[PATCH] gnu: gcc@7: Use retpoline options when building itself.

Done

Details

6 participants

Alex Vong
Gábor Boskovits
Efraim Flashner
Leo Famulari
Ludovic Courtès
zimoun

Owner: unassigned

Submitted by: Alex Vong

Severity: normal

Alex Vong wrote on 14 Jan 2018 14:07

gnu: gcc@7: Apply the 'retpoline' mitigation technique.

Recipients:(address . guix-patches@gnu.org)

Message-ID:877esksi62.fsf@gmail.com

Hello,

This patch adds the repoline patches (totally 17 of them) taken from the

'retpoline-20180107' branch at

``http://git.infradead.org/users/dwmw2/gcc-retpoline.git''to gcc@7.

Last time it builds fine on my laptop. I am now re-building since I add

some comments on the patches. I will reply asap if anything goes wrong

with the re-build.

Attachment: 0001-gnu-gcc-7-Apply-the-retpoline-mitigation-technique.patch

Cheers,

Alex

Alex Vong wrote on 14 Jan 2018 17:30

Add tags.

Recipients:(address . control@debbugs.gnu.org)

Message-ID:87o9lwqu72.fsf@gmail.com

package guix-patches
tags 30111 patch security
thanks

Alex Vong wrote on 14 Jan 2018 17:37

Fix title.

Recipients:(address . control@debbugs.gnu.org)

Message-ID:87k1wkqtup.fsf@gmail.com

package guix-patches
retitle 30111 [PATCH] gnu: gcc@7: Apply the 'retpoline' mitigation technique.
thanks

Alex Vong wrote on 15 Jan 2018 15:29

Re: gnu: gcc@7: Apply the 'retpoline' mitigation technique.

Recipients:(address . 30111@debbugs.gnu.org)

Message-ID:87d12bgpqh.fsf@gmail.com

Hello,

Please do not review the last patch. It seems the author[0] has

refactor the commits and place them into the new 'retpoline-regnames'

branch. I think these commits get sent to gcc-patches for review[1].

[0]: http://git.infradead.org/users/dwmw2/gcc-retpoline.git

[1]: https://gcc.gnu.org/ml/gcc-patches/2018-01/

Alex Vong <alexvong1995@gmail.com> writes:

