patch out kernel retpoline
(marc.info)
from tedu to openbsd on 07 Aug 2023 18:44
https://azorius.net/g/openbsd/p/DSTh7v9F4cp1s8q6V5-patch-out-retpoline
from tedu to openbsd on 07 Aug 2023 18:44
https://azorius.net/g/openbsd/p/DSTh7v9F4cp1s8q6V5-patch-out-retpoline
Changes by: guenther@cvs.openbsd.org
On CPUs with eIBRS ("enhanced Indirect Branch Restricted Speculation") or IBT enabled the kernel, the hardware should (not have) the attacks which retpolines were created to prevent. In those cases, retpolines should be a net negative for security as they are an indirect branch gadget. They're also slower.
Commit: https://github.com/openbsd/src/commit/1538f8cb209f93ed99ddae606a02707e3bdd9dfc
threaded - newest