[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240716090342.GB19348@willie-the-truck>
Date: Tue, 16 Jul 2024 10:03:42 +0100
From: Will Deacon <will@...nel.org>
To: Chanho Min <chanho.min@....com>
Cc: Catalin Marinas <catalin.marinas@....com>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
Gunho Lee <gunho.lee@....com>
Subject: Re: [PATCH] arm64: set MITIGATE_SPECTRE_BRANCH_HISTORY to n by
default
On Tue, Jul 16, 2024 at 05:51:36PM +0900, Chanho Min wrote:
> lmbench shows 25% performance regression after MITIGATE_SPECTRE_BRANCH_HISTORY
> is enabled. This performance drop may be more significant than mitigating
> the spectre-BHB. This patch changes this security option to disable by default
> and makes it selectable.
>
> - lat_syscall result with MITIGATE_SPECTRE_BRANCH_HISTORY enabled (cortex-a78)
> write call 0.2777 0.2810 0.2824 0.280367
> read call 0.3435 0.3452 0.3443 0.344333
>
> - lat_syscall result with MITIGATE_SPECTRE_BRANCH_HISTORY disabled (cortex-a78)
> write call 0.2101 0.2117 0.2116 0.2111
> read call 0.2732 0.2744 0.2763 0.274633
It's sad, but it's not surprising. Mitigations rarely make things faster.
> Signed-off-by: Chanho Min <chanho.min@....com>
> ---
> arch/arm64/Kconfig | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 5d91259ee7b5..be76f425c060 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1626,7 +1626,7 @@ config UNMAP_KERNEL_AT_EL0
>
> config MITIGATE_SPECTRE_BRANCH_HISTORY
> bool "Mitigate Spectre style attacks against branch history" if EXPERT
> - default y
> + default n
> help
> Speculation attacks against some high-performance processors can
> make use of branch history to influence future speculation.
> --
> 2.17.1
It's better to be safe than sorry, so I think it's right to default
this to 'y'. The mitigation can be disabled on the kernel command-line,
e.g. using the "nospectre_bhb" option.
Will
Powered by blists - more mailing lists