diff options
| author | Daniel Sneddon <[email protected]> | 2023-07-12 19:43:12 -0700 |
|---|---|---|
| committer | Dave Hansen <[email protected]> | 2023-07-21 12:59:49 -0700 |
| commit | 553a5c03e90a6087e88f8ff878335ef0621536fb (patch) | |
| tree | d0be201441d4f8d45baf9375f7de30b9c1e24dbc /lib/crypto/mpi | |
| parent | 8974eb588283b7d44a7c91fa09fcbaf380339f3a (diff) | |
x86/speculation: Add force option to GDS mitigation
The Gather Data Sampling (GDS) vulnerability allows malicious software
to infer stale data previously stored in vector registers. This may
include sensitive data such as cryptographic keys. GDS is mitigated in
microcode, and systems with up-to-date microcode are protected by
default. However, any affected system that is running with older
microcode will still be vulnerable to GDS attacks.
Since the gather instructions used by the attacker are part of the
AVX2 and AVX512 extensions, disabling these extensions prevents gather
instructions from being executed, thereby mitigating the system from
GDS. Disabling AVX2 is sufficient, but we don't have the granularity
to do this. The XCR0[2] disables AVX, with no option to just disable
AVX2.
Add a kernel parameter gather_data_sampling=force that will enable the
microcode mitigation if available, otherwise it will disable AVX on
affected systems.
This option will be ignored if cmdline mitigations=off.
This is a *big* hammer. It is known to break buggy userspace that
uses incomplete, buggy AVX enumeration. Unfortunately, such userspace
does exist in the wild:
https://www.mail-archive.com/[email protected]/msg33046.html
[ dhansen: add some more ominous warnings about disabling AVX ]
Signed-off-by: Daniel Sneddon <[email protected]>
Signed-off-by: Dave Hansen <[email protected]>
Acked-by: Josh Poimboeuf <[email protected]>
Diffstat (limited to 'lib/crypto/mpi')
0 files changed, 0 insertions, 0 deletions