Spectre Mitigation Added To GCC 8, Seeking Backport To GCC 7
Hitting the GCC 8 compiler Git/SVN code this Sunday morning are the changes needed compiler-side for CVE-2017-5715 / Spectre mitigation.
Veteran GNU toolchain developer H.J. Lu of Intel has committed the set of patches for introducing -mindirect-branch=, -mfunction-return= and -mindirect-branch-register for dealing with indirect branches from the compiler side and is also compiler features already used by the Linux kernel Retpoline patches when built with a supported compiler for full enforcement against Spectre vulnerabilities.
The set of Spectre mitigation patches for the GNU Compiler Collection (GCC) were accepted to mainline and will be part of GCC 8 with the GCC 8.1 stable release that will likely be due out around March. This is on top of many other changes/features of GCC 8.
Since merging these patches into GCC trunk, H.J. Lu is also looking to backport these additions to the existing GCC 7 code-base. He's already sent out another patch series of other prep changes needed to GCC 7 in order to land these Spectre changes there. This in turn could then appear with the GCC 7.3 release for those upgrading to new point releases of GCC7.
Veteran GNU toolchain developer H.J. Lu of Intel has committed the set of patches for introducing -mindirect-branch=, -mfunction-return= and -mindirect-branch-register for dealing with indirect branches from the compiler side and is also compiler features already used by the Linux kernel Retpoline patches when built with a supported compiler for full enforcement against Spectre vulnerabilities.
The set of Spectre mitigation patches for the GNU Compiler Collection (GCC) were accepted to mainline and will be part of GCC 8 with the GCC 8.1 stable release that will likely be due out around March. This is on top of many other changes/features of GCC 8.
Since merging these patches into GCC trunk, H.J. Lu is also looking to backport these additions to the existing GCC 7 code-base. He's already sent out another patch series of other prep changes needed to GCC 7 in order to land these Spectre changes there. This in turn could then appear with the GCC 7.3 release for those upgrading to new point releases of GCC7.
15 Comments