Hi all,
With Spectre variant 2 (CVE-2017-5715), gcc has been updated to avoid branch prediction
problems via the retpoline patch. Specifically, by using either
-mindirect-branch=thunk-inline or -mindirect-branch=thunk or
-mindirect-branch-thunk-external, the compiler will convert indirect branches and function
returns to call and return thunks thus avoiding speculative execution in those cases. Of
course, there is a performance penalty depending on the exact argument used. Has anyone
compiled uclibc with one of those switches?
Take care,
----
John Ata, CISSP
Senior Principal Software Engineer
Electronics Systems
STOP Operating
System<http://www.baesystems.com/en-us/product/stop> Software
Development
T 703-563-8115 | F 703-668-4359 |
john.ata@baesystems.com<mailto:john.ata@baesystems.com>
http://www.baesystems.com/csp
[cid:image001.png@01D138BC.8E54E330][cid:image003.png@01D138BC.8E54E330]<http://www.twitter.com/baesystemsinc>[cid:image004.png@01D138BC.8E54E330]<http://www.youtube.com/baesystemsinc>[cid:image006.png@01D138BC.8E54E330]<http://www.flickr.com/photos/baesystemsinc/>