On 04/01/18 15:02, Juergen Gross wrote: > On 04/01/18 15:37, David Woodhouse wrote: >> Convert pvops invocations to use non-speculative call sequences, when >> CONFIG_RETPOLINE is enabled. >> >> There is scope for future optimisation here — once the pvops methods are >> actually set, we could just turn the damn things into *direct* jumps. >> But this is perfectly sufficient for now, without that added complexity. > I don't see the need to modify the pvops calls. > > All indirect calls are replaced by either direct calls or other code > long before any user code is active. > > For modules the replacements are in place before the module is being > used.
When booting virtualised, sibling hyperthreads can arrange VM-to-VM SP2 attacks. One mitigation though is to consider if there is any interesting data to leak that early during boot. ~Andrew
