On Thu, 22 Nov 2018, Borislav Petkov wrote:
> On Thu, Nov 22, 2018 at 10:18:58AM +0100, Peter Zijlstra wrote:
> > Right; that retpoline + IBPB case is one that came up earlier when we
> > talked about this stuff. The IBPB also helps against app2app BTB ASLR
> > attacks. So even if you have userspac
On Thu, Nov 22, 2018 at 10:18:58AM +0100, Peter Zijlstra wrote:
> Right; that retpoline + IBPB case is one that came up earlier when we
> talked about this stuff. The IBPB also helps against app2app BTB ASLR
> attacks. So even if you have userspace retpoline, you might still want
> IBPB.
>
> But y
On Thu, Nov 22, 2018 at 09:14:47AM +0100, Thomas Gleixner wrote:
> On Thu, 22 Nov 2018, Borislav Petkov wrote:
> > > +
> > > + /* Initialize Indirect Branch Prediction Barrier */
> > > + if (boot_cpu_has(X86_FEATURE_IBPB)) {
> > > + setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
> > > +
On Thu, 22 Nov 2018, Thomas Gleixner wrote:
> On Thu, 22 Nov 2018, Borislav Petkov wrote:
> > > +
> > > + /* Initialize Indirect Branch Prediction Barrier */
> > > + if (boot_cpu_has(X86_FEATURE_IBPB)) {
> > > + setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
> > > + pr_info("Spectre v2
On Thu, 22 Nov 2018, Borislav Petkov wrote:
> > +
> > + /* Initialize Indirect Branch Prediction Barrier */
> > + if (boot_cpu_has(X86_FEATURE_IBPB)) {
> > + setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
> > + pr_info("Spectre v2 mitigation: Enabling Indirect Branch
> > Predic
On Wed, Nov 21, 2018 at 09:14:45PM +0100, Thomas Gleixner wrote:
> Add command line control for application to application indirect branch
> speculation mitigations.
>
> The initial options are:
>
> - on: Unconditionally enabled
> - off: Unconditionally disabled
> -auto: Kernel
Add command line control for application to application indirect branch
speculation mitigations.
The initial options are:
- on: Unconditionally enabled
- off: Unconditionally disabled
-auto: Kernel selects mitigation (default off for now)
When the spectre_v2= command line argu
7 matches
Mail list logo
