On 01/04/18 18:00, David Woodhouse wrote:
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index d4fc98c..1009d1a 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -429,6 +429,19 @@ config GOLDFISH
> def_bool y
> depends on X86_GOLDFISH
>
> +config RETPOLINE
> + bool "Avoid speculative indirect branches in kernel"
> + default y
> + help
> + Compile kernel with the retpoline compiler options to guard against
> + kernel to user data leaks by avoiding speculative indirect
On first reading, I encountered a parse err^W^W <what the heck did that say>
on "kernel to user data". I get it after rereading it, but
kernel-to-user data leaks
would be better. (IMHO)
> + branches. Requires a compiler with -mindirect-branch=thunk-extern
> + support for full protection. The kernel may run slower.
> +
> + Without compiler support, at least indirect branches in assembler
> + code are eliminated. Since this includes the syscall entry path,
> + it is not entirely pointless.
--
~Randy
