Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-19 09:32:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
24f7fc83b9
linux/arch/x86/kernel/cpu
History
Konrad Rzeszutek Wilk 24f7fc83b9 x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation 
Contemporary high performance processors use a common industry-wide
optimization known as "Speculative Store Bypass" in which loads from
addresses to which a recent store has occurred may (speculatively) see an
older value. Intel refers to this feature as "Memory Disambiguation" which
is part of their "Smart Memory Access" capability.

Memory Disambiguation can expose a cache side-channel attack against such
speculatively read values. An attacker can create exploit code that allows
them to read memory outside of a sandbox environment (for example,
malicious JavaScript in a web page), or to perform more complex attacks
against code running within the same privilege level, e.g. via the stack.

As a first step to mitigate against such attacks, provide two boot command
line control knobs:

 nospec_store_bypass_disable
 spec_store_bypass_disable=[off,auto,on]

By default affected x86 processors will power on with Speculative
Store Bypass enabled. Hence the provided kernel parameters are written
from the point of view of whether to enable a mitigation or not.
The parameters are as follows:

 - auto - Kernel detects whether your CPU model contains an implementation
	  of Speculative Store Bypass and picks the most appropriate
	  mitigation.

 - on   - disable Speculative Store Bypass
 - off  - enable Speculative Store Bypass

[ tglx: Reordered the checks so that the whole evaluation is not done
  	when the CPU does not support RDS ]

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
2018-05-03 13:55:48 +02:00
..
mcheck Merge branch 'x86-timers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 16:18:31 -07:00
microcode x86/microcode: Do not exit early from __reload_late() 2018-04-24 09:48:22 +02:00
mtrr x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping 2018-02-15 01:15:52 +01:00
.gitignore
amd.c x86/jailhouse: Allow to use PCI_MMCONFIG without ACPI 2018-03-08 12:30:39 +01:00
aperfmperf.c x86 / CPU: Always show current CPU frequency in /proc/cpuinfo 2017-11-15 19:46:50 +01:00
bugs.c x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation 2018-05-03 13:55:48 +02:00
centaur.c Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-02-14 17:02:15 -08:00
common.c x86/bugs: Expose /sys/../spec_store_bypass 2018-05-03 13:55:47 +02:00
cpu.h x86 / CPU: Always show current CPU frequency in /proc/cpuinfo 2017-11-15 19:46:50 +01:00
cpuid-deps.c x86/cpuid: Switch to 'static const' specifier 2018-03-08 12:23:42 +01:00
cyrix.c x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping 2018-02-15 01:15:52 +01:00
hypervisor.c x86/jailhouse: Add infrastructure for running in non-root cell 2018-01-14 21:11:54 +01:00
intel_cacheinfo.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
intel_pconfig.c x86/pconfig: Detect PCONFIG targets 2018-03-12 12:10:54 +01:00
intel_rdt_ctrlmondata.c x86/intel_rdt: Fix a silent failure when writing zero value schemata 2017-11-12 09:01:40 +01:00
intel_rdt_monitor.c x86/intel_rdt/cqm: Make integer rmid_limbo_count static 2017-10-05 13:20:32 +02:00
intel_rdt_rdtgroup.c x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system 2018-02-23 08:03:21 +01:00
intel_rdt.c Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-02-14 17:02:15 -08:00
intel_rdt.h x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG 2018-01-18 09:33:31 +01:00
intel.c x86/cpu/intel: Add missing TLB cpuid values 2018-04-26 21:42:44 +02:00
Makefile x86/pconfig: Detect PCONFIG targets 2018-03-12 12:10:54 +01:00
match.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mkcapflags.sh License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mshyperv.c ARM: 2018-04-09 11:42:31 -07:00
perfctr-watchdog.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
powerflags.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
proc.c x86/cpu: Change type of x86_cache_size variable to unsigned int 2018-02-15 01:15:53 +01:00
rdrand.c x86, asm: Use CC_SET()/CC_OUT() and static_cpu_has() in archrandom.h 2016-06-08 12:41:20 -07:00
scattered.c Merge branch 'x86/hyperv' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-02-01 15:04:17 +01:00
topology.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
transmeta.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
umc.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vmware.c x86/virt: Add enum for hypervisors to replace x86_hyper 2017-11-10 10:03:12 +01:00