On Wed, 2018-01-10 at 18:14 -0600, Tom Lendacky wrote: > On 1/10/2018 5:47 PM, David Woodhouse wrote: > > On Wed, 2018-01-10 at 22:51 +0000, David Woodhouse wrote: > >> In accordance with the Intel and AMD documentation, we need to overwrite > >> all entries in the RSB on exiting a guest, to prevent malicious branch > >> target predictions from affecting the host kernel. This is needed both > >> for retpoline and for IBRS. > >> > >> Signed-off-by: David Woodhouse <d...@amazon.co.uk> > >> --- > >> Untested in this form although it's a variant on what we've had already. > >> I have an army of machines willing to do my bidding but nested virt > >> is non-trivial and I figure I might as well post it as someone else > >> can probably test it in less than the time it takes me to work out how. > > > > Now smoke tested with Intel VT-x, but not yet on AMD. Tom, would you be > > able to do that? > > Yes, I'll try to get to it as soon as I can, but it might be tomorrow > (morning).
Thanks. I've pushed an updated version to http://git.infradead.org/users/dwmw2/linux-retpoline.git/
smime.p7s
Description: S/MIME cryptographic signature