Linux x86 32-bit Is Vulnerable To Retbleed But Don't Expect It To Get Fixed
Last week following the flurry of Linux patches for mitigating this newest speculative execution attack, it was pointed out that Linux x86 32-bit kernels are still vulnerable to Retbleed. It turns out Linaro still has a 32-bit Debian box in their functional test farm and they noted that even with a patched kernel their i386 kernel was still vulnerable to Retbleed attacks.
AMD Zen 1/2 and Intel Skylake era CPUs with Retbleed mitigations are able to run x86_64 software, so the expectation is production users shouldn't be on 32-bit kernels.
Second-in-command Linux kernel developer Greg Kroah-Hartman responded, "That's funny. I don't think that's a valid combination that should be cared about, but I'll leave it to Pawan [of Intel] to comment if it is something that is "real" to be concerned for."
Pawan Gupta responded, "Intel is not aware of production environments that use 32-bit mode on Skylake-gen CPUs. So this should not be a concern."
Peter Zijlstra of Intel added, "Yeah, so far nobody cared to fix 32bit. If someone *realllllly* cares and wants to put the effort in I suppose I'll review the patches, but seriously, you shouldn't be running 32bit kernels on Skylake / Zen based systems, that's just silly."
Basically with it being older Intel and AMD x86_64-native CPUs that were mitigated in the first place for Retbleed, the expectation is you are running an x86_64 software stack. If you are running 32-bit Linux distributions on Skylake and Zen 1/2 era hardware there are larger questions at hand and also missing out on a lot of extra possible performance from making use of x86_64 software.
Queued up today in TIP's x86/speculation branch is a patch that only makes the Retbleed mitigation now configurable for x86_64.
The mitigations for RETBleed are currently ineffective on x86_32 since entry_32.S does not use the required macros. However, for an x86_32 target, the kconfig symbols for them are still enabled by default and /sys/devices/system/cpu/vulnerabilities/retbleed will wrongly report that mitigations are in place.
Make all of these symbols depend on X86_64, and only enable RETHUNK by default on X86_64.
It's possible someone will step up to adapt the Retbleed mitigation code to work on x86 32-bit, but don't hold your breath as really users should be running x86_64 CPUs with x86_64 operating systems in 2022.