diff options
| author | Chandler Carruth <chandlerc@gmail.com> | 2018-03-02 05:49:03 +0000 |
|---|---|---|
| committer | Chandler Carruth <chandlerc@gmail.com> | 2018-03-02 05:49:03 +0000 |
| commit | c2ed34952095ce41b30e6a615fbecc1e9a544f77 (patch) | |
| tree | ef0c35831a0202c4e12c9c902bc0231541972ddf | |
| parent | 75a36832b158dc653cbf481c4c6ae05f4acbbff8 (diff) | |
Add some minimal release notes for retpolines.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/branches/release_60@326540 91177308-0d34-0410-b5e6-96231b3b80d8
| -rw-r--r-- | docs/ReleaseNotes.rst | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/docs/ReleaseNotes.rst b/docs/ReleaseNotes.rst index efbf27a887..5ceb1a4b51 100644 --- a/docs/ReleaseNotes.rst +++ b/docs/ReleaseNotes.rst @@ -51,6 +51,12 @@ Non-comprehensive list of changes in this release ``__is_target_vendor``, ``__is_target_os``, and ``__is_target_environment`` can be used to to examine the individual components of the target triple. +- Support for `retpolines <https://support.google.com/faqs/answer/7625886>`_ + was added to help mitigate "branch target injection" (variant #2) of the + "Spectre" speculative side channels described by `Project Zero + <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>`_ + and the `Spectre paper <https://spectreattack.com/spectre.pdf>`_. + Improvements to Clang's diagnostics ----------------------------------- @@ -138,6 +144,18 @@ New Compiler Flags - New ``-nostdlib++`` flag to disable linking the C++ standard library. Similar to using ``clang`` instead of ``clang++`` but doesn't disable ``-lm``. +- Clang supports the ``-mretpoline`` flag to enable `retpolines + <https://support.google.com/faqs/answer/7625886>`_. Code compiled with this + flag will be hardened against variant #2 of the Spectre attack. Indirect + branches from switches or gotos removed from the code, and indirect calls + will be made through a "retpoline" thunk. The necessary thunks will + automatically be inserted into the generated code. Clang also supports + ``-mretpoline-external-thunk`` which works like ``-mretpoline`` but requires + the user to provide their own thunk definitions. The external thunk names + start with ``__x86_indirect_thunk_`` and end in a register name. For 64-bit + platforms, only an ``r11`` thunk is used, but for 32-bit platforms ``eax``, + ``ecx``, ``edx``, and ``edi`` thunks are used. + Attribute Changes in Clang -------------------------- |