diff options
| author | Peter Zijlstra <[email protected]> | 2024-10-14 17:05:48 +0000 |
|---|---|---|
| committer | Dave Hansen <[email protected]> | 2025-05-09 20:36:58 +0000 |
| commit | 872df34d7c51a79523820ea6a14860398c639b87 (patch) | |
| tree | 879a171d40e26b5c2258dea65914eb18b00aeb55 /net/unix/af_unix.c | |
| parent | x86/ibt: Keep IBT disabled during alternative patching (diff) | |
| download | kernel-872df34d7c51a79523820ea6a14860398c639b87.tar.gz kernel-872df34d7c51a79523820ea6a14860398c639b87.zip | |
x86/its: Use dynamic thunks for indirect branches
ITS mitigation moves the unsafe indirect branches to a safe thunk. This
could degrade the prediction accuracy as the source address of indirect
branches becomes same for different execution paths.
To improve the predictions, and hence the performance, assign a separate
thunk for each indirect callsite. This is also a defense-in-depth measure
to avoid indirect branches aliasing with each other.
As an example, 5000 dynamic thunks would utilize around 16 bits of the
address space, thereby gaining entropy. For a BTB that uses
32 bits for indexing, dynamic thunks could provide better prediction
accuracy over fixed thunks.
Have ITS thunks be variable sized and use EXECMEM_MODULE_TEXT such that
they are both more flexible (got to extend them later) and live in 2M TLBs,
just like kernel code, avoiding undue TLB pressure.
Signed-off-by: Peter Zijlstra (Intel) <[email protected]>
Signed-off-by: Pawan Gupta <[email protected]>
Signed-off-by: Dave Hansen <[email protected]>
Reviewed-by: Alexandre Chartre <[email protected]>
Diffstat (limited to 'net/unix/af_unix.c')
0 files changed, 0 insertions, 0 deletions