lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <67b9ad70-71ed-44ee-bc45-e02eb75043d2@suse.com>
Date: Fri, 21 Nov 2025 16:18:09 +0200
From: Nikolay Borisov <nik.borisov@...e.com>
To: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, x86@...nel.org,
 David Kaplan <david.kaplan@....com>, "H. Peter Anvin" <hpa@...or.com>,
 Josh Poimboeuf <jpoimboe@...nel.org>, Sean Christopherson
 <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>,
 Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
 Asit Mallick <asit.k.mallick@...el.com>, Tao Zhang <tao1.zhang@...el.com>
Subject: Re: [PATCH v4 09/11] x86/vmscape: Deploy BHB clearing mitigation



On 11/20/25 08:19, Pawan Gupta wrote:
> IBPB mitigation for VMSCAPE is an overkill on CPUs that are only affected
> by the BHI variant of VMSCAPE. On such CPUs, eIBRS already provides
> indirect branch isolation between guest and host userspace. However, branch
> history from guest may also influence the indirect branches in host
> userspace.
> 
> To mitigate the BHI aspect, use clear_bhb_loop().
> 
> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>

<snip>

> @@ -3278,6 +3290,9 @@ static void __init vmscape_apply_mitigation(void)
>   {
>   	if (vmscape_mitigation == VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER)
>   		static_call_update(vmscape_predictor_flush, write_ibpb);
> +	else if (vmscape_mitigation == VMSCAPE_MITIGATION_BHB_CLEAR_EXIT_TO_USER &&
> +		 IS_ENABLED(CONFIG_X86_64))

why the x86_64 dependency ?


> +		static_call_update(vmscape_predictor_flush, clear_bhb_loop);
>   }
>   
>   #undef pr_fmt
> @@ -3369,6 +3384,7 @@ void cpu_bugs_smt_update(void)
>   		break;
>   	case VMSCAPE_MITIGATION_IBPB_ON_VMEXIT:
>   	case VMSCAPE_MITIGATION_IBPB_EXIT_TO_USER:
> +	case VMSCAPE_MITIGATION_BHB_CLEAR_EXIT_TO_USER:
>   		/*
>   		 * Hypervisors can be attacked across-threads, warn for SMT when
>   		 * STIBP is not already enabled system-wide.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