On Tue, Feb 15, 2022 at 10:52 PM Hongtao Liu <crazy...@gmail.com> wrote: > > On Tue, Feb 1, 2022 at 2:55 AM H.J. Lu via Gcc-patches > <gcc-patches@gcc.gnu.org> wrote: > > > > Backport -mindirect-branch-cs-prefix: > > > > commit 48a4ae26c225eb018ecb59f131e2c4fd4f3cf89a > > Author: H.J. Lu <hjl.to...@gmail.com> > > Date: Wed Oct 27 06:27:15 2021 -0700 > > > > x86: Add -mindirect-branch-cs-prefix > > > > Add -mindirect-branch-cs-prefix to add CS prefix to call and jmp to > > indirect thunk with branch target in r8-r15 registers so that the call > > and jmp instruction length is 6 bytes to allow them to be replaced with > > "lfence; call *%r8-r15" or "lfence; jmp *%r8-r15" at run-time. > > > > commit 63738e176726d31953deb03f7e32cf8b760735ac > > Author: H.J. Lu <hjl.to...@gmail.com> > > Date: Wed Oct 27 07:48:54 2021 -0700 > > > > x86: Add -mharden-sls=[none|all|return|indirect-branch] > > > > Add -mharden-sls= to mitigate against straight line speculation (SLS) > > for function return and indirect branch by adding an INT3 instruction > > after function return and indirect branch. > > > > and followup commits to support Linux kernel commits: > > > > commit e463a09af2f0677b9485a7e8e4e70b396b2ffb6f > > Author: Peter Zijlstra <pet...@infradead.org> > > Date: Sat Dec 4 14:43:44 2021 +0100 > > > > x86: Add straight-line-speculation mitigation > > > > commit 68cf4f2a72ef8786e6b7af6fd9a89f27ac0f520d > > Author: Peter Zijlstra <pet...@infradead.org> > > Date: Fri Nov 19 17:50:25 2021 +0100 > > > > x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds > > > > H.J. Lu (5): > > x86: Remove "%!" before ret > > x86: Add -mharden-sls=[none|all|return|indirect-branch] > > x86: Add -mindirect-branch-cs-prefix > > x86: Rename -harden-sls=indirect-branch to -harden-sls=indirect-jmp > > x86: Generate INT3 for __builtin_eh_return > The patch LGTM.
I am pushing this patch set into GCC 11 branch. Thanks. > > > > gcc/config/i386/i386-opts.h | 7 ++++ > > gcc/config/i386/i386.c | 38 +++++++++++++------ > > gcc/config/i386/i386.md | 2 +- > > gcc/config/i386/i386.opt | 24 ++++++++++++ > > gcc/doc/invoke.texi | 18 ++++++++- > > gcc/testsuite/gcc.target/i386/harden-sls-1.c | 14 +++++++ > > gcc/testsuite/gcc.target/i386/harden-sls-2.c | 14 +++++++ > > gcc/testsuite/gcc.target/i386/harden-sls-3.c | 14 +++++++ > > gcc/testsuite/gcc.target/i386/harden-sls-4.c | 16 ++++++++ > > gcc/testsuite/gcc.target/i386/harden-sls-5.c | 17 +++++++++ > > gcc/testsuite/gcc.target/i386/harden-sls-6.c | 18 +++++++++ > > .../i386/indirect-thunk-cs-prefix-1.c | 14 +++++++ > > .../i386/indirect-thunk-cs-prefix-2.c | 15 ++++++++ > > 13 files changed, 198 insertions(+), 13 deletions(-) > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-1.c > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-2.c > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-3.c > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-4.c > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-5.c > > create mode 100644 gcc/testsuite/gcc.target/i386/harden-sls-6.c > > create mode 100644 > > gcc/testsuite/gcc.target/i386/indirect-thunk-cs-prefix-1.c > > create mode 100644 > > gcc/testsuite/gcc.target/i386/indirect-thunk-cs-prefix-2.c > > > > -- > > 2.34.1 > > > > > -- > BR, > Hongtao -- H.J.
