[PATCH] riscv, bpf: Emit fence.i for BPF_NOSPEC
Lukas Gerlach
lukas.gerlach at cispa.de
Wed Jan 7 01:54:05 PST 2026
Hi Luis,
thanks for the feedback and pointer to the powerpc implementation.
Regarding bpf_jit_bypass_spec_v1/v4(): currently this is per-architecture.
What we need is per-processor granularity, so we can disable mitigations
on in-order cores and keep them enabled on vulnerable out-of-order processors.
Regarding fence.i being an extension: all RISC-V processors supported by the
kernel that are vulnerable to these attacks support this instruction. Also,
if a dedicated speculation barrier becomes available in the future, it would
be easy to switch to that.
Thanks,
Lukas
More information about the linux-riscv
mailing list