Toggle quote (354 lines)> Hello,
>
> This patch adds the repoline patches (totally 17 of them) taken from the
> 'retpoline-20180107' branch at
> ``http://git.infradead.org/users/dwmw2/gcc-retpoline.git'' to gcc@7.
>
> Last time it builds fine on my laptop. I am now re-building since I add
> some comments on the patches. I will reply asap if anything goes wrong
> with the re-build.
>
> From 5be54f7ebe9b0ab6dc65ea974584be0850604b14 Mon Sep 17 00:00:00 2001
> From: Alex Vong <alexvong1995@gmail.com>
> Date: Sun, 14 Jan 2018 20:12:19 +0800
> Subject: [PATCH] gnu: gcc@7: Apply the 'retpoline' mitigation technique.
>
> This is part of Spectre (branch target injection) [CVE-2017-5715]
> mitigation. Suggested by Mark H Weaver <mhw@netris.org>.
>
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/gcc.scm (gcc@7): Use them.
> * gnu/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch,
> gnu/packages/patches/gcc-retpoline-Add-mfunction-return-and-function_return-attribute.patch,
> gnu/packages/patches/gcc-retpoline-Add-mfunction-return-keep-to-indirect-branch-tests.patch,
> gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-loop.patch,
> gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-register-and-tests.patch,
> gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-extern.patch,
> gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-inline.patch,
> gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk.patch,
> gnu/packages/patches/gcc-retpoline-Add-mno-indirect-branch-register-to-indirect-branch-.patch,
> gnu/packages/patches/gcc-retpoline-Add-tests-for-mindirect-branch-thunk-fcheck-pointer-.patch,
> gnu/packages/patches/gcc-retpoline-Disable-red-zone-with-local-indirect-jump.patch,
> gnu/packages/patches/gcc-retpoline-Rename-thunks-to-__x86_indirect_thunk_rax-etc.-to-re.patch,
> gnu/packages/patches/gcc-retpoline-Use-__x86.indirect_thunk.reg-for-indirect-branch-via.patch,
> gnu/packages/patches/gcc-retpoline-i386-Add-V-register-operand-modifier.patch,
> gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch,
> gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch,
> gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch:
> New files.
> ---
>  gnu/local.mk                                       |  19 +-
>  gnu/packages/gcc.scm                               |  20 +-
>  ...-Add-indirect_branch-attribute-with-tests.patch | 475 +++++++++++
>  ...tion-return-and-function_return-attribute.patch | 740 ++++++++++++++++
>  ...tion-return-keep-to-indirect-branch-tests.patch | 421 ++++++++++
>  .../gcc-retpoline-Add-mindirect-branch-loop.patch  | 233 ++++++
>  ...e-Add-mindirect-branch-register-and-tests.patch | 403 +++++++++
>  ...tpoline-Add-mindirect-branch-thunk-extern.patch | 263 ++++++
>  ...tpoline-Add-mindirect-branch-thunk-inline.patch | 310 +++++++
>  .../gcc-retpoline-Add-mindirect-branch-thunk.patch | 729 ++++++++++++++++
>  ...irect-branch-register-to-indirect-branch-.patch | 554 ++++++++++++
>  ...or-mindirect-branch-thunk-fcheck-pointer-.patch | 134 +++
>  ...Disable-red-zone-with-local-indirect-jump.patch | 147 ++++
>  ...ks-to-__x86_indirect_thunk_rax-etc.-to-re.patch | 926 +++++++++++++++++++++
>  ...ndirect_thunk.reg-for-indirect-branch-via.patch | 623 ++++++++++++++
>  ...line-i386-Add-V-register-operand-modifier.patch |  76 ++
>  ...se-reference-of-struct-ix86_frame-to-avoi.patch |  69 ++
>  ...ove-struct-ix86_frame-to-machine_function.patch | 249 ++++++
>  ...ference-of-struct-ix86_frame-to-avoid-cop.patch |  85 ++
>  19 files changed, 6474 insertions(+), 2 deletions(-)
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mfunction-return-and-function_return-attribute.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mfunction-return-keep-to-indirect-branch-tests.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-loop.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-register-and-tests.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-extern.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-inline.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-mno-indirect-branch-register-to-indirect-branch-.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Add-tests-for-mindirect-branch-thunk-fcheck-pointer-.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Disable-red-zone-with-local-indirect-jump.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Rename-thunks-to-__x86_indirect_thunk_rax-etc.-to-re.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-Use-__x86.indirect_thunk.reg-for-indirect-branch-via.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-i386-Add-V-register-operand-modifier.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch
>  create mode 100644 gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch
>
> diff --git a/gnu/local.mk b/gnu/local.mk
> index 6af8bfc4b..122e8ef0c 100644
> --- a/gnu/local.mk
> +++ b/gnu/local.mk
> @@ -9,7 +9,7 @@
>  # Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>
>  # Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
>  # Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com>
> -# Copyright © 2016, 2017 Alex Vong <alexvong1995@gmail.com>
> +# Copyright © 2016, 2017, 2018 Alex Vong <alexvong1995@gmail.com>
>  # Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
>  # Copyright © 2016, 2017 Jan Nieuwenhuizen <janneke@gnu.org>
>  # Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
> @@ -652,6 +652,23 @@ dist_patch_DATA =						\
>    %D%/packages/patches/gcc-asan-powerpc-missing-include.patch	\
>    %D%/packages/patches/gcc-cross-environment-variables.patch	\
>    %D%/packages/patches/gcc-libvtv-runpath.patch			\
> +  %D%/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch	\
> +  %D%/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch	\
> +  %D%/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-tests-for-mindirect-branch-thunk-fcheck-pointer-.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-inline.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mindirect-branch-thunk-extern.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch	\
