From: Norbert Manthey <nmanthey@amazon.de>
Date: Wed, 21 Nov 2018 09:52:05 +0000 (+0100)
Subject: retpoline: disable jump tables
X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~2865
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=2276da0db9b0f111e1a8f41dd707c6bd1dea9a7d;p=xen.git

retpoline: disable jump tables

To mitigate Spectre v2, Xen has been fixed with a software fix, namely
using retpoline sequences generated by the compiler. This way, indirect
branches are protected against the attack.

However, the retpoline sequence comes with a slow down. To make up for
this, we propose to avoid jump tables in the first place. Without the
retpoline sequences, this code would be less efficient. However, when
retpoline is enabled, this actually results in a slight performance
improvement.

This change might become irrelevant once the compiler starts avoiding
jump tables in case retpolines are used:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86952

Reported-by: Julian Stecklina <jsteckli@amazon.de>
Reported-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
Acked-by: Jan Beulich <jbeulich@suse.com>
---

diff --git a/xen/arch/x86/Rules.mk b/xen/arch/x86/Rules.mk
index cc301cdc5b..3f2687bbe4 100644
--- a/xen/arch/x86/Rules.mk
+++ b/xen/arch/x86/Rules.mk
@@ -48,6 +48,7 @@ endif
 ifneq ($(call cc-option,$(CC),-mindirect-branch-register,n),n)
 CFLAGS += -mindirect-branch=thunk-extern -mindirect-branch-register
 CFLAGS += -DCONFIG_INDIRECT_THUNK
+CFLAGS += -fno-jump-tables
 export CONFIG_INDIRECT_THUNK=y
 endif