GCC 8 Patches Posted For Spectre Mitigation

Written by Michael Larabel in Linux Security on 8 January 2018 at 05:55 AM EST. 11 Comments
LINUX SECURITY
There's been a well-published branch the past few days of a patched GCC 7.2 code-base with the code changes for fending off Spectre while now patches have arrived on the mailing list for Spectre/CVE-2017-5715 of mainline GCC 8.

Toolchain expert H.J. Lu of Intel has posted a set of five patches for Spectre mitigation with the current GCC 8 code-base. These patches introduce the new -mindirect-branch, -mindirect-branch-loop, -mfunction-return, -mindirect-branch-register options for GCC. Enabling the new functionality converts indirect branches to call and return thunks in order to avoid speculative execution.

These patches add about two thousand lines of new code to the compiler. While feature development is now over on GCC 8 ahead of the GCC 8.1 stable release expected in the next two to three months, given the severity of Spectre, these patches will presumably be allowed into the mainline code-base in short order... We will, of course, write about it when it happens. We'll also see if the GCC 7 patches also get accepted in their branch as normally the developers are strict about allowing new feature additions.

With the Spectre Linux kernel patches, they do some justice when built against existing GCC compilers but for best defense the kernel does need to be built against a patched version of GCC. The GCC 8 patches for now are on the gcc-patches mailing list.
11 Comments
Related News
Linux Will Stop Randomizing Per-CPU Entry Area When KASLR Is Not Active
Linux Landing Change To Allow STIBP When Using Legacy IBRS
Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP
Open Source Security Foundation's Criticality Score 2.0 Debuts To Rank Important OSS Projects
Microsoft Pluton TPM CRB Functionality Merged Into Linux 6.3
Proposed Linux Patch Would Allow Disabling CPU Security Mitigations At Build-Time
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OBS Studio Lands AV1 & HEVC RTMP Streaming Support
Valve Officially Announces Counter-Strike 2
GNOME 44 Released With Many Desktop Enhancements
Framework Laptop Launches AMD Ryzen Upgradeable Laptop, Intel Raptor Lake Models Too
Mozilla Announces Mozilla.ai For "Trustworthy AI"
Proxmox VE 7.4 Released With Linux 5.15 LTS + Linux 6.2 Support, New Dark Theme
AMD FidelityFX Super Resolution 3 "FSR 3" Will Be Open-Source
Ubuntu 20.04.6 LTS Released With Restored UEFI Secure Boot Support