lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20260211213549.1837bb50@pumpkin>
Date: Wed, 11 Feb 2026 21:35:49 +0000
From: David Laight <david.laight.linux@...il.com>
To: Andrew Cooper <andrew.cooper3@...rix.com>
Cc: ubizjak@...il.com, bp@...en8.de, dave.hansen@...ux.intel.com,
 hpa@...or.com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
 mingo@...nel.org, pbonzini@...hat.com, seanjc@...gle.com, tglx@...nel.org,
 x86@...nel.org
Subject: Re: [PATCH 1/2] KVM: VMX: Drop obsolete branch hint prefixes from
 inline asm

On Wed, 11 Feb 2026 13:55:35 +0000
Andrew Cooper <andrew.cooper3@...rix.com> wrote:

> On 11/02/2026 1:43 pm, David Laight wrote:
> > On Wed, 11 Feb 2026 10:57:31 +0000
> > Andrew Cooper <andrew.cooper3@...rix.com> wrote:
> >  
> >>> Remove explicit branch hint prefixes (.byte 0x2e / 0x3e) from VMX
> >>> inline assembly sequences.
> >>>
> >>> These prefixes (CS/DS segment overrides used as branch hints on
> >>> very old x86 CPUs) have been ignored by modern processors for a
> >>> long time. Keeping them provides no measurable benefit and only
> >>> enlarges the generated code.    
> >> It's actually worse than this.
> >>
> >> The branch-taken hint has new meaning in Lion Cove cores and later,
> >> along with a warning saying "performance penalty for misuse".
> >>
> >> i.e. "only insert this prefix after profiling".  
> > Don't they really have much the same meaning as before?  
> 
> Architecturally yes, microarchitecturally very much not.
> 
> For a branch known to the predictor, there is no effect.  If a branch
> unknown to the predictor gets decoded, it triggers a frontend flush and
> resteer.

That'll be 'decoded taken'.
I suspect that it is less 'painful' than a normal mispredict since it happens
as lot earlier.
Of course, if you get it wrong, there will be a mispredict penalty as well.

	David

> It is only useful for programs large enough to exceed the working set of
> the conditional predictor, and for which certain branches are known to
> be ~always taken.
> 
> Putting the prefix on a branch that isn't ~always taken is worse than
> not having the prefix in the first place, hence the warning.
> 
> ~Andrew
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