[PATCH] riscv, bpf: Emit fence.i for BPF_NOSPEC
Lukas Gerlach
lukas.gerlach at cispa.de
Thu Jan 15 05:13:39 PST 2026
Thanks for the discussion.
I agree with Paul that waiting for the TG to complete is not practical
given the timeline. There are vulnerable cores in silicon now.
On fence.i's effectiveness: Stefan and Ved are correct that it only
architecturally guarantees a retirement barrier. However, we tested
fence.i on C910/C920 and P550 and found it does prevent Spectre-PHT
attacks on these cores because they drain the pipeline.
On performance: on the cores we tested, fence.i flushes the instruction
cache, so the overhead is significant. The barrier should be configurable
per-microarchitecture. In-order cores like U74 and C906 are not vulnerable
and don't need it.
More broadly, getting selectable per-microarchitecture mitigations in
place for RISC-V now seems valuable. Implementations vary significantly
and will likely need different mitigation strategies going forward.
Lukas
More information about the linux-riscv
mailing list