Closed
Description
Warnings generated by LLVM in inline assembly are reported by rustc as errors.
For example:
#![feature(asm, llvm_asm)]
fn main() {
unsafe{
asm!("call *(%rax)", options(att_syntax));
llvm_asm!("call *(%rax)");
}
}Compile with today's nightly or newer: rustc +nightly --target x86_64-fortanix-unknown-sgx test.rs. You'll get these errors:
error: Instruction may be vulnerable to LVI and requires manual mitigation
--> test.rs:4:15
|
4 | asm!("call *(%rax)", options(att_syntax));
| ^
|
note: instantiated into assembly here
--> <inline asm>:1:2
|
1 | call *(%rax)
| ^
error: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
error: Instruction may be vulnerable to LVI and requires manual mitigation
--> test.rs:5:9
|
5 | llvm_asm!("call *(%rax)");
| ^
|
note: instantiated into assembly here
--> <inline asm>:1:2
|
1 | call *(%rax)
| ^
error: aborting due to 3 previous errors
However, when using clang, these are reported as warnings. For example:
asm("call *(%rax)");Compile with a recent Clang nightly: clang-11 -mlvi-hardening -mllvm -x86-experimental-lvi-inline-asm-hardening -c test.c. You'll get this warning:
<inline asm>:1:1: warning: Instruction may be vulnerable to LVI and requires manual mitigation [-Winline-asm]
call *(%rax)
^
note: See https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection#specialinstructions for more information
1 warning generated.
Note this issue has nothing to do with SGX/LVI, it's just a convenient way to trigger the assembler warnings.