Linux 4.17 Lands Initial Spectre V4 "Speculative Store Bypass" For POWER CPUs

Initial mitigation work landed in the Linux 4.17 Git tree with this affecting the newest POWER9 CPUs and at least back through POWER7 that they are aware of. The commit explains:
On some CPUs we can prevent a vulnerability related to store-to-load forwarding by preventing store forwarding between privilege domains, by inserting a barrier in kernel entry and exit paths.
This is known to be the case on at least Power7, Power8 and Power9 powerpc CPUs.
Barriers must be inserted generally before the first load after moving to a higher privilege, and after the last store before moving to a lower privilege, HV and PR privilege transitions must be protected.
Barriers are added as patch sections, with all kernel/hypervisor entry points patched, and the exit points to lower privilge levels patched similarly to the RFI flush patching.
Firmware advertisement is not implemented yet, so CPU flush types are hard coded.
My Intel/AMD Spectre V4 SSB benchmarking is currently ongoing, results will likely be out in a few hours for the initial impact numbers.
2 Comments