lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1516872189-16577-1-git-send-email-dwmw@amazon.co.uk>
Date:   Thu, 25 Jan 2018 09:23:02 +0000
From:   David Woodhouse <dwmw@...zon.co.uk>
To:     arjan@...ux.intel.com, tglx@...utronix.de, karahmed@...zon.de,
        x86@...nel.org, linux-kernel@...r.kernel.org,
        tim.c.chen@...ux.intel.com, bp@...en8.de, peterz@...radead.org,
        pbonzini@...hat.com, ak@...ux.intel.com,
        torvalds@...ux-foundation.org, gregkh@...ux-foundation.org,
        dave.hansen@...el.com, gnomes@...rguk.ukuu.org.uk,
        ashok.raj@...el.com, mingo@...nel.org
Subject: [PATCH v4 0/7] Basic Speculation Control feature support

Add the basic CPUID and MSR definitions for AMD and Intel, followed by 
the complete no-brainer: Disable KPTI on Intel CPUs which set the 
RDCL_NO bit to say that they don't need it, as well as others which are
known not to speculate such as old Atoms and even older 32-bit chips.

Alan will continue an archæological dig to round up some more entries
for that table.

Also blacklist the early Intel microcodes for Spectre mitigation features,
and add the basic support for indirect_branch_prediction_barrier(). The
latter is needed to protect userspace and complete the retpoline-based
mitigation. Patches on top of it are being bikeshedded as we speak...

v2: Cleanups, add AMD bits for STIBP/SPEC_CTRL.
v3: Add more CPUs to the exemption for KPTI and clean that up.
    Add microcode blacklist (RFC).
v4: Roll in 'no speculation' list for CPUs not vulnerable to Spectre.
    Cosmetic cleanups in microcode blacklist table.

David Woodhouse (7):
  x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
  x86/cpufeatures: Add Intel feature bits for Speculation Control
  x86/cpufeatures: Add AMD feature bits for Speculation Control
  x86/msr: Add definitions for new speculation control MSRs
  x86/pti: Do not enable PTI on processors which are not vulnerable to
    Meltdown
  x86/cpufeature: Blacklist SPEC_CTRL on early Spectre v2 microcodes
  x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier)
    support

 arch/x86/include/asm/cpufeature.h        |  7 +++-
 arch/x86/include/asm/cpufeatures.h       | 15 +++++--
 arch/x86/include/asm/disabled-features.h |  3 +-
 arch/x86/include/asm/msr-index.h         | 12 ++++++
 arch/x86/include/asm/nospec-branch.h     | 13 ++++++
 arch/x86/include/asm/required-features.h |  3 +-
 arch/x86/kernel/cpu/bugs.c               |  7 ++++
 arch/x86/kernel/cpu/common.c             | 48 ++++++++++++++++++---
 arch/x86/kernel/cpu/intel.c              | 71 ++++++++++++++++++++++++++++++++
 arch/x86/kernel/cpu/scattered.c          |  2 -
 10 files changed, 167 insertions(+), 14 deletions(-)

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