On 24/10/2019 17:43, speck for Borislav Petkov wrote:
> On Thu, Oct 24, 2019 at 10:32:40AM -0500, speck for Josh Poimboeuf wrote:
>> As I said before this would be a lot nicer if we could just add NO_TAA
>> to the cpu_vuln_whitelist.
> We're waiting for a list of CPUs from Intel here, right?
>

There is no model list required.  Vulnerability to TAA is calculable
directly from existing architectural sources.

While the original expression might be ugly, and could probably be
explained more clearly, it is correct AFAICT.  I certainly have a very
similar one in Xen.

~Andrew