Re: [PATCH] retpoline/module: Taint kernel for missing retpoline in module
- Date: Fri, 12 Jan 2018 11:17:01 -0800
- From: Andi Kleen <andi@xxxxxxxxxxxxxx>
- Subject: Re: [PATCH] retpoline/module: Taint kernel for missing retpoline in module
> It doesn't make a lot of sense to have a taint flag for a *partial*
> retpoline, but not in the case that we have *no* mitigation in place.
The only thing that makes sense checking for is the C compiler
option. Everything else which needs manual changes we cannot check.
So even if we add more things I don't think this particular
check will change.
> So maybe we should drop the taint part, and just make the kernel report
> that it is (partially) vulnerable to Spectre V2, just as in the
> CONFIG_RETPOLINE && !RETPOLINE case?
Ok I can drop the taint part. The reporting is already implemented.