Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
Thu Jan 4 23:08:00 GMT 2018
> * options.h (retpolineplt): New -z option to use retpoline PLT.
> * x86_64.cc (Output_data_plt_x86_64_retpoline): New class.
> (Target_x86_64<64>::do_make_data_plt): Create retpoline PLT when
> the option is used.
> * testsuite/Makefile.am (retpoline_plt_1.sh): New test.
> * testsuite/Makefile.in: Regenerate.
> * testsuite/retpoline_plt_1.sh: New test script.
> * testsuite/retpoline_plt_1.s: New test source.
This makes the -z bndplt and -z retpolineplt options mutually
exclusive. Please add a check in options.cc
(General_options::finalize) for this.
Will we be seeing an aarch64 patch along these same lines soon? As I
understand it, 64-bit ARM is susceptible to Spectre, but 32-bit ARM is
not (because 32-bit chips don't do any OOO execution). I haven't seen
a clear statement about other architectures like Sparc and PPC.
More information about the Binutils