Re: [Xen-devel] [RESEND] Spectre-v2 (IBPB/IBRS) and SSBD fixes for 4.4.y

On Tue, Jul 24, 2018 at 3:02 PM, Jiri Kosina <jikos@xxxxxxxxxx> wrote:
> On Tue, 24 Jul 2018, Srivatsa S. Bhat wrote:
>> However, if you are proposing that you'd like to contribute the enhanced
>> PTI/Spectre (upstream) patches from the SLES 4.4 tree to 4.4 stable, and
>> have them merged instead of this patch series, then I would certainly
>> welcome it!
> I'd in principle love us to push everything back to 4.4, but there are a
> few reasons (*) why that's not happening shortly.
> Anyway, to point out explicitly what's really needed for those folks
> running 4.4-stable and relying on PTI providing The Real Thing(TM), it's
> either a 4.4-stable port of
> http://kernel.suse.com/cgit/kernel-source/plain/patches.suse/x86-entry-64-use-a-per-cpu-trampoline-stack.patch?id=3428a77b02b1ba03e45d8fc352ec350429f57fc7
> or making THREADINFO_GFP imply __GFP_ZERO.

This is true in Linus's tree now. Should be trivial to backport:


Kees Cook
Pixel Security

