add retpoline compiler and linker feature flags

These features indicate that the compiler and linker support the retpoline speculative execution vulnerability (CVE-2017-5715) mitigation. Reviewed by: dim, imp Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D14228
2018-02-07 14:50:06 +00:00 · 2018-02-07 14:50:06 +00:00 · 4816408016
commit 4816408016
parent 5b7cc89266
3 changed files with 16 additions and 7 deletions
--- a/Makefile.inc1
+++ b/Makefile.inc1
@ -165,11 +165,11 @@ test-system-compiler: .PHONY
 .if !defined(X_COMPILER_TYPE)
 CROSSENV+=	COMPILER_VERSION=${COMPILER_VERSION} \
 		COMPILER_TYPE=${COMPILER_TYPE} \
-		COMPILER_FEATURES=${COMPILER_FEATURES} \
+		COMPILER_FEATURES="${COMPILER_FEATURES}" \
 		COMPILER_FREEBSD_VERSION=${COMPILER_FREEBSD_VERSION}
 .else
 CROSSENV+=	COMPILER_VERSION=${X_COMPILER_VERSION} \
-		COMPILER_FEATURES=${X_COMPILER_FEATURES} \
+		COMPILER_FEATURES="${X_COMPILER_FEATURES}" \
 		COMPILER_TYPE=${X_COMPILER_TYPE} \
 		COMPILER_FREEBSD_VERSION=${X_COMPILER_FREEBSD_VERSION}
 .endif
--- a/share/mk/bsd.compiler.mk
+++ b/share/mk/bsd.compiler.mk
@ -19,7 +19,9 @@
 # COMPILER_FEATURES will contain one or more of the following, based on
 # compiler support for that feature:
 #
-# - c++11 : supports full (or nearly full) C++11 programming environment.
+# - c++11:     supports full (or nearly full) C++11 programming environment.
+# - retpoline: supports the retpoline speculative execution vulnerability
+#              mitigation.
 #
 # These variables with an X_ prefix will also be provided if XCC is set.
 #
@ -178,11 +180,13 @@ ${X_}COMPILER_FREEBSD_VERSION=	unknown
 .endif
 .endif

+${X_}COMPILER_FEATURES=
 .if ${${X_}COMPILER_TYPE} == "clang" || \
 	(${${X_}COMPILER_TYPE} == "gcc" && ${${X_}COMPILER_VERSION} >= 40800)
-${X_}COMPILER_FEATURES=	c++11
-.else
-${X_}COMPILER_FEATURES=
+${X_}COMPILER_FEATURES+=	c++11
+.endif
+.if ${${X_}COMPILER_TYPE} == "clang" && ${${X_}COMPILER_VERSION} >= 60000
+${X_}COMPILER_FEATURES+=	retpoline
 .endif

 .else
--- a/share/mk/bsd.linker.mk
+++ b/share/mk/bsd.linker.mk
@ -12,7 +12,9 @@
 # LINKER_FEATURES may contain one or more of the following, based on
 # linker support for that feature:
 #
-# - build-id : support for generating a Build-ID note
+# - build-id:  support for generating a Build-ID note
+# - retpoline: support for generating PLT with retpoline speculative
+#              execution vulnerability mitigation
 #
 # These variables with an X_ prefix will also be provided if XLD is set.
 #
@ -73,6 +75,9 @@ ${X_}LINKER_FEATURES+=	build-id
 .if ${${X_}LINKER_TYPE} != "lld" || ${${X_}LINKER_VERSION} >= 50000
 ${X_}LINKER_FEATURES+=	filter
 .endif
+.if ${${X_}LINKER_TYPE} == "lld" && ${${X_}LINKER_VERSION} >= 60000
+${X_}LINKER_FEATURES+=	retpoline
+.endif
 .endif
 .else
 # Use LD's values