Re: Kernel for Spectre and Meltdown
Hi,
Michael Lange wrote:
> compiler that is "retpoline-aware" (as the
> "checker"-script calls it, whatever that means)
The term was coined by Google engineers
https://support.google.com/faqs/answer/7625886
"The name “retpoline” is a portmanteau of “return” and “trampoline.”
It is a trampoline construct constructed using return operations which
also figuratively ensures that any associated speculative execution
will “bounce” endlessly.
(If it brings you any amusement: imagine speculative execution as an
overly energetic 7-year old that we must now build a warehouse of
trampolines around.)"
It is worthwhile to read this early description of Spectre, which they
call "Variant 2" or "CVE-2017-5715".
Retpoline is on the first view useless effort for the CPU, so i guess
a compiler must be kept from optimizing it away.
The goal is to prevent speculative execution of code at addresses
which the attacker seeded into the branch prediction table of the CPU.
Have a nice day :)
Thomas
Reply to: