[PATCH 0/5] x86: CVE-2017-5715, aka Spectre
Joseph Myers
joseph@codesourcery.com
Thu Jan 11 23:45:00 GMT 2018
On Thu, 11 Jan 2018, Jeff Law wrote:
> > Well, given retpolines are largely kernel relevant right now we don't
> > need to care here.
> That's still TBD as far as I can tell. I certainly hope we don't have
> to go retpolines in user space, at least not in the general case. I'm
> holding out hope that the kernel folks are going to save the day.
I'd presume that just about any userspace process could have sensitive
data in its address space (e.g. cp, if it happens to be copying it at the
time). Is the expectation that the kernel will use IBRS/IBPB/STIBP
globally to shield processes from branch prediction state created by other
processes? (As far as I can tell, microcode enabling IBRS/IBPB/STIBP is
only available for Ivy Bridge-EX and later at present, though I can't
locate any official Intel status information on microcode updates for
Spectre that have been released or are planned.)
--
Joseph S. Myers
joseph@codesourcery.com
More information about the Gcc-patches
mailing list