On Mon, Jan 8, 2018 at 1:00 PM, David Woodhouse <dw...@infradead.org> wrote: > On Mon, 2018-01-08 at 09:20 +0100, Florian Weimer wrote: >> * H. J. Lu: >> >> > Add -mindirect-branch-loop= option to control loop filler in call and >> > return thunks generated by -mindirect-branch=. 'lfence' uses "lfence" >> > as loop filler. 'pause' uses "pause" as loop filler. 'nop' uses "nop" >> > as loop filler. The default is 'lfence'. >> >> Why is the loop needed? Doesn't ud2 or cpuid stop speculative >> execution? > > The idea is not to stop it per se, but to capture it. We trick the > speculative execution into *thinking* it's going to return back to that > endless loop, which prevents it from doing the branch prediction which > would otherwise have got into trouble. > > There has been a fair amount of bikeshedding of precisely what goes in > there already, and '1: pause; jmp 1b' is the best option that hasn't > been shot down in flames by the CPU architects. > > HJ, do we still actually need the options for lfence and nop? I thought > those were originally just for testing and could possibly be dropped > now?
This is a trial change. It may be useful later. But I can drop it and hardcode it to "pause". -- H.J.
