On Tue, Feb 27, 2024 at 09:21:33AM +0100, Jiri Slaby wrote:
On 27. 02. 24, 9:00, Pawan Gupta wrote:
This is the backport of recently upstreamed series that moves VERW execution to a later point in exit-to-user path. This is needed because in some cases it may be possible for data accessed after VERW executions may end into MDS affected CPU buffers. Moving VERW closer to ring transition reduces the attack surface.
Patch 1/6 includes a minor fix that is queued for upstream: https://lore.kernel.org/lkml/170899674562.398.6398007479766564897.tip-bot2@t...
Ah, you note it here.
But you should include this patch on its own instead of merging it to 1/6.
Thats exactly what I would have done ideally, but the backports to stable kernels < 6.6 wont work without this patch. And this patch is going to take some time before it can be merged upstream.
You might need to wait until it is in linus' tree, though.
Ok will wait.