[Bug target/86777] Bfin port needs updating for CVE-2017-5753
rearnsha at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Aug 15 10:48:00 GMT 2018
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86777
--- Comment #2 from Richard Earnshaw <rearnsha at gcc dot gnu.org> ---
I don't think you could do that through the API provided by this patch set; but
it's not really appropriate for this case.
I'm not familiar with the bfin architecture so cannot comment on what the best
approach is, but it seems to me you have several options.
Use the speculation barrier not needed hook - this might apply if the
speculation is so limited that the CPU is not vulnerable to Spectre style
attacks.
Use the barrier anyway - this might apply if the processor vendor has defined a
barrier operation for this architecture, even if current implementations do not
need it (it might anticipate a new implementation that does need it).
Write a custom pass to handle it - from your description it looks like emitting
a NOP after every conditional branch may be sufficient to completely eliminate
the problem.
I created this PR because only the port maintainers (perhaps in discussion with
the manufacturers) can really decide what the best approach to handling this
issue must be.
More information about the Gcc-bugs
mailing list