Re: [PATCH 0/3] x86/speculation: Support Automatic IBRS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/4/22 5:06 PM, Dave Hansen wrote:
On 11/4/22 14:36, Kim Phillips wrote:
The AMD Zen4 core supports a new feature called Automatic IBRS.
(Indirect Branch Restricted Speculation).

Enable Automatic IBRS by default if the CPU feature is present.
It typically provides greater performance over the incumbent
generic retpolines mitigation.

Could you also share some information on how this differs from EIBRS and

Some differences are:

1. Unlike EIBRS, AutoIBRS needs STIBP always-on
2. Unlike EIBRS, AutoIBRS doesn't need to clear the RSB on VMEXIT
3. Unlike EIBRS, no AutoIBRS processors are vulnerable to RETBLEED
4. Unlike EIBRS, AutoIBRS doesn't need
4. eIBRS also considers user/supervisor as well as host/guest modes when
   determining its 'predictor mode', whereas AutoIBRS only affects CPL0.
5. eIBRS also groups CPL0/1/2 together, vs. just CPL0 for AutoIBRS.

why it needs to exist in parallel to EBIRS?

If by 'in parallel' you mean why do these patches not tack AutoIBRS
onto the SPECTRE_V2_EIBRS enum, there's no big reason, other than
now that I've tried to implement it that way, the number of changes
to bugs.c goes from 34 lines changed to 58, mostly due to exceptions
caused by items such as #3 above, and ignoring EIBRS_RETPOLINE and
EIBRS_LFENCE.

I've posted the diff to the 2/3 patch thread, please take a look:

https://lkml.org/lkml/2022/11/7/1462
https://lore.kernel.org/lkml/20221104213651.141057-1-kim.phillips@xxxxxxx/T/#m78ef9bf6a38db8348e0adde3f5ac8b4953200b41

Thanks,

Kim



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux