Announcement

Collapse
No announcement yet.

Linux May Flip On Indirect Branch Tracking By Default (IBT)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux May Flip On Indirect Branch Tracking By Default (IBT)

    Phoronix: Linux May Flip On Indirect Branch Tracking By Default (IBT)

    A new patch floated by a Google Chrome OS / Linux kernel engineer would enable support for the Intel-led Indirect Branch Tracking (IBT) by default as part of the standard kernel configuration for this security feature...

    https://www.phoronix.com/news/Linux-...-Default-Patch

  • #2
    Anyone know if AMD has a similar feature?

    Comment


    • #3
      What a mess this is.
      I usually have no troubles understanding lowlevel bits.
      But all these different types of vulns... mapped over different archs and implementations.
      With fixes variants ranging from hw to various software fixes working totally differently..

      My head screams in variable mapping agony.

      Comment


      • #4
        I learned that IBT existed when I updated the kernel and it broke the nvidia driver. :-/

        Comment


        • #5
          Originally posted by kylew77 View Post
          Anyone know if AMD has a similar feature?
          Since Zen3

          Comment


          • #6
            IBT broke VirtualBox the last time I tried it. Could be fixed by now. Should, even...

            Comment


            • #7
              Originally posted by mlau View Post

              Since Zen3
              Does that mean Zen3 and newer CPU will also benefit from this patch? Or does the kernel needs another patch for them?

              Comment


              • #8
                Originally posted by petete View Post
                I learned that IBT existed when I updated the kernel and it broke the nvidia driver. :-/
                Yeah, Arch enabled this a while ago and it prevented the Nvidia driver from loading for me too. Fortunately, the fix is as easy as passing ibt=off to the kernel. Of course, for security reasons, I'd rather I didn't have to.

                Comment


                • #9
                  Originally posted by mlau View Post

                  Since Zen3
                  Glares at my Zen2 CPU for yet another shortcoming

                  Comment


                  • #10
                    Originally posted by mlau View Post

                    Since Zen3
                    Not quite. Zen3 only supports Shadow Stack, not IBT. IBT support will arrive with Zen4

                    Comment

                    Working...
                    X