This set of patches for GCC 7, backported from trunk, mitigates variant #2 of the speculative execution vulnerabilities on x86 processors identified by CVE-2017-5715, aka Spectre. They convert indirect branches and function returns to call and return thunks to avoid speculative execution via indirect call, jmp and ret.
Testd on Linux/i686 and Linux/x86-64. Know issues: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83839 There are many test failures on Solaris due to lack of comdat support in Solaris linker. H.J. Lu (5): x86: Add -mindirect-branch= x86: Add -mfunction-return= x86: Add -mindirect-branch-register x86: Add 'V' register operand modifier x86: Disallow -mindirect-branch=/-mfunction-return= with -mcmodel=large gcc/config/i386/constraints.md | 6 +- gcc/config/i386/i386-opts.h | 13 + gcc/config/i386/i386-protos.h | 2 + gcc/config/i386/i386.c | 823 ++++++++++++++++++++- gcc/config/i386/i386.h | 10 + gcc/config/i386/i386.md | 69 +- gcc/config/i386/i386.opt | 28 + gcc/config/i386/predicates.md | 21 +- gcc/doc/extend.texi | 22 + gcc/doc/invoke.texi | 41 +- gcc/testsuite/gcc.target/i386/indirect-thunk-1.c | 20 + gcc/testsuite/gcc.target/i386/indirect-thunk-10.c | 7 + gcc/testsuite/gcc.target/i386/indirect-thunk-2.c | 20 + gcc/testsuite/gcc.target/i386/indirect-thunk-3.c | 21 + gcc/testsuite/gcc.target/i386/indirect-thunk-4.c | 21 + gcc/testsuite/gcc.target/i386/indirect-thunk-5.c | 17 + gcc/testsuite/gcc.target/i386/indirect-thunk-6.c | 18 + gcc/testsuite/gcc.target/i386/indirect-thunk-7.c | 44 ++ gcc/testsuite/gcc.target/i386/indirect-thunk-8.c | 7 + gcc/testsuite/gcc.target/i386/indirect-thunk-9.c | 7 + .../gcc.target/i386/indirect-thunk-attr-1.c | 23 + .../gcc.target/i386/indirect-thunk-attr-10.c | 9 + .../gcc.target/i386/indirect-thunk-attr-11.c | 9 + .../gcc.target/i386/indirect-thunk-attr-2.c | 21 + .../gcc.target/i386/indirect-thunk-attr-3.c | 23 + .../gcc.target/i386/indirect-thunk-attr-4.c | 22 + .../gcc.target/i386/indirect-thunk-attr-5.c | 22 + .../gcc.target/i386/indirect-thunk-attr-6.c | 21 + .../gcc.target/i386/indirect-thunk-attr-7.c | 44 ++ .../gcc.target/i386/indirect-thunk-attr-8.c | 42 ++ .../gcc.target/i386/indirect-thunk-attr-9.c | 9 + .../gcc.target/i386/indirect-thunk-bnd-1.c | 20 + .../gcc.target/i386/indirect-thunk-bnd-2.c | 21 + .../gcc.target/i386/indirect-thunk-bnd-3.c | 19 + .../gcc.target/i386/indirect-thunk-bnd-4.c | 20 + .../gcc.target/i386/indirect-thunk-extern-1.c | 19 + .../gcc.target/i386/indirect-thunk-extern-2.c | 19 + .../gcc.target/i386/indirect-thunk-extern-3.c | 20 + .../gcc.target/i386/indirect-thunk-extern-4.c | 20 + .../gcc.target/i386/indirect-thunk-extern-5.c | 16 + .../gcc.target/i386/indirect-thunk-extern-6.c | 17 + .../gcc.target/i386/indirect-thunk-extern-7.c | 43 ++ .../gcc.target/i386/indirect-thunk-inline-1.c | 20 + .../gcc.target/i386/indirect-thunk-inline-2.c | 20 + .../gcc.target/i386/indirect-thunk-inline-3.c | 21 + .../gcc.target/i386/indirect-thunk-inline-4.c | 21 + .../gcc.target/i386/indirect-thunk-inline-5.c | 17 + .../gcc.target/i386/indirect-thunk-inline-6.c | 18 + .../gcc.target/i386/indirect-thunk-inline-7.c | 44 ++ .../gcc.target/i386/indirect-thunk-register-1.c | 22 + .../gcc.target/i386/indirect-thunk-register-2.c | 20 + .../gcc.target/i386/indirect-thunk-register-3.c | 19 + .../gcc.target/i386/indirect-thunk-register-4.c | 13 + gcc/testsuite/gcc.target/i386/ret-thunk-1.c | 13 + gcc/testsuite/gcc.target/i386/ret-thunk-10.c | 23 + gcc/testsuite/gcc.target/i386/ret-thunk-11.c | 23 + gcc/testsuite/gcc.target/i386/ret-thunk-12.c | 22 + gcc/testsuite/gcc.target/i386/ret-thunk-13.c | 22 + gcc/testsuite/gcc.target/i386/ret-thunk-14.c | 22 + gcc/testsuite/gcc.target/i386/ret-thunk-15.c | 22 + gcc/testsuite/gcc.target/i386/ret-thunk-16.c | 18 + gcc/testsuite/gcc.target/i386/ret-thunk-17.c | 7 + gcc/testsuite/gcc.target/i386/ret-thunk-18.c | 8 + gcc/testsuite/gcc.target/i386/ret-thunk-19.c | 8 + gcc/testsuite/gcc.target/i386/ret-thunk-2.c | 13 + gcc/testsuite/gcc.target/i386/ret-thunk-20.c | 9 + gcc/testsuite/gcc.target/i386/ret-thunk-21.c | 9 + gcc/testsuite/gcc.target/i386/ret-thunk-3.c | 12 + gcc/testsuite/gcc.target/i386/ret-thunk-4.c | 12 + gcc/testsuite/gcc.target/i386/ret-thunk-5.c | 15 + gcc/testsuite/gcc.target/i386/ret-thunk-6.c | 14 + gcc/testsuite/gcc.target/i386/ret-thunk-7.c | 13 + gcc/testsuite/gcc.target/i386/ret-thunk-8.c | 14 + gcc/testsuite/gcc.target/i386/ret-thunk-9.c | 24 + 74 files changed, 2204 insertions(+), 50 deletions(-) create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-10.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-4.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-5.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-6.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-7.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-8.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-9.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-10.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-11.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-4.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-5.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-6.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-8.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-9.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-bnd-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-bnd-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-bnd-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-bnd-4.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-4.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-5.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-6.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-extern-7.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-4.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-5.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-6.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-inline-7.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-register-1.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-register-2.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-register-3.c create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-register-4.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-1.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-10.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-11.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-12.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-13.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-14.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-15.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-16.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-17.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-18.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-19.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-2.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-20.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-21.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-3.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-4.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-5.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-6.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-7.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-8.c create mode 100644 gcc/testsuite/gcc.target/i386/ret-thunk-9.c -- 2.14.3
