ARM64 Mitigation Posted For Spectre 4 / SSBD

Written by Michael Larabel in Linux Security on 22 May 2018 at 11:58 AM EDT. 5 Comments
Following the Intel/AMD Spectre Variant 4 mitigation landing yesterday with "Speculative Store Bypass Disable" (SSBD) and then the POWER CPU mitigation landing today, ARM developers have posted their set of patches for 64-bit ARM CPUs to mitigate against this latest Spectre vulnerability around speculative execution.

ARM CPUs are hit hard too by the Speculative Store Bypass / Spectre V4 issue and ARM is releasing a firmware update and also has accompanying kernel patches for dealing with it and also allowing the support to be toggled, providing a prctl() back-end that matches the x86 interfaces, and an initial implementation for KVM.
For all released Arm Cortex-A CPUs that are affected by this issue, then the preferred mitigation is simply to set a chicken bit in the firmware during CPU initialisation and therefore no change to Linux is required. Other CPUs may require the chicken bit to be toggled dynamically (for example, when switching between user-mode and kernel-mode) and this is achieved by calling into EL3 via an SMC.

Details via this patch series. It's quite likely this code will land in Linux 4.17 in the very near future and also for back-porting to stable release streams.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week