This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre

From: Florian Weimer <fw at deneb dot enyo dot de>
To: "H.J. Lu" <hjl dot tools at gmail dot com>
Cc: gcc-patches at gcc dot gnu dot org
Date: Mon, 08 Jan 2018 09:27:02 +0100
Subject: Re: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre
Authentication-results: sourceware.org; auth=none
References: <20180107225904.11535-1-hjl.tools@gmail.com>

* H. J. Lu:

> This set of patches for GCC 8 mitigates variant #2 of the
> speculative execution vulnerabilities on x86 processors identified
> by CVE-2017-5715, aka Spectre.  They convert indirect branches to
> call and return thunks to avoid speculative execution via indirect
> call and jmp.

Would it make sense to add a mode which relies on an empty return
stack cache?  Or will CPUs use the regular branch predictor if the
return stack is empty?

With an empty return stack cache and no branch predictor, a simple
PUSH/RET sequence cannot be predicted, so the complex CALL sequence
with a speculation barrier is not needed.

Follow-Ups:
- Re: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre
  - From: David Woodhouse

References:
- [PATCH 0/5] x86: CVE-2017-5715, aka Spectre
  - From: H.J. Lu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]