[llvm-dev] retpoline mitigation and 6.0

David Woodhouse via llvm-dev llvm-dev at lists.llvm.org
Tue Feb 6 16:21:35 PST 2018


On Wed, 2018-02-07 at 00:16 +0000, Chandler Carruth wrote:
> > At this point, what we really want is for identical thunks to have
> > identical names — just like we do for builtins and other stuff, to
> > avoid having differences between clang and GCC which just end up
> > seeming capricious and being hard to work around. Having matching
> > command line options would be a bonus, but isn't imperative.
> > 
> After talking to several others (to make sure we don't have to do
> this whole thing yet again) we'll change the external thunk names to
> match what GCC is using. Hopefully this doesn't come back to bite us.
> =]
> 
> We'll also make sure those patches get backported too so that no
> released versions have the old behavior.
Thank you.
For reference, is there a way to turn *off* the retpoline which has
been enabled on the command line? 
For init functions which run only at startup before any attacker can be
in the system, we currently mark the function
__attribute__((indirect_thunk("keep"))). Is there a clang equivalent?
It's not particularly important; a minor optimisation we can live
without if we have to. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20180207/a6b35769/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5213 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20180207/a6b35769/attachment.bin>


More information about the llvm-dev mailing list