This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre
On Wed, Jan 10, 2018 at 2:18 AM, Eric Botcazou <ebotcazou@adacore.com> wrote:
>> It's really just a couple of new primitives to emit a jump as a call and
>> one to slam in a new return address. Given those I think you can do the
>> entire implementation as RTL at expansion time and you've got a damn
>> good shot at protecting most architectures from these kinds of attacks.
>
> I think that you're a bit optimistic here and that implementing a generic and
> robust framework at the RTL level might require some time. Given the time and
> (back-)portability constraints, it might be wiser to rush into architecture-
> specific countermeasures than to rush into an half-backed RTL framework.
>
We have tried to implement this in target-independent IR with a different
compiler. We run into a couple issues:
1. Some optimizations aren't performed since optimizers don't understand
our code sequences.
2. Some passes insert instructions between our code sequences, which
leads to invalid codes.
All of them can be resolved, given enough time. I don't know how long
it will take to make generic RTL approach as robust as x86 backend
specific implementation, which just converts indirect branch and return
to different functional equivalent code sequences.
--
H.J.