diff options
author | Caroline Tice <cmtice@google.com> | 2018-01-08 10:25:12 -0800 |
---|---|---|
committer | Caroline Tice <cmtice@google.com> | 2018-01-08 10:25:12 -0800 |
commit | deec799746e92ab0487eca489499ade08a2610bf (patch) | |
tree | 9a2c42ca86130fa98e61c5d7bfb7e890f501a066 /gcc-4.9/gcc/config/i386/i386.opt | |
parent | dca601e5d2b032ac5cca1df90ac56077ccf5d665 (diff) | |
download | toolchain_gcc-deec799746e92ab0487eca489499ade08a2610bf.tar.gz toolchain_gcc-deec799746e92ab0487eca489499ade08a2610bf.tar.bz2 toolchain_gcc-deec799746e92ab0487eca489499ade08a2610bf.zip |
[GCC] Commit retpoline patch code, for fixing security issues.
This applies the Intel GCC code patches, to allow compiling
with appropriate flags for mitigating the indirect branch variant of
the speculative execution security flaw.
Bug: None
Test: This is already in place in ChromeOS and has been tested on
the ChromeOS kernels.
Change-Id: Ideffb433b697f1fe7e4ca2c1eaa968160abfcc8b
Diffstat (limited to 'gcc-4.9/gcc/config/i386/i386.opt')
-rw-r--r-- | gcc-4.9/gcc/config/i386/i386.opt | 52 |
1 files changed, 40 insertions, 12 deletions
diff --git a/gcc-4.9/gcc/config/i386/i386.opt b/gcc-4.9/gcc/config/i386/i386.opt index f64a9e1eb..3b4a86066 100644 --- a/gcc-4.9/gcc/config/i386/i386.opt +++ b/gcc-4.9/gcc/config/i386/i386.opt @@ -781,18 +781,6 @@ mrtm Target Report Mask(ISA_RTM) Var(ix86_isa_flags) Save Support RTM built-in functions and code generation -mpatch-functions-for-instrumentation -Target RejectNegative Report Var(patch_functions_for_instrumentation) Save -Patch function prologue and epilogue with custom NOPs for dynamic instrumentation. By default, functions with loops (controlled by -mpatch-functions-without-loop) or functions having instructions more than -mpatch-functions-min-instructions are patched. - -mpatch-functions-ignore-loops -Target RejectNegative Report Var(patch_functions_ignore_loops) Save -Ignore loops when deciding whether to patch a function for instrumentation (for use with -mpatch-functions-for-instrumentation). - -mno-patch-functions-main-always -Target Report RejectNegative Var(patch_functions_dont_always_patch_main) Save -Treat 'main' as any other function and only patch it if it meets the criteria for loops and minimum number of instructions (for use with -mpatch-functions-for-instrumentation). - mstack-protector-guard= Target RejectNegative Joined Enum(stack_protector_guard) Var(ix86_stack_protector_guard) Init(SSP_TLS) Use given stack-protector guard @@ -806,3 +794,43 @@ Enum(stack_protector_guard) String(tls) Value(SSP_TLS) EnumValue Enum(stack_protector_guard) String(global) Value(SSP_GLOBAL) + +mindirect-branch= +Target Report RejectNegative Joined Enum(indirect_branch) Var(ix86_indirect_branch) Init(indirect_branch_keep) +Update indirect call and jump. + +mfunction-return= +Target Report RejectNegative Joined Enum(indirect_branch) Var(ix86_function_return) Init(indirect_branch_keep) +Update function return. + +Enum +Name(indirect_branch) Type(enum indirect_branch) +Known indirect branch choices (for use with the -mindirect-branch=/-mfunction-return= options): + +EnumValue +Enum(indirect_branch) String(keep) Value(indirect_branch_keep) + +EnumValue +Enum(indirect_branch) String(thunk) Value(indirect_branch_thunk) + +EnumValue +Enum(indirect_branch) String(thunk-inline) Value(indirect_branch_thunk_inline) + +EnumValue +Enum(indirect_branch) String(thunk-extern) Value(indirect_branch_thunk_extern) + +mindirect-branch-loop= +Target Report RejectNegative Joined Enum(indirect_branch_loop) Var(ix86_indirect_branch_loop) Undocumented Init(indirect_branch_loop_lfence) + +Enum +Name(indirect_branch_loop) Type(enum indirect_branch_loop) +Known loop choices (for use with the -mindirect-branch-loop= option): + +EnumValue +Enum(indirect_branch_loop) String(lfence) Value(indirect_branch_loop_lfence) + +EnumValue +Enum(indirect_branch_loop) String(pause) Value(indirect_branch_loop_pause) + +EnumValue +Enum(indirect_branch_loop) String(nop) Value(indirect_branch_loop_nop) |