent indirect calls/branches from using a memory operand, and "

Also to follow up on the discussion earlier about SESES using the lvi-cfi 
subtarget feature for mitigating other issues as well.

Would it be possible to rename the subtarget specific to be more generic? I 
came up with a couple options: spex-cfi? speculative execution-cfi? se-cfi? 
side-channel-cfi? I don't know if that's too broad or not precise enough. The 
`lvi-cfi` flag should remain in Clang for sure, but I'd want to enable the 
subtarget feature for SESES which may not be used only for LVI.


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D76458/new/

https://reviews.llvm.org/D76458



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D76458: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [by modifying X86RetpolineThunks.cpp]

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

I commented on the other patch about this before I saw this patch. Thanks for 
putting this up!

I think it looks pretty good, but could you do a more full refactor of the 
retpolinethunks pass in an NFC patch? Then have the LVI functionality added on 
top of that refactored patch?

S




Comment at: llvm/lib/Target/X86/X86Subtarget.h:870
   bool enableIndirectBrExpand() const override {
-return useRetpolineIndirectBranches();
+return useRetpolineIndirectBranches() || useLVIControlFlowIntegrity();
   }

Probably can be changed to checking whether we are using indirect branch 
thunking, etc. I think there were a few other conditionals relating to 
retpolines that may also need to be changed. The renaming you did in the first 
indirect branch pass for some functions (ef EmitLoweredRetpoline -> 
EmitLoweredThunk) should perhaps also be preserved in whatever update you do.


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D76458/new/

https://reviews.llvm.org/D76458



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D75934: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [2/6]

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

I followed up with Chandler about whether it would make sense to integrate this 
with the existing retpolines pass as you and Craig suggested. He supported the 
idea. Could you create a new patch(es) to do the refactor/renaming of the 
retpolines thunking pass and instruction scheduling conditionals to be more 
general and then add the LVI option?


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D75934/new/

https://reviews.llvm.org/D75934



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D75936: Add a Pass to X86 that builds a Condensed CFG for Load Value Injection (LVI) Gadgets [4/6]

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

Thanks for putting this up! Here are a few comments.




Comment at: llvm/lib/Target/X86/ImmutableGraph.h:1
+//==-- ImmutableGraph.h - A fast DAG implementation 
-=//
+//

Might be useful if you add a comment about what makes this a fast DAG impl in 
case someone may want to use it later.



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionLoadHardening.cpp:254
+
+  LLVM_DEBUG(dbgs() << "* " << getPassName() << " : " << MF.getName()
+<< " *\n");

I think this should go at the top of the function.



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionLoadHardening.cpp:271
+// Apply the mitigation to `MF`, return the number of fences inserted.
+// If `FixedLoads` is `true`, then the mitigation will be applied to both fixed
+// and non-fixed loads; otherwise, only non-fixed loads.

Am I misunderstanding this comment? It sounds like if FixedLoads is true then 
BOTH fixed loads and non-fixed loads will be mitigated. Since 
runOnMachineFunction would call hardenLoads twice for non-fixed loads, would 
that result in double mitigation for non-fixed loads in the case where we also 
harden fixed loads? Unfortunately I'm having trouble reasoning through this 
myself, so I'd appreciate some clarification.



Comment at: llvm/test/CodeGen/X86/O0-pipeline.ll:61
+; CHECK-NEXT:   Machine Dominance Frontier Construction
+; CHECK-NEXT:   X86 Load Value Injection (LVI) Load Hardening Pass
 ; CHECK-NEXT:   Lazy Machine Block Frequency Analysis

Remove pass from name since that's typically the convention.


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D75936/new/

https://reviews.llvm.org/D75936



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D75934: Add Indirect Thunk Support to X86 to mitigate Load Value Injection (LVI) [2/6]

[Zola Bridges via Phabricator via cfe-commits]

zbrid added a comment.

Looks great! Thanks for writing this! I had a bunch of nits (sorry!) and a few 
questions, otherwise LGTM. Please wait for sign off from at least one other 
person before submitting.




Comment at: llvm/lib/Target/X86/X86FastISel.cpp:3210
 
   // Functions using retpoline for indirect calls need to use SDISel.
+  if (Subtarget->useRetpolineIndirectCalls() ||

nit: Update comment?



Comment at: llvm/lib/Target/X86/X86FrameLowering.cpp:966
+  if (Is64Bit && IsLargeCodeModel && (STI.useRetpolineIndirectCalls() ||
+  STI.useLVIControlFlowIntegrity()))
 report_fatal_error("Emitting stack probe calls on 64-bit with the large "

Would it make sense to add a separate check for LVI-CFI and have a 
corresponding error message referencing specifically LVI-CFI rather than 
retpolines?

