Re: [PATCH] LoongArch: add spectre boundry for syscall dispatch table

Next message: Jinjie Ruan: "Re: [PATCH 03/10] entry: Move irqentry_enter() prototype later"
Previous message: Jinjie Ruan: "Re: [PATCH 02/10] entry: Remove local_irq_{enable,disable}_exit_to_user()"
In reply to: Greg Kroah-Hartman: "Re: [PATCH] LoongArch: add spectre boundry for syscall dispatch table"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Bibo Mao

Date: Tue Apr 07 2026 - 21:20:10 EST

On 2026/4/2 下午10:36, Greg Kroah-Hartman wrote:

On Wed, Mar 25, 2026 at 09:53:09AM +0100, Greg Kroah-Hartman wrote:

On Wed, Mar 25, 2026 at 11:26:29AM +0800, Xi Ruoyao wrote:

On Tue, 2026-03-24 at 17:30 +0100, Greg Kroah-Hartman wrote:

The LoongArch syscall number is directly controlled by userspace, but
does not have a array_index_nospec() boundry to prevent access past
the
syscall function pointer tables.

Cc: Huacai Chen <chenhuacai@xxxxxxxxxx>
Cc: WANG Xuerui <kernel@xxxxxxxxxx>
Assisted-by: gkh_clanker_2000
Cc: stable <stable@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
My scripts caught this as I think LoongArch is vulnerable to the

There's no evidence. The kernel currently report all LoongArch
processors invulnerable to spectre V1 via cpuinfo.

Where is that? In the sysfs files, or in the actual silicon testing?

So NAK unless there's a reproducer of spectre V1 on LoongArch. If so
we'd also need to adjust the cpuinfo output.

I really thought this cpu was vulnerable to this, but if the companies
say it isn't, then great, but reports like this:
https://cc-sw.com/chinese-loongarch-architecture-evaluation-part-3-of-3/
say that the silicon is vulnerable. So, which is it?

Any thoughts about this?

co-ask though it is hard to decide :(

Regards
Bibo Mao

thanks,

greg k-h