This revision was landed with ongoing or failed builds.
This revision was automatically updated to reflect the committed changes.
Closed by commit rG1bd5ea968e92: [ARM] Mitigate the cve-2021-35465 security
vulnurability. (authored by labrinea).
Repository:
rG LLVM Github Monorepo
CHANGES
lenary accepted this revision.
lenary added a comment.
This revision is now accepted and ready to land.
LGTM, but the most recent way of implementing this (using target features) was
something I suggested to Alexandros based on @ostannard's feedback about LTO. I
think it is cleaner, and this
labrinea updated this revision to Diff 372677.
labrinea added a comment.
Changes in this revision:
- added `-verify-machineinstrs` to the tests
- that yield two bugs that I had to address:
*** Bad machine code: Explicit operand marked as def ***
- function:func
- basic block: %bb.0
labrinea updated this revision to Diff 372674.
labrinea added a comment.
Changes in this revision:
- Replaced the backend option that enables the mitigation with a subtarget
feature so that it works with LTO (@lenary thanks for the offline hint)
- Enabled the subtarget feature on the affected
labrinea added a comment.
@ostannard, can you explain what you meant with supporting LTO? I didn't quite
undestand. Are you happy with the rest of the changes?
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D109157/new/
https://reviews.llvm.org/D109157
SjoerdMeijer added inline comments.
Comment at: llvm/test/CodeGen/ARM/cmse-cve-2021-35465-return.ll:6
+; RUN: FileCheck %s --check-prefix=CHECK-8M-FP-CVE-2021-35465
+
+%indirect = type { double, double, double, double, double, double, double,
double }
As
SjoerdMeijer added a comment.
The driver part looks good to me. I will let Oli do the approval as he also
looked at the codegen (and I didn't).
Comment at: clang/include/clang/Driver/Options.td:3274
+ Group,
+ HelpText<"Work around VLLDM erratum CVE-2021-35465 (Arm only)">;
labrinea updated this revision to Diff 371083.
labrinea added a comment.
Changes in this revision:
- renamed fix_cve_2021_35465 to Fix_CVE_2021_35465
- added more Driver tests to cover the use of -mfix-cmse-cve-2021-35465 with
-mno-fix-cmse-cve-2021-35465
- fixed code indentation
CHANGES
SjoerdMeijer added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1666
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
+ CmdArgs.push_back("-arm-fix-cmse-cve-2021-35465=1");
labrinea marked 4 inline comments as done and 6 inline comments as done.
labrinea added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1666
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
+
SjoerdMeijer added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1646
- if (Args.getLastArg(options::OPT_mcmse))
+ bool fix_cve_2021_35465 = false;
+ if (Args.getLastArg(options::OPT_mcmse)) {
Nit: capital F in variable name.
labrinea updated this revision to Diff 371028.
labrinea added a comment.
Changes in this revision:
- pass the -arm-fix-cmse-cve-2021-35465 option once
- document -m(no)fix-cmse-cve-2021-35465 in ClangCommandLineReference.rst
- add clang tests with the mitigation expicitely disabled on affected
labrinea added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1665
+
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
ostannard wrote:
> ostannard wrote:
> > labrinea wrote:
> > >
ostannard added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1665
+
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
ostannard wrote:
> labrinea wrote:
> > ostannard wrote:
> > > Are
ostannard added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1665
+
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
labrinea wrote:
> ostannard wrote:
> > Are these optional also
labrinea added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1665
+
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
ostannard wrote:
> Are these optional also being passed through to
SjoerdMeijer added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1666
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
+ CmdArgs.push_back("-arm-fix-cmse-cve-2021-35465=1");
If
ostannard added inline comments.
Comment at: clang/lib/Driver/ToolChains/Clang.cpp:1665
+
+CmdArgs.push_back("-mllvm");
+if (A->getOption().matches(options::OPT_mfix_cmse_cve_2021_35465))
Are these optional also being passed through to the linker when
labrinea created this revision.
labrinea added reviewers: llvm-commits, momchil.velikov.
Herald added subscribers: dang, hiraditya, kristof.beyls.
labrinea requested review of this revision.
Herald added projects: clang, LLVM.
Herald added a subscriber: cfe-commits.
Recently a vulnerability issue
19 matches
Mail list logo
