cmd/asm, cmd/compile, runtime: add -spectre=ret mode

This commit extends the -spectre flag to cmd/asm and adds a new Spectre mitigation mode "ret", which enables the use of retpolines. Retpolines prevent speculation about the target of an indirect jump or call and are described in more detail here: https://support.google.com/faqs/answer/7625886 Change-Id: I4f2cb982fa94e44d91e49bd98974fd125619c93a Reviewed-on: https://go-review.googlesource.com/c/go/+/222661 Reviewed-by: Keith Randall <khr@golang.org>
2025-12-08 06:10:04 +00:00 · 2020-01-17 13:54:30 -05:00 · 2020-01-17 13:54:30 -05:00 · fc8a6336d1
commit fc8a6336d1
parent 877ef86bec
13 changed files with 119 additions and 1 deletions
--- a/src/cmd/internal/obj/x86/asm6.go
+++ b/src/cmd/internal/obj/x86/asm6.go
@ -1875,6 +1875,17 @@ func span6(ctxt *obj.Link, s *obj.LSym, newprog obj.ProgAlloc) {
 				p.As = spadjop(ctxt, ASUBL, ASUBQ)
 			}
 		}
+		if ctxt.Retpoline && (p.As == obj.ACALL || p.As == obj.AJMP) && (p.To.Type == obj.TYPE_REG || p.To.Type == obj.TYPE_MEM) {
+			if p.To.Type != obj.TYPE_REG {
+				ctxt.Diag("non-retpoline-compatible: %v", p)
+				continue
+			}
+			p.To.Type = obj.TYPE_BRANCH
+			p.To.Name = obj.NAME_EXTERN
+			p.To.Sym = ctxt.Lookup("runtime.retpoline" + obj.Rconv(int(p.To.Reg)))
+			p.To.Reg = 0
+			p.To.Offset = 0
+		}
 	}

 	var count int64 // rough count of number of instructions