Retpoline Support Backport Lands In GCC 7

The backporting of -mindirect-branch, -mindirect-return and -mindirect-branch-register, a.k.a. the GCC "Retpoline" patches, have been back-ported and merged into the GCC 7 branch.

Given the severity of the Spectre vulnerability, these features for Retpoline support are being back-ported to GCC branches normally only reserved for bug/regression/documentation fixes.

A few days ago the support was added to GCC 8 in time for the GCC 8.1 stable release due out in the next few months.

Hitting the GCC 7 branch this morning are the back-ported patches. Thus with the GCC 7.3 "bug-fix" release coming in the near future there will be these new GCC options that can be used for converting indirect call and jumps to call and return thunks. The Linux kernel Retpoline patches make use of the new GCC switches when available for full support.

There's been talk of these functions being back-ported all the way to GCC 4.x releases, but as of writing only the back-port has happened for GCC 7.x with no work merged in the GCC 4/5/6 branches, but if that happens we'll of course update. I currently have some GCC 8.0.1 benchmarks coming looking at the impact of -mindirect-branch=thunk for user-space applications rather than just the kernel Retpoline benchmarks.