x86/nospec: Rename and rework l1tf-barrier as branch-harden
authorAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 15 Oct 2019 08:57:31 +0000 (09:57 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Wed, 30 Oct 2019 13:07:25 +0000 (13:07 +0000)
commitb362c51679c9ffaf7258d4bc2cbb869749af85ee
treefc333e63a8942177eaf270fdf1a0624b682d6edb
parent2d6f36daa08640ebb0b658abffaede3a0ae50a20
x86/nospec: Rename and rework l1tf-barrier as branch-harden

l1tf-barrier is an inappropriate name, and came about because of restrictions
on could be discussed publicly when the patches were proposed.

In practice, it is for general Spectre v1 mitigations, and is necessary in all
cases.  An adversary which can control speculation in Xen can leak data in
cross-core (BCBS, etc) or remote (NetSpectre) scenarios - the problem is not
limited to just L1TF with HT active.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Release-acked-by: Juergen Gross <jgross@suse.com>
docs/misc/xen-command-line.pandoc
xen/arch/x86/spec_ctrl.c
xen/include/asm-x86/cpufeatures.h
xen/include/asm-x86/nospec.h
xen/include/asm-x86/spec_ctrl.h