[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-discuss] KVM without microcode

From: JT
Subject: [Qemu-discuss] KVM without microcode
Date: Wed, 11 Apr 2018 20:08:57 +0100

(I've also posted this to the KVM mailing list)

Hey All

A hopefully simple question:

If a KVM Hypervisor is using a kernel that identifies itself as using
"Full generic retpoline", does this mean that the hypervisor and other
guests are safe from a malicious guest trying to exploit Spectre V2,
even if we haven't updated our CPU microcode to support IBPB or IBRS?

My confusion arrises from the Intel Retpoline PDF which states:
"RET has this behavior on all processors which are based on the Intel=C2=AE
microarchitecture codename Broadwell and earlier when updated with the
latest microcode."


I understand that RET has nothing to do with IBPB or IBRS, but how do
I know if my CPU has this RET behaviour that retpoline can make use


reply via email to

[Prev in Thread] Current Thread [Next in Thread]