https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93654
Bug ID: 93654
Summary: Inappropriate "- -fcf-protection and
-mindirect-branch=thunk are incompatible on x86_64"
restriction
Product: gcc
Version: 9.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: andrew.cooper3 at citrix dot com
Target Milestone: ---
Bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87412 prohibited the use of
-fcf-protection and -mindirect-branch=thunk in combination.
However, it also breaks kernels which use -mindirect-branch=thunk-extern
When retpoline protections were developed, I specifically requested
thunk-extern to exist for kernels which provide their own, so that it can be
made compatible with CET.
A kernel which provides its own thunks will boot-time modify them to be
appropriate for the system, and may not be a retpoline gadget. (They may be
lfence; jmp *%reg which is recommended on AMD, or just jmp *%reg with IBRS)
-mindirect-branch=thunk-extern specifically should be permitted with
-fcf-protection, because this *was* the plan to make a single binary capable of
using CET on applicable hardware, yet being safe to Spectre v2 on older
hardware.
