On Fri, 2018-03-09 at 07:14 -0800, Andi Kleen wrote:
> > 
> > Shouldn't the RSB filling on context switch also be done on non-
> > IBPB
> > CPUs to protect (retpolined) user space tasks from other user space
> > tasks?
> The comment is actually incorrect. There's no risk to hit user space
> addresses if we have KPTI and NX (which is fairly universal).

... on non-AMD CPUS.

The comment does say "If we don't have SMEP or KPTI".

> It's mainly needed on Skylake era CPUs.

I wouldn't have added it if it were only for Skylake. We still have no
coherent overall mitigation for Skylake except the original IBRS setup.

Did anyone ever get any further with the call stack counting hacks?


Maciej, you might be right that to protect userspace processes from
each other we should also flush the RSB on context switch to a
"sensitive" process.