On Sun, 2018-01-21 at 20:54 +0100, Borislav Petkov wrote: > On Sun, Jan 21, 2018 at 07:31:39PM +0000, David Woodhouse wrote: > > > if (boot_cpu_has(X86_FEATURE_IBPB)) > > > wrmsr(MSR_IA32_PRED_CMD, PRED_CMD_IBPB, 0); > > > > > > Problem solved. > > > > Nope. Plenty of patch sets *did* have the bug above though, until it > > was spotted. > > And that bug is...?
That bug is the *reason* we're arguing about static_cpu_has vs. ALTERNATIVE. A conditional branch that the CPU sees can be speculated over... Now, Andrew is right that in a number of cases there will be another serialising instruction before we ever hit a problematic indirect branch. But as I just said elsewhere, I'd really like the *primitives* to support unconditional operation.
smime.p7s
Description: S/MIME cryptographic signature
