Initial SpectreRSB Support Queued For Merging Into The Mainline Linux Kernel

Written by Michael Larabel in Linux Security on 31 July 2018 at 05:32 AM EDT. Add A Comment
LINUX SECURITY
Last week "SpectreRSB" was detailed as a new Spectre Variant Two like attack affecting modern processors. A Linux kernel patch was quick to materialize and now it's been staged for merging soon into the mainline Linux kernel.

Spectre Return Stack Buffer is just one of the newest speculative execution vulnerabilities affecting at least Intel CPUs. Researchers at the University of California were able to exploit SpectreRSB into leaking private data protected by Intel SGX (Software Guard Extensions) and that these return stack buffer attacks could be process-process or even inter-VM.

Last week an initial SpectreRSB patch for Linux was published for protecting against userspace-userspace form of these attacks. That patch by SUSE's Jiri Kosina is now queued in the x86/pti tree, one step away from the mainline kernel. This patch works by always filling the return stack buffer on context switches when Spectre V2 mitigation is enabled.

This SpectreRSB patch should be merged soon to mainline when Thomas Gleixner sends in his next pull request. The small patch is also copied for being back-ported to existing kernel series stable branches, so soon enough you should find it on your Linux system(s).
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week