Manually patch ret instruction for LVI #359
Conversation
jethrogb
force-pushed
the
sgx-lvi-hardening
branch
from
0323704
to
b0c9cd8
Compare
|
To avoid on the |
|
I may have misunderstood, are you suggesting to duplicate the whole 50-line function? That seems like unnecessary duplication to me and it would also introduce the risk that only one of the two functions would get updated when needed. |
|
Yes, that is what I'm suggesting. I'm not sure this function has changed since it was added, and it's easy enough that if a substantial change happens it's mirrored elsewhere. This crate already suffers from lots of |
jethrogb
force-pushed
the
sgx-lvi-hardening
branch
from
b0c9cd8
to
f8ec557
Compare
|
Updated as requested |
| @@ -163,6 +168,69 @@ global_asm!(define_rust_probestack!( | |||
| " | |||
| )); | |||
|
|
|||
| // This function is the same as above, except that some instructions are | |||
There was a problem hiding this comment.
Actually it may be reasonable for SGX to have its own implementation in the future because it likely knows a priori how big the stack is. We'll leave that for a future change though.
…enkov Enable LVI hardening for x86_64-fortanix-unknown-sgx This implements mitigations for the Load Value Injection vulnerability (CVE-2020-0551) for the `x86_64-fortanix-unknown-sgx` target by enabling new LLVM passes. More information about LVI and mitigations may be found at https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection. This PR unconditionally enables the mitigations for `x86_64-fortanix-unknown-sgx` since there is no available hardware that doesn't require the mitigations. This may be reconsidered in the future. * [x] This depends on rust-lang/compiler-builtins#359
In order to land rust-lang/rust#72655 this change needs to be applied.
More info on the change: https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions