On Wed, 16 Oct 2024 at 15:03, Andrew Cooper [off-list ref] wrote:

That doesn't have the same semantics, does it?

Correct. It just basically makes all positive addresses be force-canonicalized.

If AMD think it's appropriate, then what you probably want is the real
branch as per before (to maintain architectural user behaviour), and
then use a trick such as this one in place of the LFENCE for speed in
the common case.

The problem with the branch is that it really can only branch on the
sign bit - because of LAM.

So with LAM, those bits are pretty much ignored anyway.

quoted

So that barrier really *is* very expensive. Surprisingly so.

7% performance is what it costs to maintain the security barrier we were
sold originally.

Absolutely. And the masking was something that basically says "we get
it all back" (with "all" being just this part, of course - never mind
all the other workarounds).

Forgive me if I think that we (the SW people) are getting the raw end of
the deal here, while vendors keep selling more and more expensive chips
that don't work safely.

I'm 100% with you.

My preference would actually be to do nothing, on the assumption that
the AMD issue is actually impossible to trigger (due to CLAC/STAC
serializing memory address checks - which the timings certainly imply
they do).

But if we have to do magic bit masking, I'd rather it be *fast* magic
bit masking.

               Linus