On Fri, Nov 15, 2024 at 02:44:12PM +0000, Kaplan, David wrote: > > On Thu, Nov 14, 2024 at 12:01:16AM -0800, Pawan Gupta wrote: > > > > For PBRSB, I guess we don't need to worry about that since there > > > > would be at least one kernel CALL before context switch. > > > > > > Right. So the case where we need RSB filling at context switch is > > > retpoline+CDT mitigation. > > > > According to the docs, classic IBRS also needs RSB filling at context switch to > > protect against corrupt RSB entries (as opposed to RSB underflow). > > Which docs are that? Classic IBRS doesn't do anything with returns > (at least on AMD). The AMD docs say that if you want to prevent > earlier instructions from influencing later RETs, you need to do the > 32 CALL sequence. But I'm not sure what corrupt RSB entries mean > here, and how it relates to IBRS? Sorry, by "corrupt", I meant poisoned. I think we are saying the same thing. Classic IBRS doesn't protect against RSB poisoning. -- Josh
