On Thu, 2018-01-11 at 10:48 -0600, Josh Poimboeuf wrote: > > The above macro is protected by '#ifdef RETPOLINE', and I seriously > doubt 0-day is testing with an unreleased version of GCC. So you > shouldn't see a 0-day warning.
It's actually #ifdef CONFIG_RETPOLINE isn't it? If you enable CONFIG_RETPOLINE but don't have a new compiler, you still get all the asm thunks (which are the easy-to-attack targets). Only if you have a new compiler is RETPOLINE also set. Also, the RSB stuffing we're looking at here is also needed for the IBRS-based mitigation, so won't even be under CONFIG_RETPOLINE by the time the IBRS patch set is beaten into shape on top. It'll probably be unconditional unless we get a CONFIG_IBRS_SUPPORT (which hasn't been suggested so far). > I think I heard that retpolines won't be ported to anything older than > GCC 4.9, so maybe it's safe to use '%='. I don't remember when it was > introduced into GCC though. Hm. Peter? This is all your fault, right? Did you know you were making us ditch compatibility for older GCC? Precisely when *did* %= get added to GCC? Note that we can also just resort to using .macro even from inline asm. It just takes a rather icky asm(".include ..."). :)
smime.p7s
Description: S/MIME cryptographic signature