Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP

Written by Michael Larabel in Linux Security on 27 February 2023 at 06:30 AM EST. 4 Comments
LINUX SECURITY
The Linux kernel since last year has mistakenly left systems relying on the original Indirect Branch Restricted Speculation (IBRS) for Spectre V2 mitigation without Single Threaded Indirect Branch Predictor (STIBP) coverage for cross-HyperThread dealing with this Spectre vulnerability. There is a patch underway that is resolving this issue for Intel Skylake era systems.

Since a change merged last June and being mainlined in Linux 5.19-rc2, there is no STIBP support when IBRS (the original, not to be confused with Intel eIBRS) is engaged. The patch fixing this issue explains:
"When plain IBRS is enabled (not enhanced IBRS), the logic in spectre_v2_user_select_mitigation() determines that STIBP is not needed.

The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit is cleared on returning to userspace for performance reasons which leaves userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.

Exclude IBRS from the spectre_v2_in_ibrs_mode() check to allow for enabling STIBP (through seccomp/prctl() by default or always-on, if selected by spectre_v2_user kernel cmdline parameter)."

So in order to protect user-space threads with STIBP, this patch by Google engineer KP Singh is under review to allow having STIBP enabled with the "legacy" IBRS. Again, this just affects older processors relying on plain IBRS like those from Skylake/Skylake-derived designs. The patch is marked already for back-porting to stable Linux kernel series as well once its mainlined.

Core i5 6500 Skylake


For those on plain IBRS systems, with Linux 6.2 is also where there is the new Call Depth Tracking feature that is less costly than IBRS for mitigating Spectre V2. But still the accumulated performance costs for all these different mitigations particularly on older Skylake era systems remains quite high.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week