---

I wrote this in several spots, sorry about the repetition.



Comment at: llvm/lib/Target/X86/X86FrameLowering.cpp:2707
 // FIXME: Add retpoline support and remove the error here..
-if (STI.useRetpolineIndirectCalls())
+if (STI.useRetpolineIndirectCalls() || STI.useLVIControlFlowIntegrity())
   report_fatal_error("Emitting morestack calls on 64-bit with the large "

Would it make sense to add a separate check for LVI-CFI and have a 
corresponding error message referencing specifically LVI-CFI rather than 
retpolines?





Comment at: llvm/lib/Target/X86/X86ISelLowering.cpp:30557
 bool X86TargetLowering::areJTsAllowed(const Function *Fn) const {
   // If the subtarget is using retpolines, we need to not generate jump tables.
+  if (Subtarget.useRetpolineIndirectBranches() ||

nit: Update comment to mention LVI-CFI



Comment at: llvm/lib/Target/X86/X86ISelLowering.cpp:31844
 MachineBasicBlock *
 X86TargetLowering::EmitLoweredRetpoline(MachineInstr &MI,
 MachineBasicBlock *BB) const {

Can you change this function name? If I'm understanding this code correctly, 
this no longer only applies to retpoline, but also to LVI thunks, so the naming 
is misleading.



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:79
+
+bool X86LoadValueInjectionIndirectThunksPass::doInitialization(Module &M) {
+  InsertedThunks = false;

I want to make sure I understand this correctly: You use this function to 
initialize InsertedThunks so that, for each module, InsertedThunks is shared 
across all the functions. This enables the Module to ensure the thunk is only 
inserted once. Is that right?



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:87
+  STI = &MF.getSubtarget();
+  if (!(STI->hasSSE2() || STI->is64Bit())) {
+// FIXME: support 32-bit

Why is 32-bit okay if it has SSE2 features? (Asking to understand since my 
processor knowledge is a bit weak. Thanks!)



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:92
+
+  // Don't skip functions with the "optnone" attr but participate in 
opt-bisect.
+  const Function &F = MF.getFunction();

Why did you decide to make this not skip functions with optnone?



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:98
+
+  LLVM_DEBUG(dbgs() << "* " << getPassName() << " : " << MF.getName()
+<< " *\n");

I think this debugging message should be at the top of the function.



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:129
+
+  assert(MF.getName() == "__x86_indirect_thunk_r11" &&
+ "Should only have an r11 thunk on 64-bit targets");

Should this use R11ThunkName instead of this string literal?



Comment at: llvm/lib/Target/X86/X86LoadValueInjectionIndirectThunks.cpp:149
+  // inline.
+  AttrBuilder B;
+  B.addAttribute(llvm::Attribute::NoUnwind);

I see this list is from the retpoline pass. I don't know what each of these 
things do, but just wondering if you double checked these are the same 
attributes we want for this thunk?



Comment at: llvm/lib/Target/X86/X86MCInstLower.cpp:1227
+  if (Subtarget->useRetpolineIndirectCalls() ||
+  Subtarget->useLVIControlFlowIntegrity())
 report_fatal_error("Lowering register statepoints with retpoline not "

Would it make sense to add a separate check for LVI-CFI and have a 
corresponding error message referencing specifically LVI-CFI rather than 
retpolines?





Comment at: llvm/lib/Target/X86/X86MCInstLower.cpp:1407
+if (Subtarget->useRetpolineIndirectCalls() ||
+Subtarget->useLVIControlFlowIntegrity())
   report_fatal_error(

Would it make sense to 

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192873.
zbrid marked an inline comment as done.
zbrid added a comment.

actually fix if statement


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/docs/LangRef.rst
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
+++ llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
@@ -212,6 +212,7 @@
   void hardenIndirectCallOrJumpInstr(
   MachineInstr &MI,
   SmallDenseMap &AddrRegToHardenedReg);
+  bool lowerIntrinsic(MachineFunction &MF);
 };
 
 } // end anonymous namespace
@@ -402,16 +403,20 @@
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
 
-  // Only run if this pass is forced enabled or we detect the relevant function
-  // attribute requesting SLH.
-  if (!EnableSpeculativeLoadHardening &&
-  !MF.getFunction().hasFnAttribute(Attribute::SpeculativeLoadH

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid marked 2 inline comments as done.
zbrid added inline comments.



Comment at: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp:614-628
+  if (Opcode == X86::SpeculationSafeValue32) {
+BuildMI(MBB, NMBBI, DebugLoc(), TII->get(X86::LFENCE));
+++NumInstsInserted;
+++NumLFENCEsInserted;
+MRI->replaceRegWith(MI.getOperand(0).getReg(), 
MI.getOperand(1).getReg());
+MI.eraseFromParent();
+Modified = true;

kristof.beyls wrote:
> The lowering of the intrinsic on a 32 bit and a 64 bit value looks identical 
> to me, so the if statement isn't needed?
Good catch. 


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192870.
zbrid added a comment.

remove unnecessary if in x86 slh intrinsic lowering function


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/docs/LangRef.rst
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
+++ llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
@@ -212,6 +212,7 @@
   void hardenIndirectCallOrJumpInstr(
   MachineInstr &MI,
   SmallDenseMap &AddrRegToHardenedReg);
+  bool lowerIntrinsic(MachineFunction &MF);
 };
 
 } // end anonymous namespace
@@ -402,16 +403,20 @@
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
 
-  // Only run if this pass is forced enabled or we detect the relevant function
-  // attribute requesting SLH.
-  if (!EnableSpeculativeLoadHardening &&
-  !MF.getFunction().hasFnAttribute(Attribute::SpeculativeLoadHarden

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192857.
zbrid added a comment.

remove unnecessary requirement from builtin test


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/docs/LangRef.rst
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
+++ llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
@@ -212,6 +212,7 @@
   void hardenIndirectCallOrJumpInstr(
   MachineInstr &MI,
   SmallDenseMap &AddrRegToHardenedReg);
+  bool lowerIntrinsic(MachineFunction &MF);
 };
 
 } // end anonymous namespace
@@ -402,16 +403,20 @@
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
 
-  // Only run if this pass is forced enabled or we detect the relevant function
-  // attribute requesting SLH.
-  if (!EnableSpeculativeLoadHardening &&
-  !MF.getFunction().hasFnAttribute(Attribute::SpeculativeLoadHardening))
-r

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192852.
zbrid added a comment.

fix test formatting; make target independent intrinsic; add doc


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/docs/LangRef.rst
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
+++ llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
@@ -212,6 +212,7 @@
   void hardenIndirectCallOrJumpInstr(
   MachineInstr &MI,
   SmallDenseMap &AddrRegToHardenedReg);
+  bool lowerIntrinsic(MachineFunction &MF);
 };
 
 } // end anonymous namespace
@@ -402,16 +403,20 @@
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
 
-  // Only run if this pass is forced enabled or we detect the relevant function
-  // attribute requesting SLH.
-  if (!EnableSpeculativeLoadHardening &&
-  !MF.getFunction().hasFnAttribute(Attribute::SpeculativeLoadHar

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192845.
zbrid added a comment.

update with clang-format


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/IntrinsicsX86.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,62 @@
+;
+RUN : llc < % s - mtriple = x86_64 - unknown - linux - gnu | FileCheck % s-- check - prefix = X64
+
+;
+ModuleID = 'hello.cpp' source_filename = "hello.cpp" target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128" target triple = "x86_64-unknown-linux-gnu"
+
+;
+Function Attrs : noinline nounwind optnone uwtable
+ define dso_local i32 @_Z5foo32i(i32 % a) #0 {
+entry:
+  % a.addr = alloca i32, align 4 % b = alloca i32, align 4 % b_safe = alloca i32, align 4 % c = alloca i32, align 4 store i32 % a, i32 * % a.addr, align 4 % 0 = load i32, i32 * % a.addr, align 4 % mul = mul nsw i32 % 0, 100 store i32 % mul, i32 * % b, align 4 % 1 = load i32, i32 * % b, align 4 % 2 = call i32 @llvm.speculationsafevalue.i32(i32 % 1);
+X64:
+  movl - 12(% rbp), % eax;
+X64:
+  lfence;
+X64:
+  movl % eax, -8(% rbp) store i32 % 2, i32 * % b_safe, align 4 % 3 = load i32, i32 * % b_safe, align 4 % add = add nsw i32 % 3, 100 store i32 % add, i32 * % c, align 4 % 4 = load i32, i32 * % c, align 4 ret i32 % 4
+}
+
+;
+Function Attrs : nounwind
+ declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+;
+Function Attrs : noinline nounwind optnone uwtable
+ define dso_local i32 @_Z5foo64i(i32 % a) #0 {
+entry:
+  % a.addr = alloca i32, align 4 % b = alloca i64, align 8 % b_safe = alloca i64, align 8 % c = alloca i64, align 8 store i32 % a, i32 * % a.addr, align 4 % 0 = load i32, i32 * % a.addr, align 4 % mul = mul nsw i32 % 0, 100 % conv = sext i32 % mul to i64 store i64 % conv, i64 * % b, align 8 % 1 = load i64, i64 * % b, align 8 % 2 = call i64 @llvm.speculationsafevalue.i64(i64 % 1);
+X64:
+  movq - 32(% rbp), % rax;
+X64:
+  lfence;
+X64:
+  movq % rax, -24(% rbp) store i64 % 2, i64 * % b_safe, align 8 % 3 = load i64, i64 * % b_safe, align 8 % add = add nsw i64 % 3, 100 store i64 % add, i64 * % c, align 8 % 4 = load i64, i64 * % c, align 8 % conv1 = trunc i64 % 4 to i32 ret i32 % conv1
+}
+
+;
+Function Attrs : nounwind
+ declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+ attributes #0 = {noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math" = "false"
+  "disable-tail-calls" = "false"
+ "less-precise-fpmad" = "false"
+"min-legal-vector-width" = "0"
+   "no-frame-pointer-elim" = "true"
+ "no-frame-pointer-elim-non-leaf"
+ "no-infs-fp-math" = "false"
+  

