x86 Straight-Line Speculation Mitigation Patches Updated For Linux

Written by Michael Larabel in Linux Security on 5 December 2021 at 06:13 AM EST. 7 Comments
LINUX SECURITY
A year after Arm processors began mitigating straight-line speculation, Linux developers have been working on similar straight-line speculation mitigations for x86/x86_64 processors.

The past few months we have been seeing Linux kernel and GCC and LLVM/Clang patches around straight-line speculation mitigation for Intel / AMD processors. The issue at hand is over processors speculatively executing instructions linearly in memory past an unconditional change in control flow.

The compilers are adding a "mharden-sls" option to add INT3 instructions after function returns and indirect branches to protect against possible straight-line speculation. On kernel side, the patches being worked on are to make use of the SLS hardening option where present. The patches would enable this hardening when on a supported kernel version (GCC 12+ and presumably Clang 14+) and when using a kernel build with Retpolines (return trampolines) enabled. As this option controls the code generation, it would be just a build-time option and not controllable at run-time for the kernel.


Sent out on Saturday were the latest patches for the kernel around this SLS mitigation handling as mostly a refactoring of the prior proposed changes, which also includes the objtool changes for validating the SLS mitigation handling with speculation traps after indirect calls and RETs. As a known side effect, SLS mitigation for the kernel does increase the text size of the kernel build by around 2.4% due to the additional (INT3) instructions.
7 Comments
Related News
New Linux Patch Lets You Force CPU Bugs/Mitigations Even When Not Vulnerable
Linux To Allow Disabling TPM PCR Integrity Protection Due To Performance Bottleneck
OpenPaX Announced As "Open-Source Alternative To GrSecurity" With Free Kernel Patch
Unauthenticated RCE Flaw With CVSS 9.9 Rating For Linux Systems Affects CUPS
Landlock Sandboxing Now Supports More Controls Around Unix Sockets
Linux 6.12 Adds Build Options For Greater Control Over CPU Security Mitigations
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features
Linux 6.12 Officially Promoted To Being An LTS Kernel