diff options
| author | Zola Bridges <zbrid@google.com> | 2018-11-27 02:22:00 +0000 |
|---|---|---|
| committer | Zola Bridges <zbrid@google.com> | 2018-11-27 02:22:00 +0000 |
| commit | 0b35afd79d4cfbddbb54de76b262d7213a3a418d (patch) | |
| tree | 179accf21d5a18ada934b6e2e064994a95f69ad0 /llvm/docs/LangRef.rst | |
| parent | 5cec19dc1aabeda486aa47845f82fb67a5a899b4 (diff) | |
| download | bcm5719-llvm-0b35afd79d4cfbddbb54de76b262d7213a3a418d.tar.gz bcm5719-llvm-0b35afd79d4cfbddbb54de76b262d7213a3a418d.zip | |
Revert "[clang][slh] add attribute for speculative load hardening"
until I figure out why the build is failing or timing out
***************************
Summary:
The prior diff had to be reverted because there were two tests
that failed. I updated the two tests in this diff
clang/test/Misc/pragma-attribute-supported-attributes-list.test
clang/test/SemaCXX/attr-speculative-load-hardening.cpp
LLVM IR already has an attribute for speculative_load_hardening. Before
this commit, when a user passed the -mspeculative-load-hardening flag to
Clang, every function would have this attribute added to it. This Clang
attribute will allow users to opt into SLH on a function by function
basis.
This can be applied to functions and Objective C methods.
Reviewers: chandlerc, echristo, kristof.beyls, aaron.ballman
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D54915
This reverts commit a5b3c232d1e3613f23efbc3960f8e23ea70f2a79.
(r347617)
llvm-svn: 347628
Diffstat (limited to 'llvm/docs/LangRef.rst')
| -rw-r--r-- | llvm/docs/LangRef.rst | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/llvm/docs/LangRef.rst b/llvm/docs/LangRef.rst index fa85b6e6ee7..7ec157fb73c 100644 --- a/llvm/docs/LangRef.rst +++ b/llvm/docs/LangRef.rst @@ -1643,15 +1643,19 @@ example: ``speculative_load_hardening`` This attribute indicates that `Speculative Load Hardening <https://llvm.org/docs/SpeculativeLoadHardening.html>`_ - should be enabled for the function body. - - Speculative Load Hardening is a best-effort mitigation against - information leak attacks that make use of control flow - miss-speculation - specifically miss-speculation of whether a branch - is taken or not. Typically vulnerabilities enabling such attacks are - classified as "Spectre variant #1". Notably, this does not attempt to - mitigate against miss-speculation of branch target, classified as - "Spectre variant #2" vulnerabilities. + should be enabled for the function body. This is a best-effort attempt to + mitigate all known speculative execution information leak vulnerabilities + that are based on the fundamental principles of modern processors' + speculative execution. These vulnerabilities are classified as "Spectre + variant #1" vulnerabilities typically. Notably, this does not attempt to + mitigate any vulnerabilities where the speculative execution and/or + prediction devices of specific processors can be *completely* undermined + (such as "Branch Target Injection", a.k.a, "Spectre variant #2"). Instead, + this is a target-independent request to harden against the completely + generic risk posed by speculative execution to incorrectly load secret data, + making it available to some micro-architectural side-channel for information + leak. For a processor without any speculative execution or predictors, this + is expected to be a no-op. When inlining, the attribute is sticky. Inlining a function that carries this attribute will cause the caller to gain the attribute. This is intended |
