Load Value Injection (LVI) Mitigation for X86

Hello LLVM Community,

Today, a new vulnerability called Load Value Injection (LVI) has been disclosed.

A brief document describing the vulnerability can be found here: https://software.intel.com/security-software-guidance/software-guidance/load-value-injection

A more detailed document can be found here: https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection

A complete patch to LLVM has been pushed to Phabricator: https://reviews.llvm.org/D75938

The complete patch has been decomposed into 5 sub-patches:

https://reviews.llvm.org/D75932

https://reviews.llvm.org/D75934

https://reviews.llvm.org/D75935

https://reviews.llvm.org/D75936

https://reviews.llvm.org/D75937

A plugin that uses the SYMPHONY Mixed Integer-Linear Programming (MILP) solver to provide optimal mitigation can be found here: https://github.com/intel/lvi-llvm-optimization-plugin

(If this link does not work, then the following link might: https://github.com/intel/LLVM-Optimization-Plugin)

A document describing the optimization in more detail will also be published shortly.

Thanks and Regards,

Scott Constable

The document describing the MILP optimization for Load Value Injection (LVI) can now be found here:

https://software.intel.com/security-software-guidance/insights/optimized-mitigation-approach-load-value-injection

Thanks,

Scott Constable