A Lot Of Spectre Changes Land In The Linux 4.19 Git Tree, Possible Performance Impact
Written by Michael Larabel in Security on 14 August 2018 at 12:30 PM EDT. 6 Comments
SECURITY --
"The Speck [Spectre slang, not to be confused with the controversial NSA algo] brigade sadly provides yet another large set of patches destroying the perfomance which we carefully built and preserved," began the latest x86/pti pull request by kernel maintainer Thomas Gleixner.

This batch of x86/pti patches is some of the most work we've seen on the Meltdown/Spectre front in months. Included with this new work targeting the Linux 4.19 kernel is:

- Enhanced IBRS(Indirect Branch Restricted Speculation) that will be available with future Intel CPUs as a simpler and more efficient approach to IBRS from current Intel x86 processors. Enhanced IBRS will be used by default on these future Intel CPUs and should help lessen the performance impact of Spectre Variant Two mitigation compared to Retpolines or the current IBRS. Gleixner commented, "Unfortunately we dont know the performance impact of this, but it's expected to be less horrible than the IBRS hammering."


- There is now page table isolation (PTI/KPTI) support for 32-bit PAE hardware for Meltdown mitigation. A few weeks ago I tested that 32-bit Linux PTI code in 32-Bit Linux Prepares For Performance Hit Due To KPTI For Meltdown Mitigation to look at the performance hit with old hardware.

- Fixes to global bit mechanics for CPUs without PCID (Process Context Identifiers) were "exposing interesting memory needlessly."

- Initial SpectreRSB mitigation for mitigating the Return Stack Buffer vulnerability in userspace-userspace form of this attack vector.

There are also other clean-ups and changes as part of the roughly thousand lines of code churn for x86/pti this cycle. I'll be running my usual kernel benchmarks once the current merge window has passed later this month.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Security News
Popular News This Week