On Mon, Aug 20, 2018 at 9:00 AM, Thomas Gleixner <[email protected]> wrote: > > On Tue, 7 Aug 2018, Jim Mattson wrote: > > > Skylake-era Intel CPUs are vulnerable to exploits of empty RSB > > conditions. On hardware, platform vulnerability can be determined > > simply by checking the processor's DisplayModel/DisplayFamily > > signature. However, when running in a VM, the operating system should > > also query IA32_ARCH_CAPABILITIES.RSBA[bit 2], a synthetic bit that > > can be set by a hypervisor to indicate that the VM might run on a > > vulnerable physical processor, regardless of the > > DisplayModel/DisplayFamily reported by CPUID. > > > > Note that IA32_ARCH_CAPABILITIES.RSBA[bit 2] is always clear on > > hardware, so the DisplayModel/DisplayFamily check is still required. > > > > For all of the details, see the Intel white paper, "Retpoline: A > > Branch Target Injection Mitigation" (document number 337131-001), > > section 5.3: Virtual Machine CPU Identification. > > > > Signed-off-by: Jim Mattson <[email protected]> > > Reviewed-by: Peter Shier <[email protected]> > > That has been superseeded by: > > fdf82a7856b3 ("x86/speculation: Protect against userspace-userspace > spectreRSB") > > right? At least it does not apply anymore...
Right. It doesn't appear that Skylake CPUs get any special treatment any more.
