Re: [PATCH v4 01/11] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop()

Next message: Catalin Marinas: "Re: [PATCH] arm64: mm: fix direct map use over accounting"
Previous message: Kiryl Shutsemau: "[PATCH] mm/filemap: Fix logic around SIGBUS in filemap_map_pages()"
In reply to: Pawan Gupta: "[PATCH v4 01/11] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop()"
Next in thread: Pawan Gupta: "Re: [PATCH v4 01/11] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nikolay Borisov

Date: Thu Nov 20 2025 - 11:15:36 EST

On 11/20/25 08:17, Pawan Gupta wrote:

Currently, BHB clearing sequence is followed by an LFENCE to prevent
transient execution of subsequent indirect branches prematurely. However,
LFENCE barrier could be unnecessary in certain cases. For example, when
kernel is using BHI_DIS_S mitigation, and BHB clearing is only needed for
userspace. In such cases, LFENCE is redundant because ring transitions
would provide the necessary serialization.

Below is a quick recap of BHI mitigation options:

On Alder Lake and newer

- BHI_DIS_S: Hardware control to mitigate BHI in ring0. This has low
performance overhead.
- Long loop: Alternatively, longer version of BHB clearing sequence
on older processors can be used to mitigate BHI. This
is not yet implemented in Linux.

I find this description of the Long loop on "ALder lake and newer" somewhat confusing, as you are also referring "older processors". Shouldn't the longer sequence bet moved under "On older CPUs" heading? Or perhaps it must be expanded to say that the long sequence could work on Alder Lake and newer CPUs as well as on older cpus?

On older CPUs

- Short loop: Clears BHB at kernel entry and VMexit.

<snip>