This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Cary Coutant <ccoutant at gmail dot com>
- To: Chandler Carruth <chandlerc at google dot com>
- Cc: Florian Weimer <fweimer at redhat dot com>, Sriraman Tallam <tmsriram at google dot com>, binutils <binutils at sourceware dot org>, Reid Kleckner <rnk at google dot com>, Eric Christopher <echristo at google dot com>, Rui Ueyama <ruiu at google dot com>, Brooks Moses <bmoses at google dot com>, Sidney Hummert <shummert at google dot com>, Xinliang David Li <davidxl at google dot com>
- Date: Sun, 7 Jan 2018 15:14:30 -0800
- Subject: Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Authentication-results: sourceware.org; auth=none
- References: <CAAs8HmzJkLiGaUWf9czpNfEejM=uCP=zFvudADEuxsA2wHk+fQ@mail.gmail.com> <CAJimCsGGcXCxQUWD9XGmEHdJ+w01Tr0u29yowA9b16YGHHxMkA@mail.gmail.com> <17cb3295-626f-ba0f-7458-c13eaea24d2b@redhat.com> <CAJimCsE6bZ9VwKTfh9dFvT1HmNb==0Kxh6EJQQWXGoH-U=Epsg@mail.gmail.com> <CAGCO0KhMmBJXuWbb89ZG6tgpVHgmxkE5-xEmMikBjPkVQBDmPA@mail.gmail.com>
> We aren't patching linkers just because we can. ;]
Chandler, if I didn't know you personally, I'd take offense. Hmm,
maybe I took a wee bit of offense, even so. :-) Snark isn't going to
get you anywhere; it's more likely to close minds.
The details of these vulnerabilities are out there now, and your
little circle is much bigger. That means you're now exposed to people
with different experiences and possibly more expertise. Even if you've
already been down certain paths and answered certain questions, you're
going to need to do it again for the rest of us. People on this thread
are asking reasonable questions, and if you want help and cooperation,
those questions deserve serious answers. Together, we may even come up
with better solutions.
In particular, I'd like to know your answer to Alan's question about
the performance implications of deploying slow shared libraries where
not all applications need this mitigation, and the suggestion to just
compile secure apps statically. I'd like to know your answer to HJ's
suggestion to eliminate the PLT altogether (I have an answer to that,
but I'd like to know yours).
I've approved Sri's patch, in the hope that it's a short-term
mitigation strategy that we can retire in a reasonable short period of
time, and I'll be receptive to a follow-on patch that improves the
code sequences as discussed in the LLVM review thread. I really don't
want to get into the business of changing the ABI for this, though.
-cary