When ( ibrs && thunk == THUNK_DEFAULT && !retpoline_safe() ) is true,
thunk is set to THUNK_JMP rather than THUNK_RETPOLINE.
When (!ibrs && thunk == THUNK_DEFAULT && !retpoline_safe() ) is true,
we should do the same.
Signed-off-by: Zhenzhong Duan <zhenzhong.d...@oracle.com>
---
xen/arch/x86/spec_ctrl.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index f10ffbf..ab4b244 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -247,10 +247,10 @@ void __init init_speculation_mitigations(void)
/*
* If there are still no thunk preferences, the compiled default is
- * actually retpoline, and it is better than nothing.
+ * actually retpoline, and it is better than nothing if it's retpoline
safe.
*/
if ( thunk == THUNK_DEFAULT )
- thunk = THUNK_RETPOLINE;
+ thunk = retpoline_safe() ? THUNK_RETPOLINE : THUNK_JMP;
/* Apply the chosen settings. */
if ( thunk == THUNK_LFENCE )
--
1.7.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