> +  %D%/packages/patches/gcc-retpoline-Use-__x86.indirect_thunk.reg-for-indirect-branch-via.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mindirect-branch-loop.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mfunction-return-and-function_return-attribute.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mfunction-return-keep-to-indirect-branch-tests.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mindirect-branch-register-and-tests.patch	\
> +  %D%/packages/patches/gcc-retpoline-Add-mno-indirect-branch-register-to-indirect-branch-.patch	\
> +  %D%/packages/patches/gcc-retpoline-Disable-red-zone-with-local-indirect-jump.patch	\
> +  %D%/packages/patches/gcc-retpoline-i386-Add-V-register-operand-modifier.patch	\
> +  %D%/packages/patches/gcc-retpoline-Rename-thunks-to-__x86_indirect_thunk_rax-etc.-to-re.patch	\
>    %D%/packages/patches/gcc-strmov-store-file-names.patch	\
>    %D%/packages/patches/gcc-4-compile-with-gcc-5.patch		 \
>    %D%/packages/patches/gcc-4.6-gnu-inline.patch			\
> diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
> index ad8992289..6b913aff9 100644
> --- a/gnu/packages/gcc.scm
> +++ b/gnu/packages/gcc.scm
> @@ -5,6 +5,7 @@
>  ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
>  ;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
>  ;;; Copyright © 2016 Carlos Sánchez de La Lama <csanchezdll@gmail.com>
> +;;; Copyright © 2018 ALex Vong <alexvong1995@gmail.com>
>  ;;;
>  ;;; This file is part of GNU Guix.
>  ;;;
> @@ -427,7 +428,24 @@ Go.  It also includes runtime support libraries for these languages.")
>                 (base32
>                  "16j7i0888j2f1yp9l0nhji6cq65dy6y4nwy8868a8njbzzwavxqw"))
>                (patches (search-patches "gcc-strmov-store-file-names.patch"
> -                                       "gcc-5.0-libvtv-runpath.patch"))))
> +                                       "gcc-5.0-libvtv-runpath.patch"
> +                                       "gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch"
> +                                       "gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch"
> +                                       "gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch"
> +                                       "gcc-retpoline-Add-mindirect-branch-thunk.patch"
> +                                       "gcc-retpoline-Add-tests-for-mindirect-branch-thunk-fcheck-pointer-.patch"
> +                                       "gcc-retpoline-Add-mindirect-branch-thunk-inline.patch"
> +                                       "gcc-retpoline-Add-mindirect-branch-thunk-extern.patch"
> +                                       "gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch"
> +                                       "gcc-retpoline-Use-__x86.indirect_thunk.reg-for-indirect-branch-via.patch"
> +                                       "gcc-retpoline-Add-mindirect-branch-loop.patch"
> +                                       "gcc-retpoline-Add-mfunction-return-and-function_return-attribute.patch"
> +                                       "gcc-retpoline-Add-mfunction-return-keep-to-indirect-branch-tests.patch"
> +                                       "gcc-retpoline-Add-mindirect-branch-register-and-tests.patch"
> +                                       "gcc-retpoline-Add-mno-indirect-branch-register-to-indirect-branch-.patch"
> +                                       "gcc-retpoline-Disable-red-zone-with-local-indirect-jump.patch"
> +                                       "gcc-retpoline-i386-Add-V-register-operand-modifier.patch"
> +                                       "gcc-retpoline-Rename-thunks-to-__x86_indirect_thunk_rax-etc.-to-re.patch"))))
>      (description
>       "GCC is the GNU Compiler Collection.  It provides compiler front-ends
>  for several languages, including C, C++, Objective-C, Fortran, Ada, and Go.
> diff --git a/gnu/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch b/gnu/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch
> new file mode 100644
> index 000000000..5129a8273
> --- /dev/null
> +++ b/gnu/packages/patches/gcc-retpoline-Add-indirect_branch-attribute-with-tests.patch
> @@ -0,0 +1,475 @@
> +'Retpoline' mitigation technique for Spectre (branch target injection)
> +[CVE-2017-5715]:
> +
> +https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
> +https://support.google.com/faqs/answer/7625886
> +https://spectreattack.com/
> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
> +
> +Patch copied from the 'retpoline-20180107' branch of upstream source repository
> +(please add new / update existing patches when new 'retpoline-xxxxxxxx' branch
> +appears):
> +
> +http://git.infradead.org/users/dwmw2/gcc-retpoline.git
> +
> +From e9794727bb0384be6d27ad1edaefc71c23cc0d86 Mon Sep 17 00:00:00 2001
> +From: "H.J. Lu" <hjl.tools@gmail.com>
> +Date: Tue, 28 Nov 2017 06:10:39 -0800
> +Subject: [PATCH 08/17] Add indirect_branch attribute with tests
> +
> +__attribute__ ((indirect_branch("thunk")))
> +__attribute__ ((indirect_branch("thunk-inline")))
> +__attribute__ ((indirect_branch("thunk-extern")))
> +__attribute__ ((indirect_branch("keep")))
> +---
> + gcc/config/i386/i386-opts.h                        |  1 +
> + gcc/config/i386/i386.c                             | 74 ++++++++++++++++++++--
> + gcc/config/i386/i386.h                             |  3 +
> + .../gcc.target/i386/indirect-thunk-attr-1.c        | 22 +++++++
> + .../gcc.target/i386/indirect-thunk-attr-2.c        | 20 ++++++
> + .../gcc.target/i386/indirect-thunk-attr-3.c        | 21 ++++++
> + .../gcc.target/i386/indirect-thunk-attr-4.c        | 20 ++++++
> + .../gcc.target/i386/indirect-thunk-attr-5.c        | 22 +++++++
> + .../gcc.target/i386/indirect-thunk-attr-6.c        | 21 ++++++
> + .../gcc.target/i386/indirect-thunk-attr-7.c        | 44 +++++++++++++
> + .../gcc.target/i386/indirect-thunk-attr-8.c        | 41 ++++++++++++
> + 11 files changed, 283 insertions(+), 6 deletions(-)
