On Fri, 2018-01-26 at 14:02 -0500, Konrad Rzeszutek Wilk wrote: > > -ECONFUSED, see ==> > > Is this incorrect then? > I see: > > 241 * Skylake era CPUs have a separate issue with *underflow* of the > > 242 * RSB, when they will predict 'ret' targets from the generic > BTB. > 243 * The proper mitigation for this is IBRS. If IBRS is not > supported > 244 * or deactivated in favour of retpolines the RSB fill on context > > 245 * switch is required. > > 246 */
No, that's correct (well, except that it's kind of written for a world where Linus is going to let IBRS anywhere near his kernel, and could survive being rephrased a little :) The RSB-stuffing on context switch (or kernel entry) is one of a *litany* of additional hacks we need on Skylake to make retpolines safe. We were adding the RSB-stuffing in this case *anyway* for !SMEP, so it was trivial enough to add in the (|| Skylake) condition while we were at it.
smime.p7s
Description: S/MIME cryptographic signature
