64-bit ARM Gets Mitigations For Spectre & Meltdown With Linux 4.16

Written by Michael Larabel in Arm on 30 January 2018 at 03:35 PM EST. 15 Comments
ARM
The 64-bit ARM (ARM64 / AArch64) architecture code changes were mailed in a short time ago for the Linux 4.16 kernel and it includes mitigation work for Spectre and Meltdown CPU vulnerabilities.

The main additions to the ARM64 Linux code for the 4.16 kernel is security changes concerning Variant Two of Spectre and Variant Three (Meltdown). This is the initial work ready for Linux 4.16 at this time while ARM developer Catalin Marinas notes that an improved firmware interface for Variant Two and a method to disable KPTI on ARM64 is coming next week. It's noted that Cavium ThunderX doesn't work with Kernel Page Table Isolation due to hardware erratum.

ARM64 is mitigating Variant Two by invalidating the branch predictor with a call to the secure firmware. The Variant Three "Meltdown" mitigation is being done by implementing Kernel Page Table Isolation (KPTI), similar to the Intel work that landed for Linux 4.15.

Besides this pressing security fixes, the ARM64 code for Linux 4.16 is also getting 52-bit physical address support on ARMv8.2, RAS support, perf subsystem support for the ARM DynamIQ shared unit PMU, and other minor improvements.

The ARM64 feature pull request for Linux 4.16 can be found on the kernel mailing list.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week