On Tue, 12 Mar 2019 at 03:34, David Gibson <da...@gibson.dropbear.id.au> wrote: > Ok, done. As a rule these warnings are there intentionally for TCG - > we want to enable Spectre/Meltdown mitigations by default, but no-one > really knows if and how to implement them for TCG.
For the Arm "block speculation" type instructions what we did was say "TCG's execution doesn't speculate in a relevant way, and we treat the TCG backends as not a security boundary anyway, so we'll end the TB and put in a memory barrier and call that sufficient". That is, they're provided for the benefit of emulating guest OSes that use them, rather than because they make a difference from a security perspective. I don't know exactly what the semantics of the PPC mitigations are, but we should probably think about and document a coherent position on this for TCG. thanks -- PMM
