On Mon, 2018-01-08 at 09:27 +0100, Florian Weimer wrote: > * H. J. Lu: > > > > > This set of patches for GCC 8 mitigates variant #2 of the > > speculative execution vulnerabilities on x86 processors identified > > by CVE-2017-5715, aka Spectre. They convert indirect branches to > > call and return thunks to avoid speculative execution via indirect > > call and jmp. > Would it make sense to add a mode which relies on an empty return > stack cache? Or will CPUs use the regular branch predictor if the > return stack is empty? > > With an empty return stack cache and no branch predictor, a simple > PUSH/RET sequence cannot be predicted, so the complex CALL sequence > with a speculation barrier is not needed.
Some CPUs will use the regular branch predictor if the RSB is empty. Others just round-robin the RSB and will use the *oldest* entry if they underflow.
smime.p7s
Description: S/MIME cryptographic signature