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-1.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-2.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-3.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-4.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-5.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-6.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-7.c
> + create mode 100644 gcc/testsuite/gcc.target/i386/indirect-thunk-attr-8.c
> +
> +diff --git a/gcc/config/i386/i386-opts.h b/gcc/config/i386/i386-opts.h
> +index f8d80ba7ec6..9e56d7f2d12 100644
> +--- a/gcc/config/i386/i386-opts.h
> ++++ b/gcc/config/i386/i386-opts.h
> +@@ -100,6 +100,7 @@ enum stack_protector_guard {
> + };
> + 
> + enum indirect_branch {
> ++  indirect_branch_unset = 0,
> +   indirect_branch_keep,
> +   indirect_branch_thunk,
> +   indirect_branch_thunk_inline,
> +diff --git a/gcc/config/i386/i386.c b/gcc/config/i386/i386.c
> +index ac542f79846..5e66af08066 100644
> +--- a/gcc/config/i386/i386.c
> ++++ b/gcc/config/i386/i386.c
> +@@ -7137,6 +7137,37 @@ ix86_set_func_type (tree fndecl)
> +     }
> + }
> + 
> ++/* Set the indirect_branch_type field from the function FNDECL.  */
> ++
> ++static void
> ++ix86_set_indirect_branch_type (tree fndecl)
> ++{
> ++  if (cfun->machine->indirect_branch_type == indirect_branch_unset)
> ++    {
> ++      tree attr = lookup_attribute ("indirect_branch",
> ++				    DECL_ATTRIBUTES (fndecl));
> ++      if (attr != NULL)
> ++	{
> ++	  tree args = TREE_VALUE (attr);
> ++	  if (args == NULL)
> ++	    gcc_unreachable ();
> ++	  tree cst = TREE_VALUE (args);
> ++	  if (strcmp (TREE_STRING_POINTER (cst), "keep") == 0)
> ++	    cfun->machine->indirect_branch_type = indirect_branch_keep;
> ++	  else if (strcmp (TREE_STRING_POINTER (cst), "thunk") == 0)
> ++	    cfun->machine->indirect_branch_type = indirect_branch_thunk;
> ++	  else if (strcmp (TREE_STRING_POINTER (cst), "thunk-inline") == 0)
> ++	    cfun->machine->indirect_branch_type = indirect_branch_thunk_inline;
> ++	  else if (strcmp (TREE_STRING_POINTER (cst), "thunk-extern") == 0)
> ++	    cfun->machine->indirect_branch_type = indirect_branch_thunk_extern;
> ++	  else
> ++	    gcc_unreachable ();
> ++	}
> ++      else
> ++	cfun->machine->indirect_branch_type = ix86_indirect_branch;
> ++    }
> ++}
> ++
> + /* Establish appropriate back-end context for processing the function
> +    FNDECL.  The argument might be NULL to indicate processing at top
> +    level, outside of any function scope.  */
> +@@ -7152,7 +7183,10 @@ ix86_set_current_function (tree fndecl)
> + 	 one is extern inline and one isn't.  Call ix86_set_func_type
> + 	 to set the func_type field.  */
> +       if (fndecl != NULL_TREE)
> +-	ix86_set_func_type (fndecl);
> ++	{
> ++	  ix86_set_func_type (fndecl);
> ++	  ix86_set_indirect_branch_type (fndecl);
> ++	}
> +       return;
> +     }
> + 
> +@@ -7172,6 +7206,7 @@ ix86_set_current_function (tree fndecl)
> +     }
> + 
> +   ix86_set_func_type (fndecl);
> ++  ix86_set_indirect_branch_type (fndecl);
> + 
> +   tree new_tree = DECL_FUNCTION_SPECIFIC_TARGET (fndecl);
> +   if (new_tree == NULL_TREE)
> +@@ -28605,9 +28640,11 @@ ix86_output_indirect_branch (rtx call_op, const char *xasm,
> +   char push_buf[64];
> +   bool need_bnd_p = ix86_bnd_prefixed_insn_p (current_output_insn);
> + 
> +-  if (ix86_indirect_branch != indirect_branch_thunk_inline)
> ++  if (cfun->machine->indirect_branch_type
> ++      != indirect_branch_thunk_inline)
> +     {
> +-      bool need_thunk = ix86_indirect_branch == indirect_branch_thunk;
> ++      bool need_thunk
> ++	= cfun->machine->indirect_branch_type == indirect_branch_thunk;
> +       if (need_bnd_p)
> + 	indirect_thunk_bnd_needed |= need_thunk;
> +       else
> +@@ -28716,7 +28753,7 @@ const char *
> + ix86_output_indirect_jmp (rtx call_op)
> + {
> +   if (ix86_red_zone_size == 0
> +-      && ix86_indirect_branch != indirect_branch_keep)
> ++      && cfun->machine->indirect_branch_type != indirect_branch_keep)
> +     {
> +       ix86_output_indirect_branch (call_op, "%0", true);
> +       return "";
> +@@ -28733,7 +28770,7 @@ ix86_output_call_insn (rtx_insn *insn, rtx call_op)
> +   bool direct_p = constant_call_address_operand (call_op, VOIDmode);
> +   bool output_indirect_p
> +     = (!TARGET_SEH
> +-       && ix86_indirect_branch != indirect_branch_keep);
> ++       && cfun->machine->indirect_branch_type != indirect_branch_keep);
> +   bool seh_nop_p = false;
> +   const char *xasm;
> + 
> +@@ -41749,7 +41786,7 @@ ix86_handle_struct_attribute (tree *node, tree name, tree, int,
> + }
> + 
> + static tree
> +-ix86_handle_fndecl_attribute (tree *node, tree name, tree, int,
> ++ix86_handle_fndecl_attribute (tree *node, tree name, tree args, int,
> + 			      bool *no_add_attrs)
> + {
> +   if (TREE_CODE (*node) != FUNCTION_DECL)
> +@@ -41758,6 +41795,29 @@ ix86_handle_fndecl_attribute (tree *node, tree name, tree, int,
> +                name);
> +       *no_add_attrs = true;
> +     }
> ++
> ++  if (is_attribute_p ("indirect_branch", name))
> ++    {
> ++      tree cst = TREE_VALUE (args);
> ++      if (TREE_CODE (cst) != STRING_CST)
> ++	{
> ++	  warning (OPT_Wattributes,
> ++		   "%qE attribute requires a string constant argument",
> ++		   name);
> ++	  *no_add_attrs = true;
> ++	}
> ++      else if (strcmp (TREE_STRING_POINTER (cst), "keep") != 0
> ++	       && strcmp (TREE_STRING_POINTER (cst), "thunk") != 0
> ++	       && strcmp (TREE_STRING_POINTER (cst), "thunk-inline") != 0
> ++	       && strcmp (TREE_STRING_POINTER (cst), "thunk-extern") != 0)
> ++	{
> ++	  warning (OPT_Wattributes,
> ++		   "argument to %qE attribute is not "
> ++		   "(keep|thunk|thunk-inline|thunk-extern)", name);
> ++	  *no_add_attrs = true;
> ++	}
> ++    }
> ++
> +   return NULL_TREE;
> + }
> + 
> +@@ -46052,6 +46112,8 @@ static const struct attribute_spec ix86_attribute_table[] =
> +     ix86_handle_interrupt_attribute, false },
> +   { "no_caller_saved_registers", 0, 0, false, true, true,
> +     ix86_handle_no_caller_saved_registers_attribute, false },
> ++  { "indirect_branch", 1, 1, true, false, false,
> ++    ix86_handl

