On Fri, Oct 20, 2023 at 01:45:03PM -0700, Pawan Gupta wrote: > + /* Mitigate CPU data sampling attacks .e.g. MDS */ > + USER_CLEAR_CPU_BUFFERS > + > jmp .Lnative_iret > > > @@ -774,6 +780,9 @@ native_irq_return_ldt: > */ > popq %rax /* Restore user RAX */ > > + /* Mitigate CPU data sampling attacks .e.g. MDS */ > + USER_CLEAR_CPU_BUFFERS > + I'm thinking the comments add unnecessary noise here. The macro name is self-documenting enough. The detail about what mitigations are being done can go above the macro definition itself, which the reader can refer to if they want more detail about what the macro is doing and why. Speaking of the macro name, I think just "CLEAR_CPU_BUFFERS" is sufficient. The "USER_" prefix makes it harder to read IMO. -- Josh
