Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre")

From: David Woodhouse
Date: Thu Jan 04 2018 - 11:24:48 EST

Next message: Andrea Arcangeli: "Re: Avoid speculative indirect calls in kernel"
Previous message: Ard Biesheuvel: "Re: [PATCH 01/11] arm64: use RET instruction for exiting the trampoline"
In reply to: Andy Lutomirski: "Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre")"
Next in thread: Paul Turner: "Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre")"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2018-01-04 at 08:18 -0800, Andy Lutomirski wrote:
> I hate to say this, but I think Intel should postpone CET until the
> dust settles.

CET isn't a *problem* for retpoline. We've had a CET-compatible version
for a while now, and I posted it earlier. It's just that Andi was
working from an older version of my patches.

Of course, there's a school of thought that says that Intel should
postpone *everything* until this is all fixed sanely, but there's
nothing special about CET in that respect.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Andrea Arcangeli: "Re: Avoid speculative indirect calls in kernel"
Previous message: Ard Biesheuvel: "Re: [PATCH 01/11] arm64: use RET instruction for exiting the trampoline"
In reply to: Andy Lutomirski: "Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre")"
Next in thread: Paul Turner: "Re: [RFC] Retpoline: Binary mitigation for branch-target-injection (aka "Spectre")"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]