Post Syndicated from corbet original https://lwn.net/Articles/969210/

The mainline kernel has just received a set of commits mitigating the
latest x86 hardware vulnerability, known as “branch history injection”.
From this commit:

Branch History Injection (BHI) attacks may allow a malicious
application to influence indirect branch prediction in kernel by
poisoning the branch history. eIBRS isolates indirect branch
targets in ring0. The BHB can still influence the choice of
indirect branch predictor entry, and although branch predictor
entries are isolated between modes when eIBRS is enabled, the BHB
itself is not isolated between modes.

See this commit for
documentation on the command-line parameter that controls this mitigation.
There are stable kernel releases (6.8.5,
6.6.26,
6.1.85,
and 5.15.154)
in the works that also contain the mitigations.