[llvm-branch-commits] [cfe-branch] r326540 - Add some minimal release notes for retpolines.

Chandler Carruth via llvm-branch-commits llvm-branch-commits at lists.llvm.org
Thu Mar 1 21:49:03 PST 2018 

Author: chandlerc
Date: Thu Mar  1 21:49:03 2018
New Revision: 326540

URL: http://llvm.org/viewvc/llvm-project?rev=326540&view=rev
Log:
Add some minimal release notes for retpolines.

Modified:
    cfe/branches/release_60/docs/ReleaseNotes.rst

Modified: cfe/branches/release_60/docs/ReleaseNotes.rst
URL: http://llvm.org/viewvc/llvm-project/cfe/branches/release_60/docs/ReleaseNotes.rst?rev=326540&r1=326539&r2=326540&view=diff
==============================================================================
--- cfe/branches/release_60/docs/ReleaseNotes.rst (original)
+++ cfe/branches/release_60/docs/ReleaseNotes.rst Thu Mar  1 21:49:03 2018
@@ -51,6 +51,12 @@ Non-comprehensive list of changes in thi
   ``__is_target_vendor``, ``__is_target_os``, and ``__is_target_environment``
   can be used to to examine the individual components of the target triple.
 
+- Support for `retpolines <https://support.google.com/faqs/answer/7625886>`_
+  was added to help mitigate "branch target injection" (variant #2) of the
+  "Spectre" speculative side channels described by `Project Zero
+  <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>`_
+  and the `Spectre paper <https://spectreattack.com/spectre.pdf>`_.
+
 
 Improvements to Clang's diagnostics
 -----------------------------------
@@ -138,6 +144,18 @@ New Compiler Flags
 - New ``-nostdlib++`` flag to disable linking the C++ standard library. Similar
   to using ``clang`` instead of ``clang++`` but doesn't disable ``-lm``.
 
+- Clang supports the ``-mretpoline`` flag to enable `retpolines
+  <https://support.google.com/faqs/answer/7625886>`_. Code compiled with this
+  flag will be hardened against variant #2 of the Spectre attack. Indirect
+  branches from switches or gotos removed from the code, and indirect calls
+  will be made through a "retpoline" thunk. The necessary thunks will
+  automatically be inserted into the generated code. Clang also supports
+  ``-mretpoline-external-thunk`` which works like ``-mretpoline`` but requires
+  the user to provide their own thunk definitions. The external thunk names
+  start with ``__x86_indirect_thunk_`` and end in a register name. For 64-bit
+  platforms, only an ``r11`` thunk is used, but for 32-bit platforms ``eax``,
+  ``ecx``, ``edx``, and ``edi`` thunks are used.
+
 
 Attribute Changes in Clang
 --------------------------

More information about the llvm-branch-commits mailing list