On Thu, 2018-02-01 at 09:28 -0600, Josh Poimboeuf wrote:
> On Thu, Feb 01, 2018 at 03:34:21PM +0100, Peter Zijlstra wrote:
> > 
> > There are the retpoline validation patches; they work with the
> > __noretpoline
> > thing from David.
> Have you run this through 0-day bot yet?  A manual awk/sed found
> another
> one, which objtool confirms:
> 
>   drivers/watchdog/.tmp_hpwdt.o: warning: objtool: .text+0x24:
> indirect call found in RETPOLINE build
> 
> And my search wasn't exhaustive so it would be good to sic 0-day bot on
> it.

We discussed that one. It's correct; we're calling into firmware so
there's *no* point in retpolining that one. We need to set IBRS before
any runtime calls into firmware, if we want to be safe.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to