Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751642AbeAECBz (ORCPT + 1 other); Thu, 4 Jan 2018 21:01:55 -0500 Received: from mail-ot0-f182.google.com ([74.125.82.182]:39172 "EHLO mail-ot0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751556AbeAECBu (ORCPT ); Thu, 4 Jan 2018 21:01:50 -0500 X-Google-Smtp-Source: ACJfBosHsPpQk1xLUo4ztM3g71MHlNEv29H2/tOqfwviNfFdWXooe5un62RTH6M33gefcjf8IuFrdA5U/cbAzuavbSQ= MIME-Version: 1.0 In-Reply-To: References: <20180103230934.15788-1-andi@firstfloor.org> <20180104000927.co5umvfzfwliqvqt@two.firstfloor.org> <20180104001501.3jof7zkrfkehnd3r@two.firstfloor.org> From: james harvey Date: Thu, 4 Jan 2018 21:01:48 -0500 Message-ID: Subject: Re: Avoid speculative indirect calls in kernel To: Jiri Kosina Cc: Andi Kleen , Thomas Gleixner , Linus Torvalds , Greg Kroah-Hartman , dwmw@amazon.co.uk, Tim Chen , Linux Kernel Mailing List , Dave Hansen Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, Jan 3, 2018 at 7:19 PM, Jiri Kosina wrote: > On Wed, 3 Jan 2018, Andi Kleen wrote: > >> > It should be a CPU_BUG bit as we have for the other mess. And that can be >> > used for patching. >> >> It has to be done at compile time because it requires a compiler option. > > If gcc anotates indirect calls/jumps in a way that we could patch them > using alternatives in runtime, that'd be enough. > > -- > Jiri Kosina > SUSE Labs I understand the GCC patches being discussed will fix the vulnerability because newly compiled kernels will be compiled with a GCC with these patches. But, are the GCC patches being discussed also expected to fix the vulnerability because user binaries will be compiled using them? In such case, a binary could be maliciously changed back, or a custom GCC made with the patches reverted. Please forgive me if my ignorance about all the related GCC patches makes this a stupid question.