x86 Straight-Line Speculation Mitigation On Track For Linux 5.17
The recent activity around x86 (x86_64 included) straight-line speculation mitigation handling is set to culminate with this security feature being set for mainline with the upcoming Linux 5.17 cycle.
Recent weeks have seen x86 straight-line speculation mitigations underway by compiler developers and the Linux kernel folks. This is similar to the Arm straight-line speculation "SLS" vulnerability and mitigation of last year but now seeing similar activity on the x86/x86_64 front for Intel and AMD.
The issue at hand is over processors speculatively executing instructions linearly in memory past an unconditional change in control flow. GCC 12 landed its compiler mitigation option and LLVM Clang is doing the same. The compilers are introducing a "-mharden-sls" option to add INT3 instructions after function returns and indirect branches to protect against possible straight-line speculation.
The Linux kernel side patches are basically about enabling this SLS hardening option for kernel builds. The kernel patches enable this hardening when on a supported kernel version (GCC 12+ and presumably Clang 14+) and when using a kernel build with Retpolines (return trampolines) enabled.
Confirming this now for Linux 5.17 is the x86 SLS mitigation patches have been merged into TIP's "x86/core" branch. The SLS option is added with the new "SLS" Kconfig build-time switch. This mitigation has a known consequence of increasing the text size for Linux kernel images by about 2.4% due to the additional instructions generated. The x86/core branch also has the other SLS related patches to objtool, preparing the Assembly code for the mitigation, and other x86 code changes preparing for the SLS mitigation.
Recent weeks have seen x86 straight-line speculation mitigations underway by compiler developers and the Linux kernel folks. This is similar to the Arm straight-line speculation "SLS" vulnerability and mitigation of last year but now seeing similar activity on the x86/x86_64 front for Intel and AMD.
The issue at hand is over processors speculatively executing instructions linearly in memory past an unconditional change in control flow. GCC 12 landed its compiler mitigation option and LLVM Clang is doing the same. The compilers are introducing a "-mharden-sls" option to add INT3 instructions after function returns and indirect branches to protect against possible straight-line speculation.
The Linux kernel side patches are basically about enabling this SLS hardening option for kernel builds. The kernel patches enable this hardening when on a supported kernel version (GCC 12+ and presumably Clang 14+) and when using a kernel build with Retpolines (return trampolines) enabled.
Confirming this now for Linux 5.17 is the x86 SLS mitigation patches have been merged into TIP's "x86/core" branch. The SLS option is added with the new "SLS" Kconfig build-time switch. This mitigation has a known consequence of increasing the text size for Linux kernel images by about 2.4% due to the additional instructions generated. The x86/core branch also has the other SLS related patches to objtool, preparing the Assembly code for the mitigation, and other x86 code changes preparing for the SLS mitigation.
14 Comments