Linux Fixes Spectre V1 SWAPGS Mitigation After Being Partially Borked Since Last Year

Written by Michael Larabel in Linux Security on 5 December 2021 at 08:16 AM EST. 4 Comments
LINUX SECURITY
This week's set of "x86/urgent" changes for the Linux 5.16-rc4 kernel due out later today has some Spectre V1 fixes after kernel commits last year ended up partially messing things up around its SWAPGS handling. These fixes in turn will also likely be back-ported to relevant stable kernel series.

Thanks to an Alibaba engineer, Lai Jiangshan, are some important fixes around the Spectre V1 SWAPGS mitigation that are landing today in the mainline kernel.

First up is a patch for a missing fence for the kernel entry SWAPGS within the paranoid_entry path. A change to the mainline kernel last year ended up regressing the Spectre V1 SWAPGS mitigations with a missing fence in this path. That linked patch has all of the details. More background information on the Spectre V1 SWAPGS mitigation handling for the Linux kernel is outlined in the original code from 2019 when the Spectre V1 SWAPGS mitigations were merged after CVE-2019-1125 and friends were made public.

Also part of today's pull request is this fix over using the correct fence macro. The proper fence macro is now used for making sure speculation is blocked.

A third patch today by Lai Jiangshan has an important Xen fix too for potential stack clobbering that was discovered along the SWAPGS path.


The SWAPGS fencing issues along with other x86 fixes were sent in this morning as part of this pull request. The Spectre V1 SWAPGS vulnerability/mitigation affects Intel CPUs from Ivy Bridge and newer with Alder Lake still relying on the SWAPGS/usercopy barriers.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week