Announcement

Collapse
No announcement yet.

Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP

    Phoronix: Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP

    The Linux kernel since last year has mistakenly left systems relying on the original Indirect Branch Restricted Speculation (IBRS) for Spectre V2 mitigation without Single Threaded Indirect Branch Predictor (STIBP) coverage for cross-HyperThread dealing with this Spectre vulnerability. There is a patch underway that is resolving this issue for Intel Skylake era systems...

    Linux Inadvertently Has Been Leaving IBRS-Mitigated Systems Without STIBP - Phoronix
    https://www.phoronix.com/news/Linux-IBRS-With-STIBP-Patch
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    The performance impact is so enormous on Skylake that I ended up doing two boot entries on my NixOS setup, with one of them disabling all mitigations. Compilation is atrociously slow otherwise.
    • Likes 3

    Comment

    • #3
      I hate when that happens

      Comment

      • #4
        There was also the bug, that systems had no mitigation after suspend (for quite a long time).
        A lot of people review the code, but it seams so complex that these mistakes just happen.
        • Likes 2

        Comment

        • #5
          On the systems where STIBP should be enabled, but isn't, does that show in /sys/devices/system/cpu/vulnerabilities/spectre_v2 or does the system always claim it's enabled?
          That's my output on a 5900X with Kernel 6.2.:
          Code:
          Mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: always-on, RSB filling, PBRSB-eIBRS: Not affected

          Comment

          Previous template Next
          Working...
          X