Re: [PATCH v3 5/6] x86/bugs: Don't fill RSB on context switch with eIBRS

From: Nikolay Borisov
Date: Tue Apr 08 2025 - 09:56:06 EST




On 2.04.25 г. 21:19 ч., Josh Poimboeuf wrote:
User->user Spectre v2 attacks (including RSB) across context switches
are already mitigated by IBPB in cond_mitigation(), if enabled globally
or if either the prev or the next task has opted in to protection. RSB
filling without IBPB serves no purpose for protecting user space, as
indirect branches are still vulnerable.

User->kernel RSB attacks are mitigated by eIBRS. In which case the RSB
filling on context switch isn't needed, so remove it.

Suggested-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
Reviewed-by: Amit Shah <amit.shah@xxxxxxx>
Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>

Reviewed-by: Nikolay Borisov <nik.borisov@xxxxxxxx>