Re: [PATCH 5/7] x86/bugs: Only harden syscalls when needed

From: Nikolay Borisov
Date: Thu Apr 11 2024 - 02:20:40 EST

Next message: Paolo Abeni: "Re: [PATCH net] crypto: chtls: Fix possible null pointer dereferences"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v2 2/4] dt-bindings: PCI: mediatek,mt7621: add missing child node reg"
In reply to: Josh Poimboeuf: "[PATCH 5/7] x86/bugs: Only harden syscalls when needed"
Next in thread: Josh Poimboeuf: "Re: [PATCH 5/7] x86/bugs: Only harden syscalls when needed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11.04.24 г. 8:40 ч., Josh Poimboeuf wrote:

Syscall hardening (i.e., converting the syscall indirect branch to a
series of direct branches) may cause performance regressions in certain
scenarios. Only use the syscall hardening when indirect branches are
considered unsafe.

Fixes: 1e3ad78334a6 ("x86/syscall: Don't force use of indirect calls for system calls")
Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>

Why fiddle with syscall mechanism if the bhb scrubbing sequence mitigates bhb? AFAIU (correct me if I'm wrong) the original idea was to have use syscall hardening instead of the BHB sequence but since it became clear that's not sufficient bhb scrubbing completely subsumes the direct branch approach in the syscall handler?

<snip>

Next message: Paolo Abeni: "Re: [PATCH net] crypto: chtls: Fix possible null pointer dereferences"
Previous message: Krzysztof Kozlowski: "Re: [PATCH v2 2/4] dt-bindings: PCI: mediatek,mt7621: add missing child node reg"
In reply to: Josh Poimboeuf: "[PATCH 5/7] x86/bugs: Only harden syscalls when needed"
Next in thread: Josh Poimboeuf: "Re: [PATCH 5/7] x86/bugs: Only harden syscalls when needed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]