Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs

[PATCH v8 00/10] VMSCAPE optimization for BHI variant · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 01/10] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop() · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 01/10] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop() · Borislav Petkov <bp@alien8.de> · 2026-03-24
Re: [PATCH v8 01/10] x86/bhi: x86/vmscape: Move LFENCE out of clear_bhb_loop() · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Borislav Petkov <bp@alien8.de> · 2026-03-24
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Borislav Petkov <bp@alien8.de> · 2026-03-25
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-03-25
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-26
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-03-26
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Borislav Petkov <bp@alien8.de> · 2026-03-26
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-03-26
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-26
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-28
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-03-28
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-04-01
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-04-01
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-04-01
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Jim Mattson <hidden> · 2026-03-25
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-25
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · David Laight <hidden> · 2026-03-25
Re: [PATCH v8 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-25
[PATCH v8 03/10] x86/bhi: Rename clear_bhb_loop() to clear_bhb_loop_nofence() · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 04/10] x86/vmscape: Rename x86_ibpb_exit_to_user to x86_predictor_flush_exit_to_user · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 04/10] x86/vmscape: Rename x86_ibpb_exit_to_user to x86_predictor_flush_exit_to_user · Sean Christopherson <seanjc@google.com> · 2026-03-31
Re: [PATCH v8 04/10] x86/vmscape: Rename x86_ibpb_exit_to_user to x86_predictor_flush_exit_to_user · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-04-01
[PATCH v8 05/10] x86/vmscape: Move mitigation selection to a switch() · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 06/10] x86/vmscape: Use write_ibpb() instead of indirect_branch_prediction_barrier() · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 07/10] x86/vmscape: Use static_call() for predictor flush · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 07/10] x86/vmscape: Use static_call() for predictor flush · bot+bpf-ci@kernel.org · 2026-03-24
Re: [PATCH v8 07/10] x86/vmscape: Use static_call() for predictor flush · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 08/10] x86/vmscape: Deploy BHB clearing mitigation · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 08/10] x86/vmscape: Deploy BHB clearing mitigation · bot+bpf-ci@kernel.org · 2026-03-24
Re: [PATCH v8 08/10] x86/vmscape: Deploy BHB clearing mitigation · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 09/10] x86/vmscape: Resolve conflict between attack-vectors and vmscape=force · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
[PATCH v8 10/10] x86/vmscape: Add cmdline vmscape=on to override attack vector controls · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-24
Re: [PATCH v8 10/10] x86/vmscape: Add cmdline vmscape=on to override attack vector controls · bot+bpf-ci@kernel.org · 2026-03-24
Re: [PATCH v8 00/10] VMSCAPE optimization for BHI variant · Jon Kohler <hidden> · 2026-03-30
Re: [PATCH v8 00/10] VMSCAPE optimization for BHI variant · Pawan Gupta <pawan.kumar.gupta@linux.intel.com> · 2026-03-30

From: Borislav Petkov <bp@alien8.de>
Date: 2026-03-25 20:38:55
Also in: bpf, kvm, linux-doc, lkml

On Tue, Mar 24, 2026 at 03:13:08PM -0700, Pawan Gupta wrote:

This is cleaner. A few things to consider are, CLEAR_BRANCH_HISTORY that
calls clear_bhb_loop() would be calling into C code very early during the
kernel entry. The code generated here may vary based on the compiler. Any
indirect branch here would be security risk. This needs to be noinstr so
that it can't be hijacked by probes and ftraces.

At kernel entry, calling into C before mitigations are applied is risky.

You can write the above function in asm if you prefer - should still be
easier.

Although call to clear_bhb_loop() will be inserted at the end of the BPF
program before it returns, I am not sure if it is safe to assume that
trashing registers in the path clear_bhb_loop() -> __clear_bhb_loop() is
okay? Especially, when we don't know what code compiler generated for
clear_bhb_loop(). BPF experts would know better?

The compiler would preserve the regs. If you write it in asm and you adhere to
the C ABI, you could preserve them too. Shouldn't be too many.

Thx.


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help