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid updated this revision to Diff 192297.
zbrid added a comment.
Herald added a subscriber: jsji.

update whitespace in wasm file to match surrounding


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D59827/new/

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/IR/IntrinsicsX86.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
===
--- llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
+++ llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
@@ -212,6 +212,7 @@
   void hardenIndirectCallOrJumpInstr(
   MachineInstr &MI,
   SmallDenseMap &AddrRegToHardenedReg);
+  bool lowerIntrinsic(MachineFunction &MF);
 };
 
 } // end anonymous namespace
@@ -402,16 +403,19 @@
   LLVM_DEBUG(dbgs() << "** " << getPassName() << " : " << MF.getName()
 << " **\n");
 
-  // Only run if this pass is forced enabled or we detect the relevant function
-  // attribute requesting SLH.
-  if (!EnableSpeculativeLoadHardening &&
-  !MF.getFunction().hasFnAt

[PATCH] D59827: [slh] x86 impl of ARM instrinsic for SLH

[Zola Bridges via Phabricator via cfe-commits]

zbrid created this revision.
zbrid added reviewers: chandlerc, kristof.beyls, aaron.ballman, 
devinj.jeanpierre.
Herald added subscribers: llvm-commits, cfe-commits, jdoerfert, jfb, aheejin, 
hiraditya, javed.absar, dschuff.
Herald added projects: clang, LLVM.

This is similar to the work Kristof did for ARM here: 
https://reviews.llvm.org/D49072

For now, I have only implemented the version that lowers the intrinsic using an 
LFENCE. I'm workign on a version that can be lowered as an LFENCE or lowered 
using the control flow speculation available, so users have the option just as 
they do in the ARM patch.

This is intended to add to the discussion rather than be a definitive patch 
relating to the way we will handle spot mitigations as far as the final 
API/implementation in LLVM goes. Any comments about the API, the way 
implemented this, or anything else are welcome.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D59827

Files:
  clang/include/clang/Basic/Builtins.def
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/include/clang/Sema/Sema.h
  clang/lib/CodeGen/CGBuiltin.cpp
  clang/lib/Frontend/InitPreprocessor.cpp
  clang/lib/Sema/SemaChecking.cpp
  clang/test/CodeGen/builtin-speculation-safe-value.c
  clang/test/Preprocessor/init.c
  llvm/include/llvm/CodeGen/ISDOpcodes.h
  llvm/include/llvm/IR/Intrinsics.td
  llvm/include/llvm/IR/IntrinsicsX86.td
  llvm/include/llvm/Target/TargetSelectionDAG.td
  llvm/lib/CodeGen/SelectionDAG/LegalizeIntegerTypes.cpp
  llvm/lib/CodeGen/SelectionDAG/LegalizeTypes.h
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGBuilder.cpp
  llvm/lib/CodeGen/SelectionDAG/SelectionDAGDumper.cpp
  llvm/lib/Target/X86/X86ISelLowering.cpp
  llvm/lib/Target/X86/X86ISelLowering.h
  llvm/lib/Target/X86/X86InstrInfo.td
  llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
  llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll

