Linus Torvalds Adapts Linux User Address Masking To Use CMOV
([Linux Kernel] 5 Hours Ago
CMOV User Address Masking)
- Reference: 0001520239
- News link: https://www.phoronix.com/news/Linus-Linux-CMOV-Address-Mask
- Source link:
In addition to merging a number of the pull requests yesterday for the start of the [1]Linux 6.14 cycle, Linux creator Linus Torvalds did merge some of his own new code as well. While his time these days working on new kernel code itself is more limited with managing the ever-growing upstream kernel community, he has managed some notable items in recent times like [2]addressing ARM64 kernel annoyances and [3]some performance optimizations .
For kicking off the Linux 6.14 cycle, Torvalds landed a patch he authored to begin making use of the CMOV instruction on x86/x86_64 systems for user address masking. In place of an SBB and OR Assembly, he switches to using the conditional move (CMOV) instructions.
This action follows [4]this kernel mailing list thread from December that suggested using CMOV for the user address masking code in order to fix an issue that cropped up as well as being shorter than SBB and OR.
Torvalds explains in [5]the patch switching to CMOV for user address masking:
"This was a suggestion by David Laight, and while I was slightly worried that some micro-architecture would predict cmov like a conditional branch, there is little reason to actually believe any core would be that broken.
Intel documents that their existing cores treat CMOVcc as a data dependency that will constrain speculation in their "Speculative Execution Side Channel Mitigations" whitepaper:
"Other instructions such as CMOVcc, AND, ADC, SBB and SETcc can also be used to prevent bounds check bypass by constraining speculative execution on current family 6 processors (Intel® Core™, Intel® Atom™, Intel® Xeon® and Intel® Xeon Phi™ processors)"
and while that leaves the future uarch issues open, that's certainly true of our traditional SBB usage too.
Any core that predicts CMOV will be unusable for various crypto algorithms that need data-independent timing stability, so let's just treat CMOV as the safe choice that simplifies the address masking by avoiding an extra instruction and doesn't need a temporary register."
And now it's part of the early Linux 6.14 kernel code.
[1] https://www.phoronix.com/search/Linux+6.14
[2] https://www.phoronix.com/news/Torvalds-ARM64-Compress-Kernel
[3] https://www.phoronix.com/news/Torvalds-Runtime-Const-6.11
[4] https://lore.kernel.org/lkml/e654a20c9045487eaacbd256f584ce45@AcuMS.aculab.com/
[5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=91309a70829d94c735c8bb1cc383e78c96127a16
For kicking off the Linux 6.14 cycle, Torvalds landed a patch he authored to begin making use of the CMOV instruction on x86/x86_64 systems for user address masking. In place of an SBB and OR Assembly, he switches to using the conditional move (CMOV) instructions.
This action follows [4]this kernel mailing list thread from December that suggested using CMOV for the user address masking code in order to fix an issue that cropped up as well as being shorter than SBB and OR.
Torvalds explains in [5]the patch switching to CMOV for user address masking:
"This was a suggestion by David Laight, and while I was slightly worried that some micro-architecture would predict cmov like a conditional branch, there is little reason to actually believe any core would be that broken.
Intel documents that their existing cores treat CMOVcc as a data dependency that will constrain speculation in their "Speculative Execution Side Channel Mitigations" whitepaper:
"Other instructions such as CMOVcc, AND, ADC, SBB and SETcc can also be used to prevent bounds check bypass by constraining speculative execution on current family 6 processors (Intel® Core™, Intel® Atom™, Intel® Xeon® and Intel® Xeon Phi™ processors)"
and while that leaves the future uarch issues open, that's certainly true of our traditional SBB usage too.
Any core that predicts CMOV will be unusable for various crypto algorithms that need data-independent timing stability, so let's just treat CMOV as the safe choice that simplifies the address masking by avoiding an extra instruction and doesn't need a temporary register."
And now it's part of the early Linux 6.14 kernel code.
[1] https://www.phoronix.com/search/Linux+6.14
[2] https://www.phoronix.com/news/Torvalds-ARM64-Compress-Kernel
[3] https://www.phoronix.com/news/Torvalds-Runtime-Const-6.11
[4] https://lore.kernel.org/lkml/e654a20c9045487eaacbd256f584ce45@AcuMS.aculab.com/
[5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=91309a70829d94c735c8bb1cc383e78c96127a16
Volta