On Sun, Nov 18, 2018 at 2:19 PM Jiri Kosina <jikos@xxxxxxxxxx> wrote: > Which gets us back to Tim's fixup patch. Do you still prefer the revert, > given the existence of that? I think that if Tim's fixup makes it through > (it's currently missing SECCOMP handling, but that is trivial to add on > top), it might be the best compromise. We'd also have have to make IBPB > obey it to be consistent (and get even a few more % of performance back), > but that's easy as well. +1 for Tim's patch. That make us more consistent with how we handled L1TF (giving the system owner a control knob to decide whether they want this level of fixup, based on their own analysis of their vulnerability). -Tony
