On Thu, Jan 4, 2018 at 7:14 PM, Zan Lynx <zl...@acm.org> wrote: > > On January 4, 2018 8:10:14 PM MST, Eric Gallager <eg...@gwmail.gwu.edu> wrote: >>Is there anything GCC could be doing at the compiler level to mitigate >>the recently-announced Meltdown and Spectre vulnerabilities? From >>reading about them, it seems like they involve speculative execution >>and indirect branch prediction, and those are the domain of things the >>compiler deals with, right? (For reference, Meltdown is CVE-2017-5754, >>and Spectre is CVE-2017-5753 and CVE-2017-5715) >> >>Just wondering, >>Eric > > If you're allowing people to run untrustworthy machine code on your hardware > there's nothing a compiler can do to help. You'd need to make them use your > compiler, and why would they? > > So anyone offering shell accounts or virtual machines is out of luck.
For the Spectre attack, a compiler can help by using it to compile accessible programs in such a way that they are not vulnerable to the attack. Ian
