On Thu, 2018-02-01 at 09:28 -0600, Josh Poimboeuf wrote: > On Thu, Feb 01, 2018 at 03:34:21PM +0100, Peter Zijlstra wrote: > > > > There are the retpoline validation patches; they work with the > > __noretpoline > > thing from David. > Have you run this through 0-day bot yet? A manual awk/sed found > another > one, which objtool confirms: > > drivers/watchdog/.tmp_hpwdt.o: warning: objtool: .text+0x24: > indirect call found in RETPOLINE build > > And my search wasn't exhaustive so it would be good to sic 0-day bot on > it.
We discussed that one. It's correct; we're calling into firmware so there's *no* point in retpolining that one. We need to set IBRS before any runtime calls into firmware, if we want to be safe.
smime.p7s
Description: S/MIME cryptographic signature