https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #43 from CVS Commits ---
The releases/gcc-11 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:58a4e292e8507a2968bfd2b10631ba95d5440c97
commit r11-9577-g58a4e292e8507a2968bfd2b10631ba95d5440c97
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #42 from CVS Commits ---
The releases/gcc-11 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:5d928740a533cd9e78673fad7ea86d20b2142277
commit r11-9576-g5d928740a533cd9e78673fad7ea86d20b2142277
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #41 from CVS Commits ---
The releases/gcc-11 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:39d944c4237e5d35e28a2668d3b9a2e0f6f7bd01
commit r11-9575-g39d944c4237e5d35e28a2668d3b9a2e0f6f7bd01
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #40 from Andrew Cooper ---
I've given the GCC-11 branch a test and everything appears to be in order.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #39 from H.J. Lu ---
The GCC 11 backport is posted at
https://gcc.gnu.org/pipermail/gcc-patches/2022-January/589527.html
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #38 from H.J. Lu ---
(In reply to H.J. Lu from comment #37)
> (In reply to Richard Biener from comment #36)
> > HJ, does it make sense to backport these to branches since AFAIU they also
> > address possible security issues?
>
>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #37 from H.J. Lu ---
(In reply to Richard Biener from comment #36)
> HJ, does it make sense to backport these to branches since AFAIU they also
> address possible security issues?
Yes, Linux kernel needs it. I will work on it.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
Richard Biener changed:
What|Removed |Added
CC||rguenth at gcc dot gnu.org
---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|REOPENED|RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #34 from CVS Commits ---
The master branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:ed8060950c64f2e449aaf90e438aa26d0d9d0b31
commit r12-6320-ged8060950c64f2e449aaf90e438aa26d0d9d0b31
Author: H.J. Lu
Date: Wed Jan 5
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #33 from Andrew Cooper ---
Looks good to me
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Resolution|FIXED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #31 from H.J. Lu ---
Created attachment 52134
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=52134=edit
A patch to rename -harden-sls=indirect-branch to -harden-sls=indirect-jmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #30 from Andrew Cooper ---
(In reply to CVS Commits from comment #27)
>
> x86: Add -mharden-sls=[none|all|return|indirect-branch]
>
It occurs to me that `indirect-branch` needs renaming to be `indirect-jmp` as
the logic
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Target Milestone|--- |12.0
Status|NEW
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #28 from CVS Commits ---
The master branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:2196a681d7810ad8b227bf983f38ba716620545e
commit r12-5377-g2196a681d7810ad8b227bf983f38ba716620545e
Author: H.J. Lu
Date: Wed Oct 27
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #27 from CVS Commits ---
The master branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:53a643f8568067d7700a9f2facc8ba39974973d3
commit r12-5353-g53a643f8568067d7700a9f2facc8ba39974973d3
Author: H.J. Lu
Date: Wed Oct 27
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|WAITING |NEW
CC|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #25 from peterz at infradead dot org ---
(In reply to H.J. Lu from comment #24)
> Should I submit the current patches?
Yes, I'd say so. Once merged I'll send a kernel patch to use
-mindirect-branch-cs-prefix for all RETPOLINE
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|NEW |WAITING
--- Comment #24 from H.J. Lu ---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|WAITING |NEW
--- Comment #23 from H.J. Lu ---
(In
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #22 from Andrew Cooper ---
One curious thing I have discovered. While auditing the -mharden-sls=all code
generation in Xen, I found examples where I got "ret int3 ret int3" with no
intervening instructions.
It turns out this is
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #21 from peterz at infradead dot org ---
(In reply to H.J. Lu from comment #19)
> Created attachment 51685 [details]
> The v4 patch to add -mharden-sls=
I seem to have found one 'funny':
kernel/bpf/core.o: warning: objtool:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #20 from peterz at infradead dot org ---
(In reply to H.J. Lu from comment #19)
> Created attachment 51685 [details]
> The v4 patch to add -mharden-sls=
That looks to do the right thing! Let me go write more validation stuff to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Attachment #51684|0 |1
is obsolete|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #18 from Andrew Cooper ---
Yes to both.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #17 from H.J. Lu ---
[hjl@gnu-tgl-2 pr102952]$ cat z2.i
extern void (*fptr) (int, int);
void
foo (int x, int y)
{
fptr (x, y);
}
[hjl@gnu-tgl-2 pr102952]$ make z2.s
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #16 from H.J. Lu ---
(In reply to Andrew Cooper from comment #15)
> So this is the irritating corner case where the two options are linked.
>
> *If* we are using -mindirect-branch-cs-prefix, then we intend to rewrite
> `jmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #15 from Andrew Cooper ---
So this is the irritating corner case where the two options are linked.
*If* we are using -mindirect-branch-cs-prefix, then we intend to rewrite `jmp
__x86_indirect_thunk_*` to `jmp *%reg` or `lfence; jmp
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #14 from H.J. Lu ---
(In reply to peterz from comment #13)
> (In reply to H.J. Lu from comment #12)
> > (In reply to peterz from comment #9)
> > > Created attachment 51683 [details]
> > > kernel patch to test -mharden-sls=all
> > >
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #13 from peterz at infradead dot org ---
(In reply to H.J. Lu from comment #12)
> (In reply to peterz from comment #9)
> > Created attachment 51683 [details]
> > kernel patch to test -mharden-sls=all
> >
> > $ make O=defconfig
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #12 from H.J. Lu ---
(In reply to peterz from comment #9)
> Created attachment 51683 [details]
> kernel patch to test -mharden-sls=all
>
> $ make O=defconfig CC=gcc-12.0.0 arch/x86/entry/common.o
> ...
> arch/x86/entry/common.o:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Attachment #51679|0 |1
is obsolete|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #10 from peterz at infradead dot org ---
(In reply to H.J. Lu from comment #4)
> Created attachment 51679 [details]
> A patch to add -mindirect-branch-cs-prefix
>
> It adds CS prefix to call and jmp to thunk when converting indirect
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #9 from peterz at infradead dot org ---
Created attachment 51683
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51683=edit
kernel patch to test -mharden-sls=all
$ make O=defconfig CC=gcc-12.0.0 arch/x86/entry/common.o
...
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #8 from H.J. Lu ---
(In reply to peterz from comment #7)
> (In reply to H.J. Lu from comment #3)
> > Created attachment 51678 [details]
> > A patch to add -mharden-sls=
> >
> > x86: Add
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
peterz at infradead dot org changed:
What|Removed |Added
CC||peterz at infradead dot
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Attachment #51678|0 |1
is obsolete|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|ASSIGNED|WAITING
--- Comment #5 from H.J. Lu ---
(In
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #4 from H.J. Lu ---
Created attachment 51679
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51679=edit
A patch to add -mindirect-branch-cs-prefix
It adds CS prefix to call and jmp to thunk when converting indirect call
and
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
H.J. Lu changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Assignee|unassigned at
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
Richard Biener changed:
What|Removed |Added
Severity|normal |enhancement
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102952
--- Comment #2 from Andrew Cooper ---
PeterZ has suggested that the straight line speculation case can be
dis-entangled with the thunk inlining case.
If an `int3` is emitted following any `jmp __x86_indirect_thunk_*` instruction
(i.e. treated
43 matches
Mail list logo
