Re: Spectre mitigation doesn't seem to work at all?!

From: Thomas Gleixner
Date: Mon Jun 04 2018 - 17:25:20 EST


On Mon, 4 Jun 2018, Andreas Hartmann wrote:
> Sorry for a ping - but I think the behavior shown below should really be
> investigated!

There is not much to investigate ...

> > I tested the spectre mitigation of different machines and kernels with
> > https://github.com/crozone/SpectrePoC
> >
> > You can see the results below.
> > My question: Did I miss something?

Yes.

> > My expectation was, that on base of the output of
> > /sys/devices/system/cpu/vulnerabilities/spectre_v* as shown below the
> > problem should be gone away.
> > But the results seem to tell me something other ... .

> > CPU:ÂÂÂ AMD Ryzen 7 1700X Eight-Core Processor
> > Bios:ÂÂ BIOS 4011 04/19/2018 - ibpb is listed in /proc/cpuinfo
> > Kernel: 4.14.44-1.1-default
> > cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
> > Mitigation: Full AMD retpoline, IBPB
> > cat /sys/devices/system/cpu/vulnerabilities/spectre_v1
> > Mitigation: __user pointer sanitization

Looks correct, but irrelevant.

> >
> > Â./spectre.out
> > Using a cache hit threshold of 80.
> > Build: RDTSCP_SUPPORTED MFENCE_SUPPORTED CLFLUSH_SUPPORTED

This is the info you missed:

> > INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED

The whole POC is sniffing on itself and it allows you to compile with
different mitigation enabled or disabled. You disabled both. So it's
expected to succeed.

It does not matter at all which mitigations the kernel has enabled because
they do not affect the user space programm attacking itself. It's just a
demonstrator of the attack technology along with options to demonstrate the
effectiveness of mitigation strategies.

Thanks,

tglx