This message was truncated. Download the full message here.

Alex Vong wrote on 16 Jan 2018 14:14

Recipients:(address . 30111@debbugs.gnu.org)

Message-ID:87a7xet06p.fsf@gmail.com

Hello,

This is the new patch. Similar to last time, I haven't test it yet, but

I will report if it doesn't build.

Attachment: 0001-gnu-gcc-7-Apply-the-retpoline-mitigation-technique.patch

Cheers,

Alex

Ludovic Courtès wrote on 16 Jan 2018 15:33

Re: [bug#30111] gnu: gcc@7: Apply the 'retpoline' mitigation technique.

Recipients:(name . Alex Vong)(address . alexvong1995@gmail.com)(address . 30111@debbugs.gnu.org)

Message-ID:87a7xd6ffu.fsf@gnu.org

Hi Alex,

Alex Vong <alexvong1995@gmail.com> skribis:

Toggle quote (22 lines)> From aea3d11f59e260111bdb8bcac458c97a946fa900 Mon Sep 17 00:00:00 2001
> From: Alex Vong <alexvong1995@gmail.com>
> Date: Tue, 16 Jan 2018 20:32:32 +0800
> Subject: [PATCH] gnu: gcc@7: Apply the 'retpoline' mitigation technique.
>
> This is part of Spectre (branch target injection) [CVE-2017-5715]
> mitigation. Suggested by Mark H Weaver <mhw@netris.org>.
>
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/gcc.scm (gcc@7): Use them.
> * gnu/packages/patches/gcc-retpoline-Change-V-to-bare-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch,
> gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch,
> gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch,
> gnu/packages/patches/gcc-retpoline-indirect-thunk-reg-names.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-V-register-operand-modifier.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mfunction-return.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch-register.patch,
> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch.patch,
> gnu/packages/patches/gcc-retpoline-x86-Disallow-mindirect-branch-mfunction-return-with-.patch:
> New files.

I’d suggest removing the test suite changes from the patches (currently

we don’t run GCC’s test suite.) Also, ‘guix lint’ may suggest using

shorter file names.

Do you know if a new 7.x including retpoline support is scheduled for

release soon?

Thanks,

Ludo’.

Alex Vong wrote on 16 Jan 2018 16:24

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 30111@debbugs.gnu.org)

Message-ID:876081u8r0.fsf@gmail.com

ludo@gnu.org (Ludovic Courtès) writes:

Toggle quote (30 lines)> Hi Alex,
>
> Alex Vong <alexvong1995@gmail.com> skribis:
>
>> From aea3d11f59e260111bdb8bcac458c97a946fa900 Mon Sep 17 00:00:00 2001
>> From: Alex Vong <alexvong1995@gmail.com>
>> Date: Tue, 16 Jan 2018 20:32:32 +0800
>> Subject: [PATCH] gnu: gcc@7: Apply the 'retpoline' mitigation technique.
>>
>> This is part of Spectre (branch target injection) [CVE-2017-5715]
>> mitigation. Suggested by Mark H Weaver <mhw@netris.org>.
>>
>> * gnu/local.mk (dist_patch_DATA): Add them.
>> * gnu/packages/gcc.scm (gcc@7): Use them.
>> * gnu/packages/patches/gcc-retpoline-Change-V-to-bare-reg-names.patch,
>> gnu/packages/patches/gcc-retpoline-i386-More-use-reference-of-struct-ix86_frame-to-avoi.patch,
>> gnu/packages/patches/gcc-retpoline-i386-Move-struct-ix86_frame-to-machine_function.patch,
>> gnu/packages/patches/gcc-retpoline-i386-Use-reference-of-struct-ix86_frame-to-avoid-cop.patch,
>> gnu/packages/patches/gcc-retpoline-indirect-thunk-reg-names.patch,
>> gnu/packages/patches/gcc-retpoline-x86-Add-V-register-operand-modifier.patch,
>> gnu/packages/patches/gcc-retpoline-x86-Add-mfunction-return.patch,
>> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch-register.patch,
>> gnu/packages/patches/gcc-retpoline-x86-Add-mindirect-branch.patch,
>> gnu/packages/patches/gcc-retpoline-x86-Disallow-mindirect-branch-mfunction-return-with-.patch:
>> New files.
>
> I’d suggest removing the test suite changes from the patches (currently
> we don’t run GCC’s test suite.)  Also, ‘guix lint’ may suggest using
> shorter file names.
>

OK, no problem.

Toggle quote (3 lines)

> Do you know if a new 7.x including retpoline support is scheduled for

> release soon?

