DragonFlyBSD Gets Better Hardened Against CPU Speculative Execution Bugs

Written by Michael Larabel in BSD on 12 June 2018 at 05:36 AM EDT. 1 Comment
BSD
While the DragonFlyBSD kernel has already landed its mitigation for Spectre V1/V2 and Meltdown CPU vulnerabilities, a fresh round of CPU bug hardening work was just merged into their kernel.

This latest CPU bug hardening primarily revolves around a rumor that the contents of floating point registers owned by another process could be speculatively detected when they are present for the running process. Intel hasn't communicated clearly over this FP register speculation, so OpenBSD already decided to rework some of their code as a safeguard and now DragonFlyBSD has too.

As part of the latest DragonFly patches is now a machdep.px_fpu_heuristic setting to proactively disable FPU state loading, to enable proactive FPU state loading at all time, or to allow FPU state loading for a specified number of context switches. All the details via this patch.

There is also a second patch to address speculative execution of instructions using data from registered that still contain user-space controlled content. The fix for that patch is clearing all user registers after saving them for syscalls/exceptions/interrupts as well as zeroing out some of them.

This work is currently in the DragonFlyBSD 5.3 series ahead of the DragonFlyBSD 5.4 stable release.
1 Comment
Related News
NetBSD 9.4 Released With Security & Stability Fixes
OpenBSD 7.5 Released - Faster Performance For Many-Core ARM Servers
NetBSD 10.0 Released With Much Improved Hardware Support & Faster Performance
FreeBSD 13.3 Released With Better WiFi Support, LLVM objdump Added
NetBSD 10.0 Should Be Released Soon - Likely Last RC Debuts
FreeBSD 13.3-RC1 Improves WiFi Stability, Takes Care Of Some Kernel Panics
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Fedora Linux 40 Available For Download As A Wonderful Upgrade
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
MPV 0.38 Media Player Released With New Options & Fixes