Index: llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
===
--- /dev/null
+++ llvm/test/CodeGen/X86/speculative-load-hardening-intrinsic.ll
@@ -0,0 +1,71 @@
+; RUN: llc < %s -mtriple=x86_64-unknown-linux-gnu | FileCheck %s --check-prefix=X64
+
+; ModuleID = 'hello.cpp'
+source_filename = "hello.cpp"
+target datalayout = "e-m:e-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo32i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i32, align 4
+  %b_safe = alloca i32, align 4
+  %c = alloca i32, align 4
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  store i32 %mul, i32* %b, align 4
+  %1 = load i32, i32* %b, align 4
+  %2 = call i32 @llvm.speculationsafevalue.i32(i32 %1)
+; X64: movl -12(%rbp), %eax
+; X64: lfence
+; X64: movl %eax, -8(%rbp)
+  store i32 %2, i32* %b_safe, align 4
+  %3 = load i32, i32* %b_safe, align 4
+  %add = add nsw i32 %3, 100
+  store i32 %add, i32* %c, align 4
+  %4 = load i32, i32* %c, align 4
+  ret i32 %4
+}
+
+; Function Attrs: nounwind
+declare i32 @llvm.speculationsafevalue.i32(i32) #1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @_Z5foo64i(i32 %a) #0 {
+entry:
+  %a.addr = alloca i32, align 4
+  %b = alloca i64, align 8
+  %b_safe = alloca i64, align 8
+  %c = alloca i64, align 8
+  store i32 %a, i32* %a.addr, align 4
+  %0 = load i32, i32* %a.addr, align 4
+  %mul = mul nsw i32 %0, 100
+  %conv = sext i32 %mul to i64
+  store i64 %conv, i64* %b, align 8
+  %1 = load i64, i64* %b, align 8
+  %2 = call i64 @llvm.speculationsafevalue.i64(i64 %1)
+; X64: movq -32(%rbp), %rax
+; X64: lfence
+; X64: movq %rax, -24(%rbp)
+  store i64 %2, i64* %b_safe, align 8
+  %3 = load i64, i64* %b_safe, align 8
+  %add = add nsw i64 %3, 100
+  store i64 %add, i64* %c, align 8
+  %4 = load i64, i64* %c, align 8
+  %conv1 = trunc i64 %4 to i32
+  ret i32 %conv1
+}
+
+; Function Attrs: nounwind
+declare i64 @llvm.speculationsafevalue.i64(i64) #1
+
+attributes #0 = { noinline nounwind optnone uwtable "correctly-rounded-divide-sqrt-fp-math"="false" "disable-tail-calls"="false" "less-precise-fpmad"="false" "min-legal-vector-width"="0" "no-frame-pointer-elim"="true" "no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false" "no-jump-tables"="false" "no-nans-fp-math"="false" "no-signed-zeros-fp-math"="false" "no-trapping-math"="false" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+fxsr,+mmx,+sse,+sse2,+x87" "unsafe-fp-math"="false" "use-soft-float"="false" }
+attributes #1 = { nounwind }
+
+!llvm.module.flags = !{!0}
+!llvm.ident = !{!1}
+
+!0 = !{i32 1, !"wchar_size", i32 4}
+!1 = !{!"clang version 9.0.0 (https://github.com/llvm/llvm-project.git 6fd90b5505fe7cddd0fd798fe9608ea0e0325302)"}
Index: llvm/lib/Target/X86/X86SpeculativeLoadHardening.cpp
==

[PATCH] D54909: [clang][slh] add Clang attr no_speculative_load_hardening

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rC351565: [clang][slh] add Clang attr 
no_speculative_load_hardening (authored by zbrid, committed by ).
Herald added a subscriber: cfe-commits.

Changed prior to commit:
  https://reviews.llvm.org/D54909?vs=182060&id=182539#toc

Repository:
  rC Clang

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D54909/new/

https://reviews.llvm.org/D54909

Files:
  include/clang/Basic/Attr.td
  include/clang/Basic/AttrDocs.td
  include/clang/Sema/Sema.h
  lib/CodeGen/CGCall.cpp
  lib/Sema/SemaDecl.cpp
  lib/Sema/SemaDeclAttr.cpp
  test/CodeGen/attr-speculative-load-hardening.cpp
  test/CodeGen/attr-speculative-load-hardening.m
  test/CodeGenCXX/attr-speculative-load-hardening.cpp
  test/CodeGenObjC/attr-speculative-load-hardening.m
  test/Misc/pragma-attribute-supported-attributes-list.test
  test/SemaCXX/attr-no-speculative-load-hardening.cpp
  test/SemaCXX/attr-speculative-load-hardening.cpp

Index: lib/CodeGen/CGCall.cpp
===
--- lib/CodeGen/CGCall.cpp
+++ lib/CodeGen/CGCall.cpp
@@ -1793,8 +1793,6 @@
 if (CodeGenOpts.Backchain)
   FuncAttrs.addAttribute("backchain");
 
