16472cafcf
In order to mitigate Spectre variant 2 (branch target injection), use retpolines for indirect jumps and calls. The newly-added hidden CONFIG_X86_NO_SPECTRE flag, which is disabled by default, must be set by a x86 SoC if its CPU performs speculative execution. Most targets supported by Zephyr do not, so this is set to "y" by default. A new setting, CONFIG_RETPOLINE, has been added to the "Security Options" sections, and that will be enabled by default if CONFIG_X86_NO_SPECTRE is disabled. Signed-off-by: Leandro Pereira <leandro.pereira@intel.com> |
||
|---|---|---|
| .. | ||
| offsets | ||
| CMakeLists.txt | ||
| Kconfig | ||
| cache.c | ||
| cache_s.S | ||
| cpuhalt.c | ||
| crt0.S | ||
| excstub.S | ||
| fatal.c | ||
| float.c | ||
| intstub.S | ||
| irq_manage.c | ||
| irq_offload.c | ||
| msr.c | ||
| reboot_rst_cnt.c | ||
| swap.S | ||
| sys_fatal_error_handler.c | ||
| thread.c | ||
| userspace.S | ||
| x86_mmu.c | ||