korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-09 07:14:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
7e5b3c267d
linux/arch/x86
History
Mark Gross 7e5b3c267d x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 
SRBDS is an MDS-like speculative side channel that can leak bits from the
random number generator (RNG) across cores and threads. New microcode
serializes the processor access during the execution of RDRAND and
RDSEED. This ensures that the shared buffer is overwritten before it is
released for reuse.

While it is present on all affected CPU models, the microcode mitigation
is not needed on models that enumerate ARCH_CAPABILITIES[MDS_NO] in the
cases where TSX is not supported or has been disabled with TSX_CTRL.

The mitigation is activated by default on affected processors and it
increases latency for RDRAND and RDSEED instructions. Among other
effects this will reduce throughput from /dev/urandom.

* Enable administrator to configure the mitigation off when desired using
  either mitigations=off or srbds=off.

* Export vulnerability status via sysfs

* Rename file-scoped macros to apply for non-whitelist table initializations.

 [ bp: Massage,
   - s/VULNBL_INTEL_STEPPING/VULNBL_INTEL_STEPPINGS/g,
   - do not read arch cap MSR a second time in tsx_fused_off() - just pass it in,
   - flip check in cpu_set_bug_bits() to save an indentation level,
   - reflow comments.
   jpoimboe: s/Mitigated/Mitigation/ in user-visible strings
   tglx: Dropped the fused off magic for now
 ]

Signed-off-by: Mark Gross <mgross@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
2020-04-20 12:19:22 +02:00
..
boot SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
configs compiler: remove CONFIG_OPTIMIZE_INLINING entirely 2020-04-07 10:43:42 -07:00
crypto x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
entry sparc,x86: vdso: remove meaningless undefining CONFIG_OPTIMIZE_INLINING 2020-04-07 10:43:42 -07:00
events perf/x86/intel/uncore: Add Ice Lake server uncore support 2020-04-08 11:33:46 +02:00
hyperv x86/Hyper-V: Report crash data in die() when panic_on_oops is set 2020-04-11 17:19:07 +01:00
ia32 Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2020-03-31 11:04:05 -07:00
include x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-04-20 12:19:22 +02:00
kernel x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-04-20 12:19:22 +02:00
kvm KVM: VMX: Extend VMXs #AC interceptor to handle split lock #AC in guest 2020-04-11 16:42:41 +02:00
lib SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
math-emu Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 10:42:40 -08:00
mm mm/memory_hotplug: add pgprot_t to mhp_params 2020-04-10 15:36:21 -07:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-25 18:58:11 -07:00
oprofile x86: Use pr_warn instead of pr_warning 2019-10-18 15:00:18 +02:00
pci pci-v5.6-changes 2020-01-31 14:48:54 -08:00
platform efi/x86: Don't remap text<->rodata gap read-only for mixed mode 2020-04-14 08:32:17 +02:00
power x86/kernel: Convert to new CPU match macros 2020-03-24 21:28:26 +01:00
purgatory Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-11-26 10:42:40 -08:00
ras
realmode SPDX patches for 5.7-rc1. 2020-04-03 13:12:26 -07:00
tools .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
um mm/vma: define a default value for VM_DATA_DEFAULT_FLAGS 2020-04-10 15:36:21 -07:00
video
xen xen: branch for v5.7-rc1b 2020-04-10 17:20:06 -07:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
Kbuild
Kconfig Kbuild updates for v5.7 (2nd) 2020-04-11 09:46:12 -07:00
Kconfig.assembler x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
Kconfig.cpu x86/cpu: Detect VMX features on Intel, Centaur and Zhaoxin CPUs 2020-01-13 18:02:53 +01:00
Kconfig.debug x86: mm: convert dump_pagetables to use walk_page_range 2020-02-04 03:05:25 +00:00
Makefile x86: probe assembler capabilities via kconfig instead of makefile 2020-04-09 00:01:59 +09:00
Makefile_32.cpu x86/math-emu: Limit MATH_EMULATION to 486SX compatibles 2019-10-03 10:51:17 +02:00
Makefile.um