Here's a patch for the documentation. This is a combination of the omitted parts of the 3 upstream commits that touched it. Ben. -- Ben Hutchings Never attribute to conspiracy what can adequately be explained by stupidity.
From: Ben Hutchings <benh@debian.org> Date: Mon, 18 Jul 2022 15:50:38 +0200 Subject: x86: Document new hardening options Origin: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=39d944c4237e5d35e28a2668d3b9a2e0f6f7bd01 Origin: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5d928740a533cd9e78673fad7ea86d20b2142277 Origin: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=58a4e292e8507a2968bfd2b10631ba95d5440c97 Changes to the docs from "x86: Add -mharden-sls=[none|all|return|indirect-branch]", "x86: Add -mindirect-branch-cs-prefix", and "x86: Rename -harden-sls=indirect-branch to -harden-sls=indirect-jmp". --- diff -u a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -1409,7 +1409,8 @@ -mstack-protector-guard-symbol=@var{symbol} @gol -mgeneral-regs-only -mcall-ms2sysv-xlogues @gol -mindirect-branch=@var{choice} -mfunction-return=@var{choice} @gol --mindirect-branch-register -mneeded} +-mindirect-branch-register -mharden-sls=@var{choice} @gol +-mindirect-branch-cs-prefix -mneeded} @emph{x86 Windows Options} @gccoptlist{-mconsole -mcygwin -mno-cygwin -mdll @gol @@ -31724,6 +31725,21 @@ @opindex mindirect-branch-register Force indirect call and jump via register. +@item -mharden-sls=@var{choice} +@opindex mharden-sls +Generate code to mitigate against straight line speculation (SLS) with +@var{choice}. The default is @samp{none} which disables all SLS +hardening. @samp{return} enables SLS hardening for function returns. +@samp{indirect-jmp} enables SLS hardening for indirect jumps. +@samp{all} enables all SLS hardening. + +@item -mindirect-branch-cs-prefix +@opindex mindirect-branch-cs-prefix +Add CS prefix to call and jmp to indirect thunk with branch target in +r8-r15 registers so that the call and jmp instruction length is 6 bytes +to allow them to be replaced with @samp{lfence; call *%r8-r15} or +@samp{lfence; jmp *%r8-r15} at run-time. + @end table These @samp{-m} switches are supported in addition to the above
Attachment:
signature.asc
Description: This is a digitally signed message part