aboutsummaryrefslogtreecommitdiff
path: root/ld/scripttempl/dlx.sc
diff options
context:
space:
mode:
authorH.J. Lu <hjl.tools@gmail.com>2020-03-11 09:46:19 -0700
committerH.J. Lu <hjl.tools@gmail.com>2020-03-11 09:46:19 -0700
commitae531041c7c5956672342f89c486a011c84f027f (patch)
tree725d546c60204a155b8192591ab3011eb633e1ca /ld/scripttempl/dlx.sc
parent5a13315d1c6993ab84075ff94797eb8c6da1f20b (diff)
downloadgdb-ae531041c7c5956672342f89c486a011c84f027f.zip
gdb-ae531041c7c5956672342f89c486a011c84f027f.tar.gz
gdb-ae531041c7c5956672342f89c486a011c84f027f.tar.bz2
i386: Generate lfence with load/indirect branch/ret [CVE-2020-0551]
Add 3 command-line options to generate lfence for load, indirect near branch and ret to help mitigate: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0551 1. -mlfence-after-load=[no|yes]: -mlfence-after-load=yes generates lfence after load instructions. 2. -mlfence-before-indirect-branch=[none|all|memory|register]: a. -mlfence-before-indirect-branch=all generates lfence before indirect near branches via register and a warning before indirect near branches via memory. b. -mlfence-before-indirect-branch=memory issue a warning before indirect near branches via memory. c. -mlfence-before-indirect-branch=register generates lfence before indirect near branches via register. Note that lfence won't be generated before indirect near branches via register with -mlfence-after-load=yes since lfence will be generated after loading branch target register. 3. -mlfence-before-ret=[none|or|not] a. -mlfence-before-ret=or generates or with lfence before ret. b. -mlfence-before-ret=not generates not with lfence before ret. A warning will be issued and lfence won't be generated before indirect near branch and ret if the previous item is a prefix or a constant directive, which may be used to hardcode an instruction, since there is no clear instruction boundary. * config/tc-i386.c (lfence_after_load): New. (lfence_before_indirect_branch_kind): New. (lfence_before_indirect_branch): New. (lfence_before_ret_kind): New. (lfence_before_ret): New. (last_insn): New. (load_insn_p): New. (insert_lfence_after): New. (insert_lfence_before): New. (md_assemble): Call insert_lfence_before and insert_lfence_after. Set last_insn. (OPTION_MLFENCE_AFTER_LOAD): New. (OPTION_MLFENCE_BEFORE_INDIRECT_BRANCH): New. (OPTION_MLFENCE_BEFORE_RET): New. (md_longopts): Add -mlfence-after-load=, -mlfence-before-indirect-branch= and -mlfence-before-ret=. (md_parse_option): Handle -mlfence-after-load=, -mlfence-before-indirect-branch= and -mlfence-before-ret=. (md_show_usage): Display -mlfence-after-load=, -mlfence-before-indirect-branch= and -mlfence-before-ret=. (i386_cons_align): New. * config/tc-i386.h (i386_cons_align): New. (md_cons_align): New. * doc/c-i386.texi: Document -mlfence-after-load=, -mlfence-before-indirect-branch= and -mlfence-before-ret=.
Diffstat (limited to 'ld/scripttempl/dlx.sc')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.1 at 2024-12-04 06:05:15 +0000