On Sat, Nov 30, 2024 at 04:31:25PM +0100, Borislav Petkov wrote: > On Thu, Nov 21, 2024 at 12:07:18PM -0800, Josh Poimboeuf wrote: > > eIBRS protects against RSB underflow/poisoning attacks. Adding > > retpoline to the mix doesn't change that. Retpoline has a balanced > > CALL/RET anyway. > > This is exactly why I've been wanting for us to document our mitigations for > a long time now. > > A bunch of statements above for which I can only rhyme up they're correct if > I search for the vendor docs. On the AMD side I've found: > > "When Automatic IBRS is enabled, the internal return address stack used for > return address predictions is cleared on VMEXIT." > > APM v2, p. 58/119 > > For the Intel side I'm not that lucky. There's something here: > > https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html > > Or is it this one: > > https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-execution-side-channel-mitigations.html#inpage-nav-1-3-undefined > > Or is this written down explicitly in some other doc? It is in this doc: https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-restricted-speculation.html "Processors with enhanced IBRS still support the usage model where IBRS is set only in the OS/VMM for OSes that enable SMEP. To do this, such processors will ensure that guest behavior cannot control the RSB after a VM exit once IBRS is set, even if IBRS was not set at the time of the VM exit."
