[PATCH 0/2][X] Enhanced IBRS (LP: #1786139)
tyhicks at canonical.com
Fri Oct 19 23:35:14 UTC 2018
Future Intel CPU's like Cascade Lake and GLK+ support Enhanced IBRS. Enhanced
IBRS is a H/W mitigation technique for Spectre V2 bug. So, it's important to
make sure that all the OSV's are using this feature.
For processors that don't support Enhanced IBRS, the test is to ensure that
/sys/devices/system/cpu/vulnerabilities/spectre_v2 doesn't change state after
applying the patches. This will typically be the string when running on Intel
processors that don't support Enhanced IBRS:
"Mitigation: Full generic retpoline, IBPB, IBRS_FW"
New Intel processors that do support Enhanced IBRS will display "Enhanced IBRS"
in place of "Full generic retpoline"
Pretty low. The patches are fairly simple and they should only affect new
processors. The main concern is around the possibility of regressing IBRS
support on processors that don't support Enhanced IBRS.
More information about the kernel-team