On Fri, 2018-01-19 at 16:25 +0100, Paolo Bonzini wrote: > Without retpolines, KVM userspace is not protected from the guest > poisoning the BTB, because there is no IBRS-barrier on the vmexit > path. > So there are two more IBPBs that are needed if retpolines are > enabled: > > 1) in kvm_sched_out > > 2) at the end of vcpu_run
Hm, yes. That does seem reasonable. Can we make it conditional so it only happens *if* we end up back in userspace, and not for a VM- >kernel->VM transition? And can I have a patch against http://git.infradead.org/users/dwmw2/linux-retpoline.git/shortlog/refs/heads/ibpb-upstream please (see the XX in that top commit too). I'm still putting that together, and the IBRS bits on top; getting on an airplane to spend some more quality time with it now...
smime.p7s
Description: S/MIME cryptographic signature
