shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 18:41:58 +09:00
Code Issues Packages Projects Releases Wiki Activity

x86/bugs: Fix BHI documentation

Browse Source 
commit dfe648903f42296866d79f10d03f8c85c9dfba30 upstream.

Fix up some inaccuracies in the BHI documentation.

Fixes: ec9404e40e8f ("x86/bhi: Add BHI mitigation knob")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/8c84f7451bfe0dd08543c6082a383f390d4aa7e2.1712813475.git.jpoimboe@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Josh Poimboeuf
2024-04-10 22:40:45 -07:00
committed by Greg Kroah-Hartman
parent 0d433e4082
commit 662e341e57
2 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Documentation/admin-guide/hw-vuln/spectre.rst
View File

@@ -439,11 +439,11 @@ The possible values in this file are:
- System is protected by retpoline - System is protected by retpoline
* - BHI: BHI_DIS_S * - BHI: BHI_DIS_S
- System is protected by BHI_DIS_S - System is protected by BHI_DIS_S
* - BHI: SW loop; KVM SW loop * - BHI: SW loop, KVM SW loop
- System is protected by software clearing sequence - System is protected by software clearing sequence
* - BHI: Syscall hardening * - BHI: Syscall hardening
- Syscalls are hardened against BHI - Syscalls are hardened against BHI
* - BHI: Syscall hardening; KVM: SW loop * - BHI: Syscall hardening, KVM: SW loop
- System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence - System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence
Full mitigation might require a microcode update from the CPU Full mitigation might require a microcode update from the CPU
@@ -666,13 +666,14 @@ kernel command line.
of the HW BHI control and the SW BHB clearing sequence. of the HW BHI control and the SW BHB clearing sequence.
on on
unconditionally enable. (default) Enable the HW or SW mitigation as
needed.
off off
unconditionally disable. Disable the mitigation.
auto auto
enable if hardware mitigation Enable the HW mitigation if needed, but
control(BHI_DIS_S) is available, otherwise *don't* enable the SW mitigation except for KVM.
enable alternate mitigation in KVM. The system may be vulnerable.
For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt For spectre_v2_user see Documentation/admin-guide/kernel-parameters.txt

12
Documentation/admin-guide/kernel-parameters.txt
View File

@@ -3283,6 +3283,7 @@
reg_file_data_sampling=off [X86] reg_file_data_sampling=off [X86]
retbleed=off [X86] retbleed=off [X86]
spec_store_bypass_disable=off [X86,PPC] spec_store_bypass_disable=off [X86,PPC]
spectre_bhi=off [X86]
spectre_v2_user=off [X86] spectre_v2_user=off [X86]
srbds=off [X86,INTEL] srbds=off [X86,INTEL]
ssbd=force-off [ARM64] ssbd=force-off [ARM64]
@@ -5739,11 +5740,12 @@
deployment of the HW BHI control and the SW BHB deployment of the HW BHI control and the SW BHB
clearing sequence. clearing sequence.
on - unconditionally enable. on - (default) Enable the HW or SW mitigation
off - unconditionally disable. as needed.
auto - (default) enable hardware mitigation off - Disable the mitigation.
(BHI_DIS_S) if available, otherwise enable auto - Enable the HW mitigation if needed, but
alternate mitigation in KVM. *don't* enable the SW mitigation except
for KVM. The system may be vulnerable.
spectre_v2= [X86] Control mitigation of Spectre variant 2 spectre_v2= [X86] Control mitigation of Spectre variant 2
(indirect branch speculation) vulnerability. (indirect branch speculation) vulnerability.