The Complete AMD Spectre Mitigation Strategy Guide Rev. 2.0

Spread the love


Intel have been rushing out their Meltdown and Spectre patches (with some unfortunate side effects), but what about AMD? We present to you – The AMD Spectre Mitigation Strategy Guide!

Article Update History

Click here for the Article Update History

Updated @ 2018-02-28 : Added a new page on the AMD Spectre 2 hardware mitigation options.

Originally posted @ 2018-02-01


Only Spectre

Now that the dust has settled, we know that AMD processors are completely invulnerable to Meltdown, but are vulnerable to both Spectre exploits. Therefore, AMD only needs to mitigate against the two Spectre exploits.

  • Variant 1 : Bounds Check Bypass (CVE-2017-5753)
  • Variant 2 : Branch Target Injection (CVE-2017-5715)

The AMD Spectre Mitigation Strategy Guide


AMD Spectre Mitigation Overview

GPZ Variant 1 (Spectre 1)

In the Spectre 1 (GPZ Variant 1) exploit, a malware can make use of the processor’s speculative execution capability to bypass the memory bounds check, thereby accessing memory that it did not have permission for.

AMD is recommending software-only solutions for Spectre 1, which include operating system kernels, JIT (Just In Time) compilers, browsers and other user applications.

AMD recommends the V1-1 (lfence) software solution for the GPZ Variant 1 (Spectre 1) exploit.

GPZ Variant 2 (Spectre 2)

In the Spectre 2 (GPZ Variant 2) exploit, a malware may trick the CPU branch predictor into mis-predicting the wrong path, thereby speculatively executing code that would not otherwise be executed.

AMD offers both software-only, and software + hardware mitigations, for Spectre 2.

AMD recommends the V2-1 (retpoline) option for the GPZ Variant 2 (Spectre 2) exploit.


The AMD Spectre Mitigation Options

AMD has so far offered 11 Spectre mitigation options, divided into three categories :


Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]


AMD Spectre 1 + 2 Mitigation Options

AMD Spectre Mitigation G-1

Target : Spectre 1 and Spectre 2

Technique : Clear out untrusted data from registers (e.g. write 0) when entering more privileged modes, or sensitive code.

Effect : By removing untrusted data from registers, the CPU will not be able to speculatively execute operations using the values in those registers.

Applicability : All AMD processors.

Note : Instructions that cause the machine to temporarily stop inserting new instructions into the machine for execution and wait for execution of older instructions to nish are referred to as dispatch serializing instructions.


AMD Spectre Mitigation G-2

Target : Spectre 1 and Spectre 2

Technique : Set an MSR in the processor so that LFENCE is a dispatch serializing instruction and then use LFENCE in code streams to serialize dispatch (LFENCE is faster than RDTSCP which is also dispatch serializing). This mode of LFENCE may be enabled by setting MSR C001_1029[1]=1.

Effect : Upon encountering an LFENCE when the MSR bit is set, dispatch will stop until the LFENCE instruction becomes the oldest instruction in the machine.

Applicability : All AMD family 10h/12h/14h/15h/16h/17h processors support this MSR. LFENCE support is indicated by CPUID function1 EDX bit 26, SSE2. AMD family 0Fh/11h processors support LFENCE as serializing always, but do not support this MSR. AMD plans support for this MSR and access to this bit for all future processors.


AMD Spectre Mitigation G-3

Target : Spectre 1 and Spectre 2

Technique : Enable Supervisor Mode Execution Protection (SMEP).

Effect : The processor will never speculatively fetch instruction bytes in supervisor mode if the RIP address points to a user page. This prevents the attacker from redirecting the kernel indirect branch to a target in user code.

Applicability : All AMD processors that support SMEP (Family 17h, Family 15h model >60h)

Note : The load-store unit is a key area for controlling speculation because information leakage comes from the residual nature of cache lines after a speculative fill.


AMD Spectre Mitigation G-4

Target : Spectre 1 and Spectre 2

Technique : Enable SMAP (Supervisor Mode Access Protection)

Effect : The processor will never initiate a fill if the translation has a SMAP violation (kernel accessing user memory). This can prevent the kernel from bringing in user data cache lines. With SMEP and SMAP enabled the attacker must nd an indirect branch to attack in the area marked by SMAP that is allowed to access user marked memory.

Applicability : All AMD processors that support SMAP ( family 17h and greater)

Next Page > Separate AMD Spectre 1 + Spectre 2 Mitigations


Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

About The Author


  1. Pingback: Everything On The Meltdown + Spectre CPU Flaws! Rev. 2.0 - Tech ARP

Leave a Reply