lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <abe6849b-4bed-4ffc-ae48-7bda3ab0c996@suse.com>
Date: Thu, 20 Nov 2025 18:15:32 +0200
From: Nikolay Borisov <nik.borisov@...e.com>
To: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, x86@...nel.org,
 David Kaplan <david.kaplan@....com>, "H. Peter Anvin" <hpa@...or.com>,
 Josh Poimboeuf <jpoimboe@...nel.org>, Sean Christopherson
 <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>,
 Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
 Asit Mallick <asit.k.mallick@...el.com>, Tao Zhang <tao1.zhang@...el.com>
Subject: Re: [PATCH v4 01/11] x86/bhi: x86/vmscape: Move LFENCE out of
 clear_bhb_loop()



On 11/20/25 08:17, Pawan Gupta wrote:
> Currently, BHB clearing sequence is followed by an LFENCE to prevent
> transient execution of subsequent indirect branches prematurely. However,
> LFENCE barrier could be unnecessary in certain cases. For example, when
> kernel is using BHI_DIS_S mitigation, and BHB clearing is only needed for
> userspace. In such cases, LFENCE is redundant because ring transitions
> would provide the necessary serialization.
> 
> Below is a quick recap of BHI mitigation options:
> 
>    On Alder Lake and newer
> 
>    - BHI_DIS_S: Hardware control to mitigate BHI in ring0. This has low
>                 performance overhead.
>    - Long loop: Alternatively, longer version of BHB clearing sequence
> 	       on older processors can be used to mitigate BHI. This
> 	       is not yet implemented in Linux.

I find this description of the Long loop on "ALder lake and newer" 
somewhat confusing, as you are also referring "older processors". 
Shouldn't the longer sequence bet moved under "On older CPUs" heading? 
Or perhaps it must be expanded to say that the long sequence could work 
on Alder Lake and newer CPUs as well as on older cpus?

> 
>    On older CPUs
> 
>    - Short loop: Clears BHB at kernel entry and VMexit.

<snip>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