Linux Fixes Spectre V1 SWAPGS Mitigation After Being Partially Borked Since Last Year

Written by Michael Larabel in Linux Security on 5 December 2021 at 08:16 AM EST. 4 Comments
LINUX SECURITY
This week's set of "x86/urgent" changes for the Linux 5.16-rc4 kernel due out later today has some Spectre V1 fixes after kernel commits last year ended up partially messing things up around its SWAPGS handling. These fixes in turn will also likely be back-ported to relevant stable kernel series.

Thanks to an Alibaba engineer, Lai Jiangshan, are some important fixes around the Spectre V1 SWAPGS mitigation that are landing today in the mainline kernel.

First up is a patch for a missing fence for the kernel entry SWAPGS within the paranoid_entry path. A change to the mainline kernel last year ended up regressing the Spectre V1 SWAPGS mitigations with a missing fence in this path. That linked patch has all of the details. More background information on the Spectre V1 SWAPGS mitigation handling for the Linux kernel is outlined in the original code from 2019 when the Spectre V1 SWAPGS mitigations were merged after CVE-2019-1125 and friends were made public.

Also part of today's pull request is this fix over using the correct fence macro. The proper fence macro is now used for making sure speculation is blocked.

A third patch today by Lai Jiangshan has an important Xen fix too for potential stack clobbering that was discovered along the SWAPGS path.


The SWAPGS fencing issues along with other x86 fixes were sent in this morning as part of this pull request. The Spectre V1 SWAPGS vulnerability/mitigation affects Intel CPUs from Ivy Bridge and newer with Alder Lake still relying on the SWAPGS/usercopy barriers.
4 Comments
Related News
New Linux Patch Lets You Force CPU Bugs/Mitigations Even When Not Vulnerable
Linux To Allow Disabling TPM PCR Integrity Protection Due To Performance Bottleneck
OpenPaX Announced As "Open-Source Alternative To GrSecurity" With Free Kernel Patch
Unauthenticated RCE Flaw With CVSS 9.9 Rating For Linux Systems Affects CUPS
Landlock Sandboxing Now Supports More Controls Around Unix Sockets
Linux 6.12 Adds Build Options For Greater Control Over CPU Security Mitigations
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features