AmpereOne Getting Mitigated Against Spectre-BHB With Linux 6.2

Written by Michael Larabel in Arm on 6 November 2022 at 05:00 AM EST. 1 Comment
ARM
Made public earlier this year was Spectre-BHB / BHI as a speculative execution vulnerability similar to Spectre V2 and affecting Intel and Arm CPUs. At the time Neoverse N2 / N1 / V1 and older cores like Cortex-A15 / A57 / A72 were known to be vulnerable and required software mitigations. The upcoming AmpereOne is also vulnerable to Spectre-BHB and has a patch now on its way to the Linux kernel for mitigating this Spectre class vulnerability.

Spectre-BHB targets the CPU's Branch History Buffer and affects a wide range of Arm cores. Arm's documentation around Spectre-BHB can be found via developer.arm.com.

As soon as Spectre-BHB was made public, the Linux kernel began seeing the mitigation fixes. Meanwhile coming with Linux 6.1 is the "nospectre_bhb" option to disable the mitigation. Alibaba at least found the Spectre-BHB mitigation cost too great that they preferred an option to disable this security protection at least among some of their fleet of Arm servers.


Ampere Computing's next-gen, in-house design Arm core, the AmpereOne, turns out is vulnerable to Spectre-BHB. Though that's not really surprising considering Spectre-BHB was only made public earlier this year and the AmpereOne design was firmed up prior to that point.


Queued up via Arm's "for-next/core" branch is adding AmpereOne to the Spectre-BHB affected list. The patch takes care of opting in the Ampere One to Spectre-BHB software mitigations. It's in "for-next" ahead of the Linux 6.2 merge window in December while may also be backpoted to the Linux stable series given it's a "security" fix. As mentioned there is also the new "nospectre_bhb" option for those wanting to disable this mitigation on affected CPU cores if concerned about the performance penalty.
1 Comment
Related News
Some Qualcomm CPUs Left Exposed To Spectre Vulnerabilities On Mainline Linux
Linux 6.13 For ARM64 Brings GCS Support & Protected VMs With Arm CCA
Nice Performance Gains With SVT-AV1 2.3 Encoding On The System76 Thelio Astra
Snapdragon X1 Elite CPUFreq Support Revised In Latest Linux Patches
Linux Support Continues For The Now-Canceled Snapdragon X Elite Dev Kit For Windows
ARM64 SMT Control Patches Updated For The Linux Kernel
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features
NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance
Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries