Re: Avoid speculative indirect calls in kernel
From: james harvey
Date: Thu Jan 04 2018 - 21:02:02 EST
On Wed, Jan 3, 2018 at 7:19 PM, Jiri Kosina <jikos@xxxxxxxxxx> wrote:
> On Wed, 3 Jan 2018, Andi Kleen wrote:
>
>> > It should be a CPU_BUG bit as we have for the other mess. And that can be
>> > used for patching.
>>
>> It has to be done at compile time because it requires a compiler option.
>
> If gcc anotates indirect calls/jumps in a way that we could patch them
> using alternatives in runtime, that'd be enough.
>
> --
> Jiri Kosina
> SUSE Labs
I understand the GCC patches being discussed will fix the
vulnerability because newly compiled kernels will be compiled with a
GCC with these patches.
But, are the GCC patches being discussed also expected to fix the
vulnerability because user binaries will be compiled using them? In
such case, a binary could be maliciously changed back, or a custom GCC
made with the patches reverted.
Please forgive me if my ignorance about all the related GCC patches
makes this a stupid question.