On Tue, Nov 12, 2024 at 01:43:48PM -0800, Pawan Gupta wrote:
> On Mon, Nov 11, 2024 at 05:46:44PM -0800, Josh Poimboeuf wrote:
> > + * 1) RSB underflow ("Intel Retbleed")
> > *
> > * Some Intel parts have "bottomless RSB". When the RSB is empty,
> > * speculated return targets may come from the branch predictor,
> > * which could have a user-poisoned BTB or BHB entry.
> > *
> > - * AMD has it even worse: *all* returns are speculated from the BTB,
> > - * regardless of the state of the RSB.
> > + * When IBRS or eIBRS is enabled, the "user -> kernel" attack is
> > + * mitigated by the IBRS branch prediction isolation properties, so
> > + * the RSB buffer filling wouldn't be necessary to protect against
> > + * this type of attack.
> > *
> > - * When IBRS or eIBRS is enabled, the "user -> kernel" attack
> > - * scenario is mitigated by the IBRS branch prediction isolation
> > - * properties, so the RSB buffer filling wouldn't be necessary to
> > - * protect against this type of attack.
> > + * The "user -> user" attack is mitigated by RSB filling on context
> > + * switch.
>
> user->user SpectreRSB is also mitigated by IBPB, so RSB filling is
> unnecessary when IBPB is issued. Also, when an appication does not opted-in
> for IBPB at context switch, spectre-v2 for that app is not mitigated,
> filling RSB is only a half measure in that case.
>
> Is RSB filling really serving any purpose for userspace?
Indeed...
If we don't need to flush RSB for user->user, we'd only need to worry
about protecting the kernel. Something like so?
- eIBRS+!PBRSB: no flush
- eIBRS+PBRSB: lite flush
- everything else: full flush
i.e., same logic as spectre_v2_determine_rsb_fill_type_at_vmexit(), but
also for context switches.
--
Josh
