ARM64 Mitigation Posted For Spectre 4 / SSBD
Written by Michael Larabel in Security on 22 May 2018 at 11:58 AM EDT. 5 Comments
SECURITY --
Following the Intel/AMD Spectre Variant 4 mitigation landing yesterday with "Speculative Store Bypass Disable" (SSBD) and then the POWER CPU mitigation landing today, ARM developers have posted their set of patches for 64-bit ARM CPUs to mitigate against this latest Spectre vulnerability around speculative execution.

ARM CPUs are hit hard too by the Speculative Store Bypass / Spectre V4 issue and ARM is releasing a firmware update and also has accompanying kernel patches for dealing with it and also allowing the support to be toggled, providing a prctl() back-end that matches the x86 interfaces, and an initial implementation for KVM.
For all released Arm Cortex-A CPUs that are affected by this issue, then the preferred mitigation is simply to set a chicken bit in the firmware during CPU initialisation and therefore no change to Linux is required. Other CPUs may require the chicken bit to be toggled dynamically (for example, when switching between user-mode and kernel-mode) and this is achieved by calling into EL3 via an SMC.

Details via this patch series. It's quite likely this code will land in Linux 4.17 in the very near future and also for back-porting to stable release streams.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Security News
Popular News This Week