-// FIXME: The interaction of this attribute with the SLH command line flag
-// has not been determined.
 if (CodeGenOpts.SpeculativeLoadHardening)
   FuncAttrs.addAttribute(llvm::Attribute::SpeculativeLoadHardening);
   }
@@ -1864,8 +1862,6 @@
   FuncAttrs.addAttribute(llvm::Attribute::NoDuplicate);
 if (TargetDecl->hasAttr())
   FuncAttrs.addAttribute(llvm::Attribute::Convergent);
-if (TargetDecl->hasAttr())
-  FuncAttrs.addAttribute(llvm::Attribute::SpeculativeLoadHardening);
 
 if (const FunctionDecl *Fn = dyn_cast(TargetDecl)) {
   AddAttributesFromFunctionProtoType(
@@ -1910,6 +1906,16 @@
 
   ConstructDefaultFnAttrList(Name, HasOptnone, AttrOnCallSite, FuncAttrs);
 
+  // This must run after constructing the default function attribute list
+  // to ensure that the speculative load hardening attribute is removed
+  // in the case where the -mspeculative-load-hardening flag was passed.
+  if (TargetDecl) {
+if (TargetDecl->hasAttr())
+  FuncAttrs.removeAttribute(llvm::Attribute::SpeculativeLoadHardening);
+if (TargetDecl->hasAttr())
+  FuncAttrs.addAttribute(llvm::Attribute::SpeculativeLoadHardening);
+  }
+
   if (CodeGenOpts.EnableSegmentedStacks &&
   !(TargetDecl && TargetDecl->hasAttr()))
 FuncAttrs.addAttribute("split-stack");
Index: lib/Sema/SemaDecl.cpp
===
--- lib/Sema/SemaDecl.cpp
+++ lib/Sema/SemaDecl.cpp
@@ -2489,6 +2489,10 @@
   else if (const auto *UA = dyn_cast(Attr))
 NewAttr = S.mergeUuidAttr(D, UA->getRange(), AttrSpellingListIndex,
   UA->getGuid());
+  else if (const auto *SLHA = dyn_cast(Attr))
+NewAttr = S.mergeSpeculativeLoadHardeningAttr(D, *SLHA);
+  else if (const auto *SLHA = dyn_cast(Attr))
+NewAttr = S.mergeNoSpeculativeLoadHardeningAttr(D, *SLHA);
   else if (Attr->shouldInheritEvenIfAlreadyPresent() || !DeclHasAttr(D, Attr))
 NewAttr = cast(Attr->clone(S.Context));
 
Index: lib/Sema/SemaDeclAttr.cpp
===
--- lib/Sema/SemaDeclAttr.cpp
+++ lib/Sema/SemaDeclAttr.cpp
@@ -4157,6 +4157,15 @@
   return ::new (Context) MinSizeAttr(Range, Context, AttrSpellingListIndex);
 }
 
+NoSpeculativeLoadHardeningAttr *Sema::mergeNoSpeculativeLoadHardeningAttr(
+Decl *D, const NoSpeculativeLoadHardeningAttr &AL) {
+  if (checkAttrMutualExclusion(*this, D, AL))
+return nullptr;
+
+  return ::new (Context) NoSpeculativeLoadHardeningAttr(
+  AL.getRange(), Context, AL.getSpellingListIndex());
+}
+
 OptimizeNoneAttr *Sema::mergeOptimizeNoneAttr(Decl *D, SourceRange Range,
   unsigned AttrSpellingListIndex) {
   if (AlwaysInlineAttr *Inline = D->getAttr()) {
@@ -4177,6 +4186,15 @@
   AttrSpellingListIndex);
 }
 
+SpeculativeLoadHardeningAttr *Sema::mergeSpeculativeLoadHardeningAttr(
+Decl *D, const SpeculativeLoadHardeningAttr &AL) {
+  if (checkAttrMutualExclusion(*this, D, AL))
+return nullptr;
+
+  return ::new (Context) SpeculativeLoadHardeningAttr(
+  AL.getRange(), Context, AL.getSpellingListIndex());
+}
+
 static void handleAlwaysInlineAttr(Sema &S, Decl *D, const ParsedAttr &AL) {
   if (checkAttrMutualExclusion(S, D, AL))
 return;
@@ -6618,7 +6636,13 @@
 handleSectionAttr(S, D, AL);
 break;
   case ParsedAttr::AT_SpeculativeLoadHardening:
-handleSimpleAttribute(S, D, AL);
+handleSimpleAttributeWithExclusions(S, D,
+AL);
+break;
+  case ParsedAttr::AT_NoSpeculativeLoadHardening:
+handleSimpleAttributeWithExclusions(S, D, AL);
  

[PATCH] D54555: [clang][slh] add attribute for speculative load hardening

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rC347586: [clang][slh] add attribute for speculative load 
hardening (authored by zbrid, committed by ).
Herald added a subscriber: cfe-commits.

