This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Cary Coutant <ccoutant at gmail dot com>
- To: Sriraman Tallam <tmsriram at google dot com>
- Cc: Florian Weimer <fweimer at redhat dot com>, Rui Ueyama <ruiu at google dot com>, Chandler Carruth <chandlerc at google dot com>, binutils <binutils at sourceware dot org>, Reid Kleckner <rnk at google dot com>, Eric Christopher <echristo at google dot com>, Brooks Moses <bmoses at google dot com>, Sidney Hummert <shummert at google dot com>, Xinliang David Li <davidxl at google dot com>, Rahul Chaudhry <rahulchaudhry at google dot com>
- Date: Mon, 8 Jan 2018 12:23:54 -0800
- Subject: Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Authentication-results: sourceware.org; auth=none
- References: <CAAs8HmzJkLiGaUWf9czpNfEejM=uCP=zFvudADEuxsA2wHk+fQ@mail.gmail.com> <CAJimCsGGcXCxQUWD9XGmEHdJ+w01Tr0u29yowA9b16YGHHxMkA@mail.gmail.com> <17cb3295-626f-ba0f-7458-c13eaea24d2b@redhat.com> <CAJimCsE6bZ9VwKTfh9dFvT1HmNb==0Kxh6EJQQWXGoH-U=Epsg@mail.gmail.com> <CAGCO0KhMmBJXuWbb89ZG6tgpVHgmxkE5-xEmMikBjPkVQBDmPA@mail.gmail.com> <CAJimCsFh4c+JgR27i6kVEqexvbfkJJERZ7v7bp6b4JYbR2nUqg@mail.gmail.com> <CAAs8HmyztZxr64OF1q8Vuj=mBeAJXfRS7qssdADDiS5QA3sFpg@mail.gmail.com> <e7ca7f34-08bf-5024-568a-5f47e31a998a@redhat.com> <CAAs8HmxT_3nBxBhTGLARV8NX+G3K8SbH8_J9eGX8prmnibPm7Q@mail.gmail.com> <277ce2e7-88bf-b1ab-11e8-a9c53b6a9100@redhat.com> <CAAs8Hmzja3v9EZnLQSvS8P8NOQn3VHhYuOHAnFP-budxz+xghw@mail.gmail.com> <CAJENXguR9=L8zbGbttnLc_Up_ONh-diX1ULJvn7P5A9=9ebhOQ@mail.gmail.com> <d7a4f16b-f6e4-b489-a927-e31e13c8b23b@redhat.com> <CAAs8HmzBLo2O6Hrf7i7rbZ85tt+Ub4fRrn16OLPb4hGqGTtWsQ@mail.gmail.com>
> * One other pain point is we do have internally is we use a
> configuration for tests where we build a number of shared objects and
> keep the main binary pretty thin. We have explicitly disabled now
> binding for this due to performance reasons, huge increase in the
> number of dynamic relocations putting unacceptable overheads on our
> distributed build system. We need to find a solution here.
Why do unittests need to be fully secured from attack?
-cary
- References:
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Chandler Carruth via binutils
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Sriraman Tallam via binutils
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Sriraman Tallam via binutils
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Sriraman Tallam via binutils
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Rui Ueyama via binutils
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- Re: Gold Linker Patch: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715 and in some places called "spectre".
- From: Sriraman Tallam via binutils