Re: Requirements for retpoline in Linux 4.15 (was: Re: Linux 4.15)

From: David Woodhouse
Date: Mon Jan 29 2018 - 06:35:40 EST

Next message: Andi Shyti: "[PATCH 8/8] Input: mms114 - fix typo in definition"
Previous message: Andi Shyti: "[PATCH 7/8] Input: mms114 - add SPDX identifier"
In reply to: Martin Steigerwald: "Re: Requirements for retpoline in Linux 4.15 (was: Re: Linux 4.15)"
Next in thread: Josh Poimboeuf: "Re: Requirements for retpoline in Linux 4.15 (was: Re: Linux 4.15)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2018-01-29 at 12:19 +0100, Martin Steigerwald wrote:
>
> The whole thing works:
>
> % grep . /sys/devices/system/cpu/vulnerabilities/*ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ
> /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
> /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable
> /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full genericÂ
> retpoline
>
> I bet the virtualbox modules compiled by virtualbox-dkms will taint theÂ
> support, but I bet sooner or later they will support retpoline as well.Â
> (Another reason to switch to KVM one day.)

As long as those are actually compiled, it should be fine. Any C code
will be built with the correct CFLAGS.

If they have explicit asm which has indirect jumps, that would still be
a problem. We just need to port objtool into the kernel and do it at
module load time, to check for that... :)

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Andi Shyti: "[PATCH 8/8] Input: mms114 - fix typo in definition"
Previous message: Andi Shyti: "[PATCH 7/8] Input: mms114 - add SPDX identifier"
In reply to: Martin Steigerwald: "Re: Requirements for retpoline in Linux 4.15 (was: Re: Linux 4.15)"
Next in thread: Josh Poimboeuf: "Re: Requirements for retpoline in Linux 4.15 (was: Re: Linux 4.15)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]