|
|
Subscribe / Log in / New account

CET

CET

Posted Jan 16, 2018 22:47 UTC (Tue) by roc (subscriber, #30627)
In reply to: CET by dwmw2
Parent article: Meltdown/Spectre mitigation for 4.15 and beyond

Thanks! That explanation is very helpful. This has some interesting implications.

This implies that a kernel must only enable CET in userspace if it also enables IBRS_ALL successfully.

ld.so, or something else, must reliably detect IBRS_ALL or CET and use the correct thunk.

More worrying, all JITs and handwritten assembly must be modified to detect IBRS_ALL or CET and dynamically switch retpolines on/off. Hardcoded retpolines will not work with CET.

How is userspace going to detect whether to use retpolines? Are there going to be syscalls to detect IBRS_ALL and/or CET? Or some other technique?

to post comments

CET

Posted Jan 17, 2018 7:33 UTC (Wed) by dwmw2 (subscriber, #2063) [Link]

Userspace? What's that? Er... yes, I confess I hadn't got much past getting the kernel to do the right thing.

I suspect we'll find JITs and handwritten assembly that are going to need fixing for CET anyway. But this one is *conditional*. Maybe a flag in the auxvec to say we have CET or IBRS_ALL.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds