diff options
| author | KP Singh <[email protected]> | 2023-02-27 07:05:40 +0100 |
|---|---|---|
| committer | Borislav Petkov (AMD) <[email protected]> | 2023-02-27 18:57:09 +0100 |
| commit | 6921ed9049bc7457f66c1596c5b78aec0dae4a9d (patch) | |
| tree | ceb7fcf276908f10ac1b07326ebc3ab8f8f5bd8a /tools/perf/scripts/python/Perf-Trace-Util/lib/Perf | |
| parent | 877934769e5b91798d304d4641647900ee614ce8 (diff) | |
x86/speculation: Allow enabling STIBP with legacy IBRS
When plain IBRS is enabled (not enhanced IBRS), the logic in
spectre_v2_user_select_mitigation() determines that STIBP is not needed.
The IBRS bit implicitly protects against cross-thread branch target
injection. However, with legacy IBRS, the IBRS bit is cleared on
returning to userspace for performance reasons which leaves userspace
threads vulnerable to cross-thread branch target injection against which
STIBP protects.
Exclude IBRS from the spectre_v2_in_ibrs_mode() check to allow for
enabling STIBP (through seccomp/prctl() by default or always-on, if
selected by spectre_v2_user kernel cmdline parameter).
[ bp: Massage. ]
Fixes: 7c693f54c873 ("x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS")
Reported-by: José Oliveira <[email protected]>
Reported-by: Rodrigo Branco <[email protected]>
Signed-off-by: KP Singh <[email protected]>
Signed-off-by: Borislav Petkov (AMD) <[email protected]>
Cc: [email protected]
Link: https://lore.kernel.org/r/[email protected]
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'tools/perf/scripts/python/Perf-Trace-Util/lib/Perf')
0 files changed, 0 insertions, 0 deletions