kernel_optimize_test

History

Pawan Gupta 1bea03b44e x86/speculation: Add LFENCE to RSB fill sequence commit ba6e31af2be96c4d0536f2152ed6f7b6c11bca47 upstream. RSB fill sequence does not have any protection for miss-prediction of conditional branch at the end of the sequence. CPU can speculatively execute code immediately after the sequence, while RSB filling hasn't completed yet. #define __FILL_RETURN_BUFFER(reg, nr, sp) \ mov $(nr/2), reg; \ 771: \ ANNOTATE_INTRA_FUNCTION_CALL; \ call 772f; \ 773: /* speculation trap / \ UNWIND_HINT_EMPTY; \ pause; \ lfence; \ jmp 773b; \ 772: \ ANNOTATE_INTRA_FUNCTION_CALL; \ call 774f; \ 775: / speculation trap / \ UNWIND_HINT_EMPTY; \ pause; \ lfence; \ jmp 775b; \ 774: \ add $(BITS_PER_LONG/8) 2, sp; \ dec reg; \ jnz 771b; <----- CPU can miss-predict here. Before RSB is filled, RETs that come in program order after this macro can be executed speculatively, making them vulnerable to RSB-based attacks. Mitigate it by adding an LFENCE after the conditional branch to prevent speculation while RSB is being filled. Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Borislav Petkov <bp@suse.de> Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2022-08-11 13:06:47 +02:00
..
alpha	tty: the rest, stop using tty_schedule_flip()	2022-07-29 17:19:28 +02:00
arc	ARC: entry: fix syscall_trace_exit argument	2022-04-27 13:53:55 +02:00
arm	ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow	2022-08-03 12:00:50 +02:00
arm64	crypto: arm64/poly1305 - fix a read out-of-bound	2022-08-11 13:06:45 +02:00
c6x	arch-cleanup-2020-10-22	2020-10-23 10:06:38 -07:00
csky	csky: patch_text: Fixup last cpu should be master	2022-06-09 10:21:26 +02:00
h8300	h8300: fix PREEMPTION build, TI_PRE_COUNT undefined	2021-02-17 11:02:28 +01:00
hexagon	hexagon: clean up timer-regs.h	2021-11-26 10:39:19 +01:00
ia64	ia64: define get_cycles macro for arch-override	2022-05-30 09:33:40 +02:00
m68k	Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch"	2022-07-29 17:19:09 +02:00
microblaze	uaccess: fix nios2 and microblaze get_user_8()	2022-04-08 14:40:08 +02:00
mips	MIPS: Remove repetitive increase irq_err_count	2022-06-29 08:59:48 +02:00
nds32	nds32: fix access_ok() checks in get/put_user	2022-03-28 09:57:10 +02:00
nios2	nios2: use fallback for random_get_entropy() instead of zero	2022-05-30 09:33:41 +02:00
openrisc	openrisc: start CPU timer early in boot	2022-06-09 10:20:55 +02:00
parisc	parisc: Enable ARCH_HAS_STRICT_MODULE_RWX	2022-06-29 08:59:53 +02:00
powerpc	powerpc/powernv: delay rng platform device creation until later in boot	2022-07-12 16:32:19 +02:00
riscv	riscv: add as-options for modules with assembly compontents	2022-07-29 17:19:06 +02:00
s390	s390/archrandom: prevent CPACF trng invocations in interrupt context	2022-08-03 12:00:43 +02:00
sh	sh: convert nommu io{re,un}map() to static inline functions	2022-07-21 21:20:02 +02:00
sparc	sparc: use fallback for random_get_entropy() instead of zero	2022-05-30 09:33:42 +02:00
um	um: Add missing apply_returns()	2022-07-25 11:26:55 +02:00
x86	x86/speculation: Add LFENCE to RSB fill sequence	2022-08-11 13:06:47 +02:00
xtensa	xtensa: Fix refcount leak bug in time.c	2022-06-29 08:59:53 +02:00
.gitignore
Kconfig	arch/cc: Introduce a function to check for confidential computing features	2021-11-18 14:04:32 +01:00