AmpereOne Getting Mitigated Against Spectre-BHB With Linux 6.2

Written by Michael Larabel in Arm on 6 November 2022 at 05:00 AM EST. 1 Comment
ARM
Made public earlier this year was Spectre-BHB / BHI as a speculative execution vulnerability similar to Spectre V2 and affecting Intel and Arm CPUs. At the time Neoverse N2 / N1 / V1 and older cores like Cortex-A15 / A57 / A72 were known to be vulnerable and required software mitigations. The upcoming AmpereOne is also vulnerable to Spectre-BHB and has a patch now on its way to the Linux kernel for mitigating this Spectre class vulnerability.

Spectre-BHB targets the CPU's Branch History Buffer and affects a wide range of Arm cores. Arm's documentation around Spectre-BHB can be found via developer.arm.com.

As soon as Spectre-BHB was made public, the Linux kernel began seeing the mitigation fixes. Meanwhile coming with Linux 6.1 is the "nospectre_bhb" option to disable the mitigation. Alibaba at least found the Spectre-BHB mitigation cost too great that they preferred an option to disable this security protection at least among some of their fleet of Arm servers.


Ampere Computing's next-gen, in-house design Arm core, the AmpereOne, turns out is vulnerable to Spectre-BHB. Though that's not really surprising considering Spectre-BHB was only made public earlier this year and the AmpereOne design was firmed up prior to that point.


Queued up via Arm's "for-next/core" branch is adding AmpereOne to the Spectre-BHB affected list. The patch takes care of opting in the Ampere One to Spectre-BHB software mitigations. It's in "for-next" ahead of the Linux 6.2 merge window in December while may also be backpoted to the Linux stable series given it's a "security" fix. As mentioned there is also the new "nospectre_bhb" option for those wanting to disable this mitigation on affected CPU cores if concerned about the performance penalty.
1 Comment
Related News
Ampere Preparing The ARM64 Linux Kernel To Support Higher CPU Core Counts
Microsoft CBL-Mariner 2.0.20230924 Rebuilds AArch64 Packages Due To That Nasty GCC Bug
Linux 6.6 Adds Support For Intel Agilex 5 FPGAs, Qualcomm Snapdragon 4 Gen 2
Ampere Computing Publishes Guide For Steam Play Games On Their AArch64 Server CPUs
Arm Talks Up Their Open-Source Contributions, Adding Support For Panfrost
Arm Guarded Control Stack "GCS" Patches Debut For The Linux Kernel
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Roundcube Open-Source Webmail Software Merges With Nextcloud
64-bit ARM Linux Kernel Against CPU-Specific Optimizations: "Pretty Unmaintainable"
Firefox 121 Is Looking Good For Having Wayland Enabled By Default
Debian's MIPS64EL CPU Port Is At Risk Due To Declining Hardware Access
The Linux Kernel Preparing To Drop Infrastructure For Old & Obsolete Graphics Drivers
PCSX2 Emulator Disables Wayland Support By Default
LACT Is The Newest AMD Radeon GUI Control Panel For Linux
KDE Is Down To Just One Wayland Showstopper Bug Remaining