Yes, I think they will appear in 7.3 according to [0]. Also, some

changes appear to be in gcc-7-branch already[1]. Do you think we should

wait for it instead?

[0]: https://gcc.gnu.org/ml/gcc-patches/2018-01/msg01400.html

[1]: https://gcc.gnu.org/git/?p=gcc.git;a=shortlog;h=refs/heads/gcc-7-branch

Toggle quote (2 lines)

> Thanks,

> Ludo’.

Ludovic Courtès wrote on 17 Jan 2018 14:11

Recipients:(name . Alex Vong)(address . alexvong1995@gmail.com)(address . 30111@debbugs.gnu.org)

Message-ID:87shb46365.fsf@gnu.org

Hi Alex,

Alex Vong <alexvong1995@gmail.com> skribis:

Toggle quote (2 lines)

> ludo@gnu.org (Ludovic Courtès) writes:

[...]

Toggle quote (7 lines)

>> Do you know if a new 7.x including retpoline support is scheduled for

>> release soon?

> Yes, I think they will appear in 7.3 according to [0]. Also, some

> changes appear to be in gcc-7-branch already[1]. Do you think we should

> wait for it instead?

Yes, perhaps we should wait for that release.

What do people think?

Ludo’.

Leo Famulari wrote on 18 Jan 2018 00:31

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)

Message-ID:20180117233151.GC17805@jasmine.lan

On Wed, Jan 17, 2018 at 02:11:14PM +0100, Ludovic Courtès wrote:

Toggle quote (19 lines)> Hi Alex,
> 
> Alex Vong <alexvong1995@gmail.com> skribis:
> 
> > ludo@gnu.org (Ludovic Courtès) writes:
> 
> [...]
> 
> >> Do you know if a new 7.x including retpoline support is scheduled for
> >> release soon?
> >>
> > Yes, I think they will appear in 7.3 according to [0]. Also, some
> > changes appear to be in gcc-7-branch already[1]. Do you think we should
> > wait for it instead?
> 
> Yes, perhaps we should wait for that release.
> 
> What do people think?

It depends on whether or not the GCC team is confident in the
implementation yet. If they are still working out the kinks then I
suggest waiting.

Alex Vong wrote on 27 Jan 2018 04:06

Change Title.

Recipients:(address . control@debbugs.gnu.org)

Message-ID:87po5wt2ym.fsf@gmail.com

package guix-patches
retitle 30111 [PATCH] gnu: gcc@7: Use retpoline options when building itself.
thanks

Alex Vong wrote on 27 Jan 2018 04:19

Re: [PATCH] gnu: gcc@7: Use retpoline options when building itself.

Recipients:(address . 30111@debbugs.gnu.org)

Message-ID:87lggkt2ck.fsf@gmail.com

Hello,

This patch makes gcc use retpoline options when building itself. My last

attempt to build it was successful. But after that I have changed

something, I hope it wouldn't make it fail to build. (It shouldn't,

since the options passed aren't changed.)

Are we going to add these options to other natively compiled programs as

well?

From f6b9caae6e13936be65550c871208a3425fe4ce4 Mon Sep 17 00:00:00 2001
From: Alex Vong <alexvong1995@gmail.com>
Date: Thu, 25 Jan 2018 23:24:24 +0800
Subject: [PATCH] gnu: gcc@7: Use retpoline options when building itself.

* gnu/packages/gcc.scm (gcc@7)[arguments]: Add retpoline options
to #:make-flags.
---
 gnu/packages/gcc.scm | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

Toggle diff (60 lines)diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm
index 48e7b8ee3..6344ce734 100644
--- a/gnu/packages/gcc.scm
+++ b/gnu/packages/gcc.scm
@@ -5,6 +5,7 @@
 ;;; Copyright © 2015 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 Carlos Sánchez de La Lama <csanchezdll@gmail.com>
+;;; Copyright © 2018 Alex Vong <alexvong1995@gmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -428,6 +429,45 @@ Go.  It also includes runtime support libraries for these languages.")
                 "0p71bij6bfhzyrs8676a8jmpjsfz392s2rg862sdnsk30jpacb43"))
               (patches (search-patches "gcc-strmov-store-file-names.patch"
                                        "gcc-5.0-libvtv-runpath.patch"))))
+    (arguments
+     (substitute-keyword-arguments `(#:modules ((guix build gnu-build-system)
+                                                (guix build utils)
+                                                (ice-9 regex)
+                                                (srfi srfi-1)
+                                                (srfi srfi-26))
+                                     ,@(package-arguments gcc-6))
+       ;; Use retpoline options when building itself.
+       ((#:make-flags flags)
+        `(let* ((cross-compiling? ,(%current-target-system))
+                (system (if cross-compiling?
+                            ,(%current-target-system)
+                            ,(%current-system)))
+                (retpoline-opts '("-mindirect-branch=thunk"
+                                  "-mfunction-return=thunk"
+                                  "-mindirect-branch-register"))
+                (append-flag
+                 (lambda (flag)
+                   (if (string-match "^((BOOT_)?CFLAGS|C(XX)?FLAGS_FOR_TARGET)="
+                                     flag)
+                       (string-join (cons flag retpoline-opts))
+                       flag)))
+                (add-flag
+                 (lambda (prefix flags)
+                   (if (any (cut string-prefix? prefix <>) flags)
+                       flags
+                       (cons (string-append prefix
+                                            (string-join retpoline-opts))
+                             flags))))
+                (add-gcc-flag (cut add-flag
+                                (if cross-compiling? "CFLAGS=" "BOOT_CFLAGS=")
+                                <>))
+                (add-c-lib-flag (cut add-flag "CFLAGS_FOR_TARGET=" <>))
+                (add-c++-lib-flag (cut add-flag "CXXFLAGS_FOR_TARGET=" <>)))
+           ;; Right now, the retpoline options are x86-specific.
+           (if (any (cut string-prefix? <> system) '("x86_64" "i686"))
+               (add-gcc-flag (add-c-lib-flag (add-c++-lib-flag (map append-flag
+                                                                    ,flags))))
+               ,flags)))))
     (description
      "GCC is the GNU Compiler Collection.  It provides compiler front-ends
 for several languages, including C, C++, Objective-C, Fortran, Ada, and Go.
-- 
2.15.1

