We recently discovered that our OpenSSH distribution binaries contain retpoline thunks. It's due to this OSSH_CHECK_CFLAG_COMPILE([-mfunction-return=thunk]) # gcc OSSH_CHECK_CFLAG_COMPILE([-mindirect-branch=thunk]) # gcc This was quite surprising because at least the GNU/Linux userspace has no provisions for retpolines. You also fail to enable -fno-plt, so you need a special linker that produces non-standard PLT stubs. (And this has to be repeated for all system libraries you call.) In our case, it caused miscompilation because it triggered two different GCC bugs (which are being fixed upstream): <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87412> <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87414> There have been other retpoline bugs in GCC which do not affect the kernel (or affect only rarely used kernel features), but are potentially visible in user space, so few distributions will backport those fixes to their distribution compilers. My expectation is that most of these compilers will never get fixed because the goal was to get the kernel to compile with retpoline support, and nothing more. Maybe the expectation is that distributions fine-tune their build flags according to their toolchain support level and simply configure with the --without-hardening flag, but this still looks like an unnecessary trap for those who build their OpenSSH binaries themselves. Thanks, Florian _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev