Do modern CPUs flush branch predictor state on context switch? https://lkml.org/lkml/2018/1/4/635 … seems to indicate that they don’t. If not, why are we treating process separation as “the thing that fixes Spectre”?
Absent an instruction, I can think of awful brute-force ways to scramble the branch predictor and BTB given sufficient knowledge of how the processor works, but I don’t see why userland couldn’t do that just as well as the kernel can.
-
-
X86 has microcode so they released an update to expose IBPB. On ARM it's a real tragedy. There is an instruction but only in 32-bit mode so you have to go through TZ/HYP to invoke it. Unless your CPU does not support 32-bit mode in which case you do lots of jumps to clear it
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Userland can't know how to do it properly in a futureproof way, even if there are reliable ways accessible from userspace for certain known models.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.