On Wed, 2018-01-10 at 13:17 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 12:09:34PM +0000, David Woodhouse wrote: > > That is not consistent with the documentation I've seen, which Intel > > have so far utterly failed to publish AFAICT. > > > > "a near indirect jump/call/return may be affected by code in a less > > privileged > > prediction mode that executed AFTER IBRS mode was last written with a value > > of 1" > > You must have misunderstood the context there, or the above text is > wrong to begin with.
That's a quote from the Intel documentation for the IBRS feature. Go read it, please. > > The kernel is only protected from branch targets set in userspace > > *BEFORE* the IBRS mode was last set to 1. If you set it to 1, then > > leave it like that while you run userspace and then kernel code again, > > you are not protected. > > I'm sure you've got it wrong, that would be crazy if it would be the > case. Andrea, what part of this whole fucking mess isn't entirely batshit insane to start with? :) I think you are confused with the future IBRS_ATT option which will exist on new hardware. Right now, IBRS works as I described it because that's the best they could do with microcode.
smime.p7s
Description: S/MIME cryptographic signature
