[PATCH 0/5] x86: CVE-2017-5715, aka Spectre
Richard Biener
richard.guenther@gmail.com
Wed Jan 10 13:12:00 GMT 2018
On Wed, Jan 10, 2018 at 11:18 AM, Eric Botcazou <ebotcazou@adacore.com> wrote:
>> It's really just a couple of new primitives to emit a jump as a call and
>> one to slam in a new return address. Given those I think you can do the
>> entire implementation as RTL at expansion time and you've got a damn
>> good shot at protecting most architectures from these kinds of attacks.
>
> I think that you're a bit optimistic here and that implementing a generic and
> robust framework at the RTL level might require some time. Given the time and
> (back-)portability constraints, it might be wiser to rush into architecture-
> specific countermeasures than to rush into an half-backed RTL framework.
Let me also say that while it might be nice to commonize code introducing these
mitigations as late as possible to not disrupt optimization is important. So I
don't see a very strong motivation in trying very hard to make this more
middle-endish, apart from maybe sharing helper functions where possible.
Richard.
> --
> Eric Botcazou
More information about the Gcc-patches
mailing list