From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by sourceware.org (Postfix) with ESMTPS id 16BB73857C58 for ; Tue, 1 Feb 2022 07:21:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 16BB73857C58 Received: by mail-ed1-x534.google.com with SMTP id u18so31924323edt.6 for ; Mon, 31 Jan 2022 23:21:26 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3eabe22T8QrZ1cbEKHfys1ZUfdVG+V03rCLMYaljzrM=; b=B9P26T7GRabS5Uqu5MrROT2Mrl3e+dTr41aju2/HlDTXdg7WXcfCG9p/c7PNA/Ne5v 3VcdOcmfSVe5noQKUT6YT9qQJsYz/60cP15WY8L5zmTalijZCMxOmevVz10irDeLF3fs MU0AYu92Hgt87qVwvTO0PcmMrTETB4qPtda/qyFU62Q1o9CZ/FfFNyjDiPeQgsArbsQ9 PNYf0GZdRVbgp1K69YcGjkYYCP9DROEvAPnH7+Opsa4kKkFpx5uvm55aI6nFh/zWZkww KDUxu9wY7hIkSK4KlMFHM+5ZyDKCZH23aX6X+A/jp1VNzR6fH4u/WtIfkYT8udhwixB6 sVKA== X-Gm-Message-State: AOAM533ZTfSn+keIzNNdoRZCbhD2kH3Ki6rG2s4nu2COpLFYGLwJFJzV rWhvxgp1Q90JIFktmnqm0lOaDPLK1YRS272uzrm5Qdk5 X-Google-Smtp-Source: ABdhPJyBUN9g5CW3e6rM7Voc4ZKwdE7hdQhx9i65TfO0rvJDWkV/JaRInfsIKW6tP5dxi2NCtodThqwNV+bBpirKmUM= X-Received: by 2002:a05:6402:908:: with SMTP id g8mr24060088edz.4.1643700085189; Mon, 31 Jan 2022 23:21:25 -0800 (PST) MIME-Version: 1.0 References: <20220131185528.619688-1-hjl.tools@gmail.com> In-Reply-To: <20220131185528.619688-1-hjl.tools@gmail.com> From: Richard Biener Date: Tue, 1 Feb 2022 08:21:14 +0100 Message-ID: Subject: Re: [GCC 11 PATCH 0/5] x86: Backport straight-line-speculation mitigation To: "H.J. Lu" Cc: GCC Patches , Uros Bizjak Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Feb 2022 07:21:27 -0000 On Mon, Jan 31, 2022 at 7:56 PM H.J. Lu via Gcc-patches wrote: > > Backport -mindirect-branch-cs-prefix: LGTM in case a x86 maintainer also acks this. Can you amend the 10.3 release gcc-11/changes.html notes accordingly? Thanks, Richard. > commit 48a4ae26c225eb018ecb59f131e2c4fd4f3cf89a > Author: H.J. Lu > Date: Wed Oct 27 06:27:15 2021 -0700 > > x86: Add -mindirect-branch-cs-prefix > > Add -mindirect-branch-cs-prefix to add CS prefix to call and jmp to > indirect thunk with branch target in r8-r15 registers so that the call > and jmp instruction length is 6 bytes to allow them to be replaced with > "lfence; call *%r8-r15" or "lfence; jmp *%r8-r15" at run-time. > > commit 63738e176726d31953deb03f7e32cf8b760735ac > Author: H.J. Lu > Date: Wed Oct 27 07:48:54 2021 -0700 > > x86: Add -mharden-sls=[none|all|return|indirect-branch] > > Add -mharden-sls= to mitigate against straight line speculation (SLS) > for function return and indirect branch by adding an INT3 instruction > after function return and indirect branch. > > and followup commits to support Linux kernel commits: > > commit e463a09af2f0677b9485a7e8e4e70b396b2ffb6f > Author: Peter Zijlstra > Date: Sat Dec 4 14:43:44 2021 +0100 > > x86: Add straight-line-speculation mitigation > > commit 68cf4f2a72ef8786e6b7af6fd9a89f27ac0f520d > Author: Peter Zijlstra > Date: Fri Nov 19 17:50:25 2021 +0100 > > x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds > > H.J. Lu (5): > x86: Remove "%!" before ret > x86: Add -mharden-sls=[none|all|return|indirect-branch] > x86: Add -mindirect-branch-cs-prefix > x86: Rename -harden-sls=indirect-branch to -harden-sls=indirect-jmp > x86: Generate INT3 for __builtin_eh_return > > gcc/config/i386/i386-opts.h | 7 ++++ > gcc/config/i386/i386.c | 38 +++++++++++++------ > gcc/config/i386/i386.md | 2 +- > gcc/config/i386/i386.opt | 24 ++++++++++++ > gcc/doc/invoke.texi | 18 ++++++++- > gcc/testsuite/gcc.target/i386/harden-sls-1.c | 14 +++++++ > gcc/testsuite/gcc.target/i386/harden-sls-2.c | 14 +++++++ > gcc/testsuite/gcc.target/i386/harden-sls-3.c | 14 +++++++ > gcc/testsuite/gcc.target/i386/harden-sls-4.c | 16 ++++++++ > gcc/testsuite/gcc.target/i386/harden-sls-5.c | 17 +++++++++ > gcc/testsuite/gcc.target/i386/harden-sls-6.c | 18 +++++++++ > .../i386/indirect-thunk-cs-prefix-1.c | 14 +++++++ > .../i386/indirect-thunk-cs-prefix-2.c | 15 ++++++++ > 13 files changed, 198 insertions(+), 13 deletions(-) > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-1.c > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-2.c > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-3.c > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-4.c > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-5.c > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-6.c > create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-cs-prefix-1.c > create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-cs-prefix-2.c > > -- > 2.34.1 >