Re: [uclibc-ng-devel] compile uclibc with retpoline switch

Hi, Ata, John (US) wrote,

Hi all,

With Spectre variant 2 (CVE-2017-5715), gcc has been updated to avoid branch prediction problems via the retpoline patch. Specifically, by using either – mindirect-branch=thunk-inline or –mindirect-branch=thunk or –mindirect-branch- thunk-external, the compiler will convert indirect branches and function returns to call and return thunks thus avoiding speculative execution in those cases. Of course, there is a performance penalty depending on the exact argument used. Has anyone compiled uclibc with one of those switches?

I didn't tried it, yet. You might be the first :)

Any issues seen with that?

best regards Waldemar