On Sun, 2018-02-04 at 19:43 +0100, Thomas Gleixner wrote: > Yet another possibility is to avoid the function entry and accouting magic > and use the generic gcc return thunk: > > __x86_return_thunk: > call L2 > L1: > pause > lfence > jmp L1 > L2: > lea 8(%rsp), %rsp|lea 4(%esp), %esp > ret > > which basically refills the RSB on every return. That can be inline or > extern, but in both cases we should be able to patch it out. > > I have no idea how that affects performance, but it might be worthwhile to > experiment with that. That was what I had in mind when I asked HJ to add -mfunction-return. I suspect the performance hit would be significant because it would cause a prediction miss on *every* return. But as I said, let's implement what we can without IBRS for Skylake, then we can compare the two options for performance, security coverage and general fugliness.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
