On Thu, Feb 01, 2018 at 03:32:11PM +0000, David Woodhouse wrote: > On Thu, 2018-02-01 at 09:28 -0600, Josh Poimboeuf wrote: > > On Thu, Feb 01, 2018 at 03:34:21PM +0100, Peter Zijlstra wrote: > > > > > > There are the retpoline validation patches; they work with the > > > __noretpoline > > > thing from David. > > Have you run this through 0-day bot yet? A manual awk/sed found > > another > > one, which objtool confirms: > > > > drivers/watchdog/.tmp_hpwdt.o: warning: objtool: .text+0x24: > > indirect call found in RETPOLINE build > > > > And my search wasn't exhaustive so it would be good to sic 0-day bot on > > it. > > We discussed that one. It's correct; we're calling into firmware so > there's *no* point in retpolining that one. We need to set IBRS before > any runtime calls into firmware, if we want to be safe.
Ideally we'd have a way to mark the module 'unsafe' or something.
