Linux 6.9-rc4 To Bring New Fixes For x86 Speculation Mitigations

Written by Michael Larabel in Linux Security on 14 April 2024 at 06:21 AM EDT. Add A Comment
LINUX SECURITY
The Linux 6.9-rc4 weekly test release is due out later today and ahead of that this week's "x86/urgent" material has been sent in that includes several patches for various x86 speculation mitigation fixes.

For the Native BHI mitigation that landed last week for Intel processors there are a few fixes to that code with 6.9-rc4. The Branch History Injection (BHI) documentation has been cleared up to address some inaccuracies in the descriptions, there is a fix for BHI handling of RRSBA (Restricted RSB Alternate for newer Intel CPUs), and the spectre_bhi=auto / CONFIG_BHI_MITIGATION_AUTO path has been removed. The Spectre BHI "auto" mode doesn't make much sense since it only mitigates on newer Intel systems while leaving older Intel CPUs vulnerable. So it's better just relying on "spectre_bhi=on" instead of "auto".

More broadly in the x86 speculation mitigation world, Linux 6.9-rc4 has a fix to actually turn off the CPU security mitigations by default for kernel builds using the CONFIG_SPECULATION_MITIGATIONS Kconfig switch to force off the mitigations. A one-liner fix is needed since right now SPECULATION_MITIGATIONS=n on existing kernels still puts the kernel into the "auto" mitigation mode contrary to the Kconfig intention.

Linux disable mitigations fix


More details on this week's x86 urgent fixes via this pull ahead of Linux 6.9-rc4 being released in roughly twelve hours.
Add A Comment
Related News
Linux 6.9-rc6 To Fix Accidentally Disabling Mitigations By Default For Non-x86 CPUs
Linux BHI Mitigation Being Tweaked Following 12% Database Performance Hit
Linux Kernel Patched For Branch History Injection "BHI" Intel CPU Vulnerability
GitHub Disables The XZ Repository Following Today's Malicious Disclosure
XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access
Linux 6.9 Sees Further Security Hardening
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Ubuntu 24.04 LTS Downloads Now Available
Rust-Based Coreutils 0.0.26 Increases Compatibility With GNU Coreutils
Proton 9.0 RC2 Makes More Windows Games Playable On Linux, Other Fixes