Cheers,

Alex

Ludovic Courtès wrote on 27 Feb 2018 10:37

Re: [bug#30111] [PATCH] gnu: gcc@7: Use retpoline options when building itself.

Recipients:(name . Alex Vong)(address . alexvong1995@gmail.com)(address . 30111@debbugs.gnu.org)

Message-ID:87r2p64vuh.fsf@gnu.org

Hi Alex,

Sorry for the delay.

Alex Vong <alexvong1995@gmail.com> skribis:

Toggle quote (5 lines)

> This patch makes gcc use retpoline options when building itself. My last

> attempt to build it was successful. But after that I have changed

> something, I hope it wouldn't make it fail to build. (It shouldn't,

> since the options passed aren't changed.)

Any idea what upstream thinks of compiling GCC itself with these

options? Do they offer a configure flag or something to help with that?

Toggle quote (3 lines)

> Are we going to add these options to other natively compiled programs as

> well?

I don’t have a good answer. Clearly we’ll want that in key packages,

but then where do we draw the line, and also how do we make sure we

don’t repeat ourselves?

Thoughts?

Toggle quote (8 lines)

>>From f6b9caae6e13936be65550c871208a3425fe4ce4 Mon Sep 17 00:00:00 2001

> From: Alex Vong <alexvong1995@gmail.com>

> Date: Thu, 25 Jan 2018 23:24:24 +0800

> Subject: [PATCH] gnu: gcc@7: Use retpoline options when building itself.

> * gnu/packages/gcc.scm (gcc@7)[arguments]: Add retpoline options

> to #:make-flags.

[...]

Toggle quote (40 lines)> +    (arguments
> +     (substitute-keyword-arguments `(#:modules ((guix build gnu-build-system)
> +                                                (guix build utils)
> +                                                (ice-9 regex)
> +                                                (srfi srfi-1)
> +                                                (srfi srfi-26))
> +                                     ,@(package-arguments gcc-6))
> +       ;; Use retpoline options when building itself.
> +       ((#:make-flags flags)
> +        `(let* ((cross-compiling? ,(%current-target-system))
> +                (system (if cross-compiling?
> +                            ,(%current-target-system)
> +                            ,(%current-system)))
> +                (retpoline-opts '("-mindirect-branch=thunk"
> +                                  "-mfunction-return=thunk"
> +                                  "-mindirect-branch-register"))
> +                (append-flag
> +                 (lambda (flag)
> +                   (if (string-match "^((BOOT_)?CFLAGS|C(XX)?FLAGS_FOR_TARGET)="
> +                                     flag)
> +                       (string-join (cons flag retpoline-opts))
> +                       flag)))
> +                (add-flag
> +                 (lambda (prefix flags)
> +                   (if (any (cut string-prefix? prefix <>) flags)
> +                       flags
> +                       (cons (string-append prefix
> +                                            (string-join retpoline-opts))
> +                             flags))))
> +                (add-gcc-flag (cut add-flag
> +                                (if cross-compiling? "CFLAGS=" "BOOT_CFLAGS=")
> +                                <>))
> +                (add-c-lib-flag (cut add-flag "CFLAGS_FOR_TARGET=" <>))
> +                (add-c++-lib-flag (cut add-flag "CXXFLAGS_FOR_TARGET=" <>)))
> +           ;; Right now, the retpoline options are x86-specific.
> +           (if (any (cut string-prefix? <> system) '("x86_64" "i686"))
> +               (add-gcc-flag (add-c-lib-flag (add-c++-lib-flag (map append-flag
> +                                                                    ,flags))))
> +               ,flags)))))

I’m a bit concerned by the apparent complexity and the extra maintenance
burden it may entail.  I don’t have any concrete suggestions though.  I
suppose we should somehow abstract GCC compilation to make it easier to
pass new flags?

Thanks,
Ludo’.

Gábor Boskovits wrote on 22 Jun 2018 22:07

gnu: gcc@7: Use retpoline options when building itself. Previous Next

Recipients:(address . 30111@debbugs.gnu.org)

Message-ID:CAE4v=piA3qbrQ3bxCgOnMQ-4sSzf0g_6rKqOKdBh3gXoHENPvw@mail.gmail.com

We already have gcc 7.3, what is the status of this?

