shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 18:41:58 +09:00
Code Issues Packages Projects Releases Wiki Activity

x86/bugs: Clarify that syscall hardening isn't a BHI mitigation

Browse Source 
commit 5f882f3b0a8bf0788d5a0ee44b1191de5319bb8a upstream.

While syscall hardening helps prevent some BHI attacks, there's still
other low-hanging fruit remaining.  Don't classify it as a mitigation
and make it clear that the system may still be vulnerable if it doesn't
have a HW or SW mitigation enabled.

Fixes: ec9404e40e8f ("x86/bhi: Add BHI mitigation knob")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/b5951dae3fdee7f1520d5136a27be3bdfe95f88b.1712813475.git.jpoimboe@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Josh Poimboeuf
2024-04-10 22:40:48 -07:00
committed by Greg Kroah-Hartman
parent 4b0b5d621e
commit d737d8cd8e
3 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Documentation/admin-guide/hw-vuln/spectre.rst
View File

@@ -441,10 +441,10 @@ The possible values in this file are:
- System is protected by BHI_DIS_S - System is protected by BHI_DIS_S
* - BHI: SW loop, KVM SW loop * - BHI: SW loop, KVM SW loop
- System is protected by software clearing sequence - System is protected by software clearing sequence
* - BHI: Syscall hardening * - BHI: Vulnerable
- Syscalls are hardened against BHI - System is vulnerable to BHI
* - BHI: Syscall hardening, KVM: SW loop * - BHI: Vulnerable, KVM: SW loop
- System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence - System is vulnerable; KVM is protected by software clearing sequence
Full mitigation might require a microcode update from the CPU Full mitigation might require a microcode update from the CPU
vendor. When the necessary microcode is not available, the kernel will vendor. When the necessary microcode is not available, the kernel will
@@ -661,8 +661,7 @@ kernel command line.
spectre_bhi= spectre_bhi=
[X86] Control mitigation of Branch History Injection [X86] Control mitigation of Branch History Injection
(BHI) vulnerability. Syscalls are hardened against BHI (BHI) vulnerability. This setting affects the deployment
regardless of this setting. This setting affects the deployment
of the HW BHI control and the SW BHB clearing sequence. of the HW BHI control and the SW BHB clearing sequence.
on on

3
Documentation/admin-guide/kernel-parameters.txt
View File

@@ -5735,8 +5735,7 @@
See Documentation/admin-guide/laptops/sonypi.rst See Documentation/admin-guide/laptops/sonypi.rst
spectre_bhi= [X86] Control mitigation of Branch History Injection spectre_bhi= [X86] Control mitigation of Branch History Injection
(BHI) vulnerability. Syscalls are hardened against BHI (BHI) vulnerability. This setting affects the
reglardless of this setting. This setting affects the
deployment of the HW BHI control and the SW BHB deployment of the HW BHI control and the SW BHB
clearing sequence. clearing sequence.

6
arch/x86/kernel/cpu/bugs.c
View File

@@ -2797,10 +2797,10 @@ static const char *spectre_bhi_state(void)
return "; BHI: SW loop, KVM: SW loop"; return "; BHI: SW loop, KVM: SW loop";
else if (boot_cpu_has(X86_FEATURE_RETPOLINE) && rrsba_disabled) else if (boot_cpu_has(X86_FEATURE_RETPOLINE) && rrsba_disabled)
return "; BHI: Retpoline"; return "; BHI: Retpoline";
else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT)) else if (boot_cpu_has(X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT))
return "; BHI: Syscall hardening, KVM: SW loop"; return "; BHI: Vulnerable, KVM: SW loop";
return "; BHI: Vulnerable (Syscall hardening enabled)"; return "; BHI: Vulnerable";
} }
static ssize_t spectre_v2_show_state(char *buf) static ssize_t spectre_v2_show_state(char *buf)