On Sat, 6 Jan 2018, Alexei Starovoitov wrote:
> which clearly states that bpf_tail_call() was used in the attack.
> Yet none of the intel nor arm patches address speculation in
> this bpf helper!
> It means that:
> - gpz didn't share neither exploit nor the detailed description
> of the POC with cpu vendors until now
> - coverity rules used to find all these places in the kernel
> failed to find bpf_tail_call
> - cpu vendors were speculating what variant 1 can actually do
You forgot to mention that there might be other attacks than the public POC
which are not covered by a simple AND ....
Thanks,
tglx
