On January 4, 2018 8:10:14 PM MST, Eric Gallager <eg...@gwmail.gwu.edu> wrote: >Is there anything GCC could be doing at the compiler level to mitigate >the recently-announced Meltdown and Spectre vulnerabilities? From >reading about them, it seems like they involve speculative execution >and indirect branch prediction, and those are the domain of things the >compiler deals with, right? (For reference, Meltdown is CVE-2017-5754, >and Spectre is CVE-2017-5753 and CVE-2017-5715) > >Just wondering, >Eric
If you're allowing people to run untrustworthy machine code on your hardware there's nothing a compiler can do to help. You'd need to make them use your compiler, and why would they? So anyone offering shell accounts or virtual machines is out of luck.
