Re: [PATCH] x86/fred: Correct speculative safety in fred_extint()

Next message: Babu Moger: "Re: [v3 PATCH 1/1] x86/resctrl: Add &quot;*&quot; shorthand to set io_alloc CBM for all domains"
Previous message: Jason Gunthorpe: "Re: [PATCH v2 0/5] iommu/vt-d: Ensure memory ordering in context &amp; root entry updates"
In reply to: Peter Zijlstra: "Re: [PATCH] x86/fred: Correct speculative safety in fred_extint()"
Next in thread: H. Peter Anvin: "Re: [PATCH] x86/fred: Correct speculative safety in fred_extint()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andrew Cooper

Date: Tue Jan 06 2026 - 11:46:47 EST

On 06/01/2026 3:20 pm, Peter Zijlstra wrote:
> On Tue, Jan 06, 2026 at 01:15:04PM +0000, Andrew Cooper wrote:
>> This is why we have array_access_nospec() in Xen, so you can't separate the
>> safety calculation from the array access.
>>
>> The observant reader might notice that the result of reading sysvec_table[] is
>> also subject to memory predictions. Aren't CPUs wonderful...
>>
>> In practice, even having array_index_nospec() part of the array access
>> expression is no guarantee of avoiding spilling to the stack. KASAN is liable
>> to hide a function call behind the scenes, while UBSAN is very good at
>> inserting it's own unsafe range checks around objects it knows the size of.
>> Aren't compilers wonderful...
> Yeah, then again nobody should be running *SAN kernels in production,
> right ;-)

Aren't distros wonderful...

~Andrew