S390 Architecture Gets Spectre Mitigation With "Expoline" & Other Patches

Written by Michael Larabel in Hardware on 9 February 2018 at 08:38 AM EST. 5 Comments
Even IBM System/390 "Linux on z" systems are prone to the Spectre security vulnerability. But with Linux 4.16, s390 is getting its initial Spectre Variant One and Two mitigation.

Linux on x86_64 has Retpoline for mitigating Spectre Variant Two while the s390 form of this is being called Expoline. The s390 architecture has no return instruction, so it's not "return trampolines" (Retpolines) but rather like an Execute Trampoline (Expoline).

The Expoline implementation for indirect branches uses an execute-type instruction with the indirect branch as the target of the execute, thereby turning off prediction for the indirect branch. There is also patches to scrub registers that contain user-controlled values to prevent the speculative use of those values.

The s390 code also has an array_index_mask_nospec function for defending against Spectre Variant One. There are also patches for new PPA-12/PPA-13 instructions to run the kernel and/or user-space with reduced branch prediction.

The complete list of s390 architecture changes for the Linux 4.16 kernel merge window can be found via this pull request.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week