> On Sat, 20 Jan 2018, KarimAllah Ahmed wrote: >> From: David Woodhouse <dwmw@xxxxxxxxxxxx> >> >> Not functional yet; just add the handling for it in the Spectre v2 >> mitigation selection, and the X86_FEATURE_IBRS flag which will control >> the code to be added in later patches. >> >> Also take the #ifdef CONFIG_RETPOLINE from around the RSB-stuffing; IBRS >> mode will want that too. >> >> For now we are auto-selecting IBRS on Skylake. We will probably end up >> changing that but for now let's default to the safest option. >> >> XX: Do we want a microcode blacklist? > > Oh yes, we want a microcode blacklist. Ideally we refuse to load the > affected microcode in the first place and if its already loaded then at > least avoid to use the borked features. > > PR texts promising that Intel is committed to transparency in this matter > are not sufficient. Intel, please provide the facts, i.e. a proper list of > micro codes and affected SKUs, ASAP. Perhaps we could start with the list already published by VMware at https://kb.vmware.com/s/article/52345 -- dwmw2
