Hi > -----Original Message----- > From: H.J. Lu [mailto:hjl.to...@gmail.com] > Sent: Sunday, January 14, 2018 7:52 PM > To: Jan Hubicka <hubi...@ucw.cz> > Cc: Kumar, Venkataramanan <venkataramanan.ku...@amd.com>; gcc- > patc...@gcc.gnu.org; Dharmakan, Rohit arul raj > <rohitarulraj.dharma...@amd.com>; Nagarajan, Muthu kumar raj > <muthukumarraj.nagara...@amd.com>; Uros Bizjak (ubiz...@gmail.com) > <ubiz...@gmail.com> > Subject: Re: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre > > On Sun, Jan 14, 2018 at 6:20 AM, Jan Hubicka <hubi...@ucw.cz> wrote: > >> > Hi HJ, > >> > > >> > > -----Original Message----- > >> > > From: gcc-patches-ow...@gcc.gnu.org [mailto:gcc-patches- > >> > > ow...@gcc.gnu.org] On Behalf Of H.J. Lu > >> > > Sent: Sunday, January 14, 2018 9:07 AM > >> > > To: gcc-patches@gcc.gnu.org > >> > > Subject: [PATCH 0/5] x86: CVE-2017-5715, aka Spectre > >> > > > >> > > This set of patches for GCC 8 mitigates variant #2 of the > >> > > speculative execution vulnerabilities on x86 processors > >> > > identified by CVE-2017-5715, aka Spectre. They convert indirect > >> > > branches and function returns to call and return thunks to avoid > speculative execution via indirect call, jmp and ret. > >> > > > >> > > H.J. Lu (5): > >> > > x86: Add -mindirect-branch= > >> > > x86: Add -mfunction-return= > >> > > x86: Add -mindirect-branch-register > >> > > x86: Add 'V' register operand modifier > >> > > x86: Disallow -mindirect-branch=/-mfunction-return= with > >> > > -mcmodel=large > >> > > >> > Current set of patches don't seem to have any option to generate > "lfence" as the loop filler in "retpoline", which is required by AMD. > >> > Can you please clarify the plan. We would like to get this checked-in GCC > 8. > >> > >> Since thunks are output as strings, it is easy to add the option on > >> the top of patch #1 of the series. I do not fully understand the > >> reason for choosing pause over lfence for Intel, but if we need to do > >> both, we need to have command line option (and possibly attribute). > >> What would be reasonable name for it? > > > > I forgot there is -mindirect-branch-loop for that in the original patchset. > > So for now we should be happy with having both lfence and pause in > > there or do we still need it? > > > > I suggest we leave it out for the time being.
Yes as of now having both "lfence" and "pause" is Ok. Hope we can add "- indirect-branch-loop" option later if required. Regards, Venkat, > > > -- > H.J.
