Module spectre

Expand description

Retpoline / Spectre Mitigations

Provides software and hardware mitigations for Spectre-class speculative execution vulnerabilities.

bounds_mask: branchless index clamping that produces a safe index even under mis-speculation.
speculation_barrier: serialising instruction that halts speculative execution past this point.

IBRS (Indirect Branch Restricted Speculation): restricts speculative targets of indirect branches to a curated set.
IBPB (Indirect Branch Prediction Barrier): flushes the Branch Target Buffer on context switches.
STIBP (Single Thread Indirect Branch Predictors): prevents cross-SMT branch-target poisoning.
Retpoline: compiler-based mitigation that replaces indirect calls with a construct that never speculatively follows the real target.

x86_64: IBRS/IBPB/STIBP via IA32_SPEC_CTRL (MSR 0x48) and IA32_PRED_CMD (MSR 0x49). Feature detection through CPUID leaf 7.
AArch64: CSV2 (Cache Speculation Variant 2) detection via ID_AA64PFR0_EL1. Barriers via DSB SY + ISB.
RISC-V: FENCE.I as speculation barrier.

Constants§

RETPOLINE_ENABLED: Whether retpoline (compiler-level Spectre v2 mitigation) is active.

bounds_mask: Branchless bounds mask for Spectre v1 mitigation.
enable_ibrs: Enable IBRS (Indirect Branch Restricted Speculation).
enable_stibp: Enable STIBP (Single Thread Indirect Branch Predictors).
flush_btb: Flush the Branch Target Buffer (issue IBPB).
has_ibpb: Returns true if IBPB is supported by the CPU.
has_ibrs: Returns true if IBRS is supported by the CPU.
has_stibp: Returns true if STIBP is supported by the CPU.
init: Detect and enable Spectre mitigations.
is_hw_mitigated: Returns true if the CPU has hardware-level Spectre mitigations.
is_ibrs_enabled: Returns true if IBRS is currently enabled.
safe_index: Safe array index that clamps to zero under mis-speculation.
speculation_barrier: Insert a full speculation barrier.