On Mon, Feb 12, 2018 at 11:22:11AM +0100, Ingo Molnar wrote: > > +static inline void firmware_restrict_branch_speculation_start(void) > > +{ > > + alternative_msr_write(MSR_IA32_SPEC_CTRL, SPEC_CTRL_IBRS, > > + X86_FEATURE_USE_IBRS_FW); > > +} > > + > > +static inline void firmware_restrict_branch_speculation_end(void) > > +{ > > + alternative_msr_write(MSR_IA32_SPEC_CTRL, 0, > > + X86_FEATURE_USE_IBRS_FW); > > BTW., there's a detail that only occurred to me today, this > enabling/disabling > sequence is not NMI safe, and it might be called from NMI context:
Wait, we're doing firmware from NMI? That sounds like a _REALLY_ bad idea.