[llvm-dev] retpoline mitigation and 6.0
Ed Maste via llvm-dev
llvm-dev at lists.llvm.org
Wed Feb 7 10:15:31 PST 2018
On 6 February 2018 at 19:56, Chandler Carruth via llvm-dev
<llvm-dev at lists.llvm.org> wrote:
>
> I'm strongly of the opinion that I think Arjan expressed:
>
> - retpoline alone is probably fine with sufficient RSB stuffing patches in
> the kernel
> - if some folks are worried about the security risk here and running on SKX,
> they should use IBRS.
>
> Given the speed of IBRS on SKX and the complexity & runtime hit of thunking
> ret, I really don't see a good motivation for us teaching the compiler how
> to do this.
As far as Clang-compiled kernels are concerned I suspect FreeBSD has
the biggest footprint, so this is very important to us. I'm still
waiting on feedback about this point (retpoline vs IBRS on SKX), but I
expect we will go down the path that you describe above.
We have yet to implement retpoline changes in kernel asm but will do
so soon, so very much want to have a final implementation.
It also seems that we still have a lone register-indirect call
remaining (coming from a C source file) when everything is compiled
with -mretpoline; I'm looking into it.
More information about the llvm-dev
mailing list