Re: [PATCH v2 8/8] x86: Use IBRS for firmware update path
From: Greg KH
Date: Sat Jan 06 2018 - 03:55:45 EST
On Fri, Jan 05, 2018 at 06:12:23PM -0800, Tim Chen wrote:
> From: David Woodhouse <dwmw@xxxxxxxxxxxx>
>
> We are impervious to the indirect branch prediction attack with retpoline
> but firmware won't be, so we still need to set IBRS to protect
> firmware code execution when calling into firmware at runtime.
>
> Signed-off-by: David Woodhouse <dwmw@xxxxxxxxxxxx>
> Signed-off-by: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
> ---
> arch/x86/include/asm/apm.h | 6 ++++++
> arch/x86/include/asm/efi.h | 17 +++++++++++++--
> arch/x86/include/asm/spec_ctrl.h | 3 +++
> arch/x86/kernel/cpu/spec_ctrl.c | 45 ++++++++++++++++++++++++++++++++++++++++
> 4 files changed, 69 insertions(+), 2 deletions(-)
The files that Alan pointed out as being missed in the last version of
this patch don't seem to be updated here either :(
thanks,
greg k-h