Changed prior to commit:
  https://reviews.llvm.org/D54555?vs=175306&id=175308#toc

Repository:
  rC Clang

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D54555/new/

https://reviews.llvm.org/D54555

Files:
  include/clang/Basic/Attr.td
  include/clang/Basic/AttrDocs.td
  lib/CodeGen/CGCall.cpp
  lib/Sema/SemaDeclAttr.cpp
  test/CodeGen/attr-speculative-load-hardening.cpp
  test/CodeGen/attr-speculative-load-hardening.m
  test/SemaCXX/attr-speculative-load-hardening.cpp

Index: lib/CodeGen/CGCall.cpp
===
--- lib/CodeGen/CGCall.cpp
+++ lib/CodeGen/CGCall.cpp
@@ -1791,6 +1791,8 @@
 if (CodeGenOpts.Backchain)
   FuncAttrs.addAttribute("backchain");
 
+// FIXME: The interaction of this attribute with the SLH command line flag
+// has not been determined.
 if (CodeGenOpts.SpeculativeLoadHardening)
   FuncAttrs.addAttribute(llvm::Attribute::SpeculativeLoadHardening);
   }
@@ -1854,6 +1856,8 @@
   FuncAttrs.addAttribute(llvm::Attribute::NoDuplicate);
 if (TargetDecl->hasAttr())
   FuncAttrs.addAttribute(llvm::Attribute::Convergent);
+if (TargetDecl->hasAttr())
+  FuncAttrs.addAttribute(llvm::Attribute::SpeculativeLoadHardening);
 
 if (const FunctionDecl *Fn = dyn_cast(TargetDecl)) {
   AddAttributesFromFunctionProtoType(
Index: lib/Sema/SemaDeclAttr.cpp
===
--- lib/Sema/SemaDeclAttr.cpp
+++ lib/Sema/SemaDeclAttr.cpp
@@ -6373,6 +6373,9 @@
   case ParsedAttr::AT_Section:
 handleSectionAttr(S, D, AL);
 break;
+  case ParsedAttr::AT_SpeculativeLoadHardening:
+handleSimpleAttribute(S, D, AL);
+break;
   case ParsedAttr::AT_CodeSeg:
 handleCodeSegAttr(S, D, AL);
 break;
Index: include/clang/Basic/AttrDocs.td
===
--- include/clang/Basic/AttrDocs.td
+++ include/clang/Basic/AttrDocs.td
@@ -3629,3 +3629,27 @@
 ``-std=c89``, ``-std=c94``, or ``-fgnu89-inline``.
   }];
 }
+
+def SpeculativeLoadHardeningDocs : Documentation {
+  let Category = DocCatFunction;
+  let Content = [{
+  This attribute can be applied to a function declaration in order to indicate
+  that `Speculative Load Hardening `_
+  should be enabled for the function body. This can also be applied to a method
+  in Objective C.
+
+  Speculative Load Hardening is a best-effort mitigation against
+  information leak attacks that make use of control flow
+  miss-speculation - specifically miss-speculation of whether a branch
+  is taken or not. Typically vulnerabilities enabling such attacks are
+  classified as "Spectre variant #1". Notably, this does not attempt to
+  mitigate against miss-speculation of branch target, classified as
+  "Spectre variant #2" vulnerabilities.
+
+  When inlining, the attribute is sticky. Inlining a function that
+  carries this attribute will cause the caller to gain the
+  attribute. This is intended to provide a maximally conservative model
+  where the code in a function annotated with this attribute will always
+  (even after inlining) end up hardened.
+  }];
+}
Index: include/clang/Basic/Attr.td
===
--- include/clang/Basic/Attr.td
+++ include/clang/Basic/Attr.td
@@ -3091,3 +3091,9 @@
   let Subjects = SubjectList<[Var]>;
   let Documentation = [AlwaysDestroyDocs];
 }
+
+def SpeculativeLoadHardening : InheritableAttr {
+  let Spellings = [Clang<"speculative_load_hardening">];
+  let Subjects = SubjectList<[Function, ObjCMethod], ErrorDiag>;
+  let Documentation = [SpeculativeLoadHardeningDocs];
+}
Index: test/SemaCXX/attr-speculative-load-hardening.cpp
===
--- test/SemaCXX/attr-speculative-load-hardening.cpp
+++ test/SemaCXX/attr-speculative-load-hardening.cpp
@@ -0,0 +1,34 @@
+// RUN: %clang_cc1 -std=c++11 -fsyntax-only -verify %s
+
+int i __attribute__((speculative_load_hardening)); // expected-error {{'speculative_load_hardening' attribute only applies to functions}}
+
+void f1() __attribute__((speculative_load_hardening));
+void f2() __attribute__((speculative_load_hardening(1))); // expected-error {{'speculative_load_hardening' attribute takes no arguments}}
+
+template 
+void tf1() __attribute__((speculative_load_hardening));
+
+int f3(int __attribute__((speculative_load_hardening)), int); // expected-error {{'speculative_load_hardening' attribute only applies to functions}}
+
+struct A {
+  int f __attribute__((speculative_load_hardening));  // expected-error {{'speculative_load_hardening' attribute only applies to functions}}
+  void mf1()

