The release of gcc-7.3.0 supports the following flags which, as I understand it, would provide maximal generic protection against CVE-2017-5715 in userspace.
-mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register
It would be nice for these to make it into the hardened gcc specs.
In addition, I think that the toolchain team should be persuaded to whitelist these flags in flag-o-matic.eclass. I have monkey-patched the eclass to this end, and have not experienced any issues in utilising the above CFLAGS across the entirety of my userspace.
Bug 646076 exists for the issue of these flags being filtered out.