Attachment: file

zimoun wrote on 19 Dec 2020 00:22

Re: [bug#30111] gnu: gcc@7: Apply the 'retpoline' mitigation technique.

Recipients:(address . 30111@debbugs.gnu.org)

Message-ID:86czz6u2cg.fsf@gmail.com

Hi,

On Sun, 14 Jan 2018 at 21:07, Alex Vong <alexvong1995@gmail.com> wrote:

Toggle quote (4 lines)

> This patch adds the repoline patches (totally 17 of them) taken from the

> 'retpoline-20180107' branch at

> ``http://git.infradead.org/users/dwmw2/gcc-retpoline.git'' to gcc@7.

As asked here: http://issues.guix.gnu.org/issue/30111#12, since gcc

7.3 is in, and now even more recent, I am inclined to close this

submission since it appears to me no more relevant.

WDYT?

All the best,

simon

zimoun wrote on 11 Jan 2021 16:43

Recipients:(name . Alex Vong)(address . alexvong1995@gmail.com)

Message-ID:86y2gzqy1e.fsf@gmail.com

Hi,

On Sat, 19 Dec 2020 at 00:22, zimoun <zimon.toutoune@gmail.com> wrote:

Toggle quote (12 lines)> Hi,
>
> On Sun, 14 Jan 2018 at 21:07, Alex Vong <alexvong1995@gmail.com> wrote:
>
>> This patch adds the repoline patches (totally 17 of them) taken from the
>> 'retpoline-20180107' branch at
>> ``http://git.infradead.org/users/dwmw2/gcc-retpoline.git'' to gcc@7.
>
> As asked here: <http://issues.guix.gnu.org/issue/30111#12>, since gcc
> 7.3 is in, and now even more recent, I am inclined to close this
> submission since it appears to me no more relevant.

If no objection, I will close this in the coming days.

All the best,

simon

Efraim Flashner wrote on 11 Jan 2021 21:03

Recipients:(name . zimoun)(address . zimon.toutoune@gmail.com)

Message-ID:X/yu+sY61KSq2aHb@3900XT

On Mon, Jan 11, 2021 at 04:43:41PM +0100, zimoun wrote:

Toggle quote (18 lines)> Hi,
> 
> On Sat, 19 Dec 2020 at 00:22, zimoun <zimon.toutoune@gmail.com> wrote:
> > Hi,
> >
> > On Sun, 14 Jan 2018 at 21:07, Alex Vong <alexvong1995@gmail.com> wrote:
> >
> >> This patch adds the repoline patches (totally 17 of them) taken from the
> >> 'retpoline-20180107' branch at
> >> ``http://git.infradead.org/users/dwmw2/gcc-retpoline.git'' to gcc@7.
> >
> > As asked here: <http://issues.guix.gnu.org/issue/30111#12>, since gcc
> > 7.3 is in, and now even more recent, I am inclined to close this
> > submission since it appears to me no more relevant.
> 
> If no objection, I will close this in the coming days.
> 

I believe we're good

(ins)efraim@3900XT ~$ lscpu | grep retpoline
Vulnerability Spectre v2:        Mitigation; Full AMD retpoline, IBPB conditional, STIBP conditional, RSB filling
(ins)efraim@3900XT ~$ uname -a
Linux 3900XT 5.10.6-gnu #1 SMP 1 x86_64 GNU/Linux

-- 
Efraim Flashner   <efraim@flashner.co.il>   ????? ?????
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

zimoun wrote on 9 Feb 2021 02:07

Recipients:(name . Efraim Flashner)(address . efraim@flashner.co.il)

Message-ID:86sg66jbfz.fsf@gmail.com

Hi,

On Mon, 11 Jan 2021 at 22:03, Efraim Flashner <efraim@flashner.co.il> wrote:

Toggle quote (21 lines)> On Mon, Jan 11, 2021 at 04:43:41PM +0100, zimoun wrote:
>> On Sat, 19 Dec 2020 at 00:22, zimoun <zimon.toutoune@gmail.com> wrote:
>> > On Sun, 14 Jan 2018 at 21:07, Alex Vong <alexvong1995@gmail.com> wrote:
>> >
>> >> This patch adds the repoline patches (totally 17 of them) taken from the
>> >> 'retpoline-20180107' branch at
>> >> ``http://git.infradead.org/users/dwmw2/gcc-retpoline.git'' to gcc@7.
>> >
>> > As asked here: <http://issues.guix.gnu.org/issue/30111#12>, since gcc
>> > 7.3 is in, and now even more recent, I am inclined to close this
>> > submission since it appears to me no more relevant.
>> 
>> If no objection, I will close this in the coming days.
>
> I believe we're good
>
> (ins)efraim@3900XT ~$ lscpu | grep retpoline
> Vulnerability Spectre v2:        Mitigation; Full AMD retpoline, IBPB conditional, STIBP conditional, RSB filling
> (ins)efraim@3900XT ~$ uname -a
> Linux 3900XT 5.10.6-gnu #1 SMP 1 x86_64 GNU/Linux

Thanks Efraim. If I miss something, please reopen it.

Cheers,

simon

Closed

Your comment

This issue is archived.

To comment on this conversation send an email to 30111@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 30111

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date