Spectre Mitigation Added To GCC 8, Seeking Backport To GCC 7
![LINUX SECURITY](/assets/categories/linuxsecurity.webp)
Veteran GNU toolchain developer H.J. Lu of Intel has committed the set of patches for introducing -mindirect-branch=, -mfunction-return= and -mindirect-branch-register for dealing with indirect branches from the compiler side and is also compiler features already used by the Linux kernel Retpoline patches when built with a supported compiler for full enforcement against Spectre vulnerabilities.
The set of Spectre mitigation patches for the GNU Compiler Collection (GCC) were accepted to mainline and will be part of GCC 8 with the GCC 8.1 stable release that will likely be due out around March. This is on top of many other changes/features of GCC 8.
Since merging these patches into GCC trunk, H.J. Lu is also looking to backport these additions to the existing GCC 7 code-base. He's already sent out another patch series of other prep changes needed to GCC 7 in order to land these Spectre changes there. This in turn could then appear with the GCC 7.3 release for those upgrading to new point releases of GCC7.
15 Comments