[PATCH] D54763: [clang][slh] Forward mSLH only to Clang CC1

[Zola Bridges via Phabricator via cfe-commits]

This revision was automatically updated to reflect the committed changes.
Closed by commit rC347582: [clang][slh] Forward mSLH only to Clang CC1 
(authored by zbrid, committed by ).
Herald added a subscriber: cfe-commits.

Changed prior to commit:
  https://reviews.llvm.org/D54763?vs=174813&id=175286#toc

Repository:
  rC Clang

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D54763/new/

https://reviews.llvm.org/D54763

Files:
  lib/Driver/ToolChains/Clang.cpp
  test/CodeGen/attr-speculative-load-hardening.c


Index: test/CodeGen/attr-speculative-load-hardening.c
===
--- test/CodeGen/attr-speculative-load-hardening.c
+++ test/CodeGen/attr-speculative-load-hardening.c
@@ -1,4 +1,5 @@
 // RUN: %clang_cc1 -mspeculative-load-hardening -disable-llvm-passes 
-emit-llvm %s -o - | FileCheck %s -check-prefix=SLH
+// RUN: %clang -mno-speculative-load-hardening -S -emit-llvm %s -o - | 
FileCheck %s -check-prefix=NOSLH
 //
 // Check that we set the attribute on each function.
 
@@ -8,3 +9,7 @@
 // SLH: @{{.*}}test1{{.*}}[[SLH:#[0-9]+]]
 
 // SLH: attributes [[SLH]] = { {{.*}}speculative_load_hardening{{.*}} }
+
+// NOSLH: @{{.*}}test1{{.*}}[[NOSLH:#[0-9]+]]
+
+// NOSLH-NOT: attributes [[SLH]] = { {{.*}}speculative_load_hardening{{.*}} }
Index: lib/Driver/ToolChains/Clang.cpp
===
--- lib/Driver/ToolChains/Clang.cpp
+++ lib/Driver/ToolChains/Clang.cpp
@@ -4452,8 +4452,9 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  Args.AddLastArg(CmdArgs, options::OPT_mspeculative_load_hardening,
-  options::OPT_mno_speculative_load_hardening);
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, 
options::OPT_mno_speculative_load_hardening,
+   false))
+CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
 


Index: test/CodeGen/attr-speculative-load-hardening.c
===
--- test/CodeGen/attr-speculative-load-hardening.c
+++ test/CodeGen/attr-speculative-load-hardening.c
@@ -1,4 +1,5 @@
 // RUN: %clang_cc1 -mspeculative-load-hardening -disable-llvm-passes -emit-llvm %s -o - | FileCheck %s -check-prefix=SLH
+// RUN: %clang -mno-speculative-load-hardening -S -emit-llvm %s -o - | FileCheck %s -check-prefix=NOSLH
 //
 // Check that we set the attribute on each function.
 
@@ -8,3 +9,7 @@
 // SLH: @{{.*}}test1{{.*}}[[SLH:#[0-9]+]]
 
 // SLH: attributes [[SLH]] = { {{.*}}speculative_load_hardening{{.*}} }
+
+// NOSLH: @{{.*}}test1{{.*}}[[NOSLH:#[0-9]+]]
+
+// NOSLH-NOT: attributes [[SLH]] = { {{.*}}speculative_load_hardening{{.*}} }
Index: lib/Driver/ToolChains/Clang.cpp
===
--- lib/Driver/ToolChains/Clang.cpp
+++ lib/Driver/ToolChains/Clang.cpp
@@ -4452,8 +4452,9 @@
 
   Args.AddLastArg(CmdArgs, options::OPT_pthread);
 
-  Args.AddLastArg(CmdArgs, options::OPT_mspeculative_load_hardening,
-  options::OPT_mno_speculative_load_hardening);
+  if (Args.hasFlag(options::OPT_mspeculative_load_hardening, options::OPT_mno_speculative_load_hardening,
+   false))
+CmdArgs.push_back(Args.MakeArgString("-mspeculative-load-hardening"));
 
   RenderSSPOptions(TC, Args, CmdArgs, KernelOrKext);
 
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits