Re: Avoid speculative indirect calls in kernel

From: james harvey
Date: Thu Jan 04 2018 - 21:02:02 EST

Next message: Frank Rowand: "Re: [PATCH] of: Use SPDX license tag for DT files"
Previous message: David Woodhouse: "[PATCH v4 04/13] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps"
In reply to: Jiri Kosina: "Re: Avoid speculative indirect calls in kernel"
Next in thread: Alan Cox: "Re: Avoid speculative indirect calls in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 3, 2018 at 7:19 PM, Jiri Kosina <jikos@xxxxxxxxxx> wrote:
> On Wed, 3 Jan 2018, Andi Kleen wrote:
>
>> > It should be a CPU_BUG bit as we have for the other mess. And that can be
>> > used for patching.
>>
>> It has to be done at compile time because it requires a compiler option.
>
> If gcc anotates indirect calls/jumps in a way that we could patch them
> using alternatives in runtime, that'd be enough.
>
> --
> Jiri Kosina
> SUSE Labs

I understand the GCC patches being discussed will fix the
vulnerability because newly compiled kernels will be compiled with a
GCC with these patches.

But, are the GCC patches being discussed also expected to fix the
vulnerability because user binaries will be compiled using them? In
such case, a binary could be maliciously changed back, or a custom GCC
made with the patches reverted.

Please forgive me if my ignorance about all the related GCC patches
makes this a stupid question.

Next message: Frank Rowand: "Re: [PATCH] of: Use SPDX license tag for DT files"
Previous message: David Woodhouse: "[PATCH v4 04/13] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps"
In reply to: Jiri Kosina: "Re: Avoid speculative indirect calls in kernel"
Next in thread: Alan Cox: "Re: Avoid speculative indirect calls in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]