On Sat, 2018-01-06 at 10:35 -0800, Eric Biggers wrote:
> On Sat, Jan 06, 2018 at 11:49:24AM +0000, David Woodhouse wrote:
> > 
> > +/*
> > + * NOSPEC_JMP and NOSPEC_CALL macros can be used instead of a simple
> > + * indirect jmp/call which may be susceptible to the Spectre variant 2
> > + * attack.
> > + */
>
> Can be, or must be?

Can be is fine. It isn't necessarily the case that all indirect
branches MUST be changed. Although we *have* been auditing the kernel
binary and looking for them, some of them can stay as they are.


> Would it make any sense to name these INDIRECT_JMP and INDIRECT_CALL instead?
> NOSPEC_ seems to describe how it needs to be implemented on some CPUs, as
> opposed to what the user wants to do (make an indirect jump or call).

While NOSPEC_CALL explains why you're using the macro instead of just
'call'. I think this is fine. I'd rather not do too much bikeshedding
over the names.