Blaster4385/linux-IllusionX
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Performance oriented customized Linux kernel based on the mainline kernel.
1073588 commits 7 branches 0 tags 3.1 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Josh Poimboeuf 0de05d056a x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT 
The commit

   44a3918c82 ("x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting")

added a warning for the "eIBRS + unprivileged eBPF" combination, which
has been shown to be vulnerable against Spectre v2 BHB-based attacks.

However, there's no warning about the "eIBRS + LFENCE retpoline +
unprivileged eBPF" combo. The LFENCE adds more protection by shortening
the speculation window after a mispredicted branch. That makes an attack
significantly more difficult, even with unprivileged eBPF. So at least
for now the logic doesn't warn about that combination.

But if you then add SMT into the mix, the SMT attack angle weakens the
effectiveness of the LFENCE considerably.

So extend the "eIBRS + unprivileged eBPF" warning to also include the
"eIBRS + LFENCE + unprivileged eBPF + SMT" case.

  [ bp: Massage commit message. ]

Suggested-by: Alyssa Milburn <alyssa.milburn@linux.intel.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
2022-03-05 09:30:47 +01:00
arch x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT 2022-03-05 09:30:47 +01:00
block
certs
crypto
Documentation x86/speculation: Update link to AMD speculation whitepaper 2022-02-28 18:37:12 +01:00
drivers - Fix a long-standing struct alignment bug in the EDAC struct allocation code 2022-02-20 12:04:14 -08:00
fs fs.mount_setattr.v5.17-rc4 2022-02-20 11:01:47 -08:00
include x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting 2022-02-21 10:21:47 +01:00
init
ipc
kernel x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting 2022-02-21 10:21:47 +01:00
lib
LICENSES
mm
net
samples
scripts
security
sound
tools x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE 2022-02-21 10:21:28 +01:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2022-02-20 11:23:48 -08:00
Makefile Linux 5.17-rc5 2022-02-20 13:07:20 -08:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.