Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-13 22:53:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
A mirror of the official Linux kernel repository just in case
1,107,103 Commits 7 Branches 864 Tags 6.4 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
ba6e31af2b
Go to file
Pawan Gupta ba6e31af2b x86/speculation: Add LFENCE to RSB fill sequence 
RSB fill sequence does not have any protection for miss-prediction of
conditional branch at the end of the sequence. CPU can speculatively
execute code immediately after the sequence, while RSB filling hasn't
completed yet.

  #define __FILL_RETURN_BUFFER(reg, nr, sp)       \
          mov     $(nr/2), reg;                   \
  771:                                            \
          ANNOTATE_INTRA_FUNCTION_CALL;           \
          call    772f;                           \
  773:    /* speculation trap */                  \
          UNWIND_HINT_EMPTY;                      \
          pause;                                  \
          lfence;                                 \
          jmp     773b;                           \
  772:                                            \
          ANNOTATE_INTRA_FUNCTION_CALL;           \
          call    774f;                           \
  775:    /* speculation trap */                  \
          UNWIND_HINT_EMPTY;                      \
          pause;                                  \
          lfence;                                 \
          jmp     775b;                           \
  774:                                            \
          add     $(BITS_PER_LONG/8) * 2, sp;     \
          dec     reg;                            \
          jnz     771b;        <----- CPU can miss-predict here.

Before RSB is filled, RETs that come in program order after this macro
can be executed speculatively, making them vulnerable to RSB-based
attacks.

Mitigate it by adding an LFENCE after the conditional branch to prevent
speculation while RSB is being filled.

Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
2022-08-03 14:12:18 +02:00
arch x86/speculation: Add LFENCE to RSB fill sequence 2022-08-03 14:12:18 +02:00
block block: fix missing blkcg_bio_issue_init 2022-07-14 10:54:49 -06:00
certs certs: make system keyring depend on x509 parser 2022-07-24 12:53:55 -07:00
crypto crypto: s390 - do not depend on CRYPTO_HW for SIMD implementations 2022-07-06 20:04:06 -07:00
Documentation x86/speculation: Add RSB VM Exit protections 2022-08-03 11:23:52 +02:00
drivers Fix a NULL pointer deref in the Allwinner clk driver with a one liner. 2022-07-31 09:52:20 -07:00
fs Thirteen hotfixes, Eight are cc:stable and the remainder are for post-5.18 2022-07-26 19:38:46 -07:00
include LoongArch fixes for v5.19-final 2022-07-29 10:10:30 -07:00
init gcc-12: disable '-Warray-bounds' universally for now 2022-06-09 10:11:12 -07:00
ipc ipc: Free mq_sysctls if ipc namespace creation failed 2022-06-22 17:47:41 -05:00
kernel - Update the mitigations= kernel param documentation 2022-07-31 09:26:53 -07:00
lib ubsan: disable UBSAN_DIV_ZERO for clang 2022-07-14 15:45:26 -07:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm Two hotfixes, both cc:stable. 2022-07-29 21:02:35 -07:00
net net: ping6: Fix memleak in ipv6_renew_options(). 2022-07-28 10:42:08 -07:00
samples Fixes and minor clean ups for tracing: 2022-07-12 16:17:40 -07:00
scripts scripts/gdb: Fix gdb 'lx-symbols' command 2022-07-21 10:40:55 -07:00
security lockdown: Fix kexec lockdown bypass with ima policy 2022-07-20 09:56:48 -07:00
sound ASoC: Drop Rockchip BCLK management for v5.19 2022-07-15 12:31:07 +02:00
tools x86/speculation: Add RSB VM Exit protections 2022-08-03 11:23:52 +02:00
usr Not a lot of material this cycle. Many singleton patches against various 2022-05-27 11:22:03 -07:00
virt KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking 2022-06-09 10:52:20 -04:00
.clang-format clang-format: Fix space after for_each macros 2022-05-20 19:27:16 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: split the second line of *.mod into *.usyms 2022-05-08 03:16:59 +09:00
.mailmap ARM: SoC fixes for 5.19, part 4 2022-07-27 09:43:07 -07:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: mark ARM/PALM TREO SUPPORT orphan 2022-07-07 15:17:00 +02:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Pin control fixes for the v5.19 kernel cycle: 2022-07-22 12:24:04 -07:00
Makefile Linux 5.19 2022-07-31 14:03:01 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.