| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Mar 2019 00:54:19 -0600
From: Andre Przywara <andre.przywara@....com>
To: Jeremy Linton <jeremy.linton@....com>,
linux-arm-kernel@...ts.infradead.org
Cc: catalin.marinas@....com, will.deacon@....com, marc.zyngier@....com,
suzuki.poulose@....com, Dave.Martin@....com,
shankerd@...eaurora.org, julien.thierry@....com,
mlangsdo@...hat.com, stefan.wahren@....com,
linux-kernel@...r.kernel.org, Jonathan Corbet <corbet@....net>,
linux-doc@...r.kernel.org
Subject: Re: [PATCH v5 01/10] arm64: Provide a command line to disable
spectre_v2 mitigation
Hi,
On 2/26/19 7:05 PM, Jeremy Linton wrote:
> There are various reasons, including bencmarking, to disable spectrev2
> mitigation on a machine. Provide a command-line to do so.
>
> Signed-off-by: Jeremy Linton <jeremy.linton@....com>
Reviewed-by: Andre Przywara <andre.przywara@....com>
Cheers,
Andre.
> Cc: Jonathan Corbet <corbet@....net>
> Cc: linux-doc@...r.kernel.org
> ---
> Documentation/admin-guide/kernel-parameters.txt | 8 ++++----
> arch/arm64/kernel/cpu_errata.c | 13 +++++++++++++
> 2 files changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 858b6c0b9a15..4d4d6a9537ae 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -2842,10 +2842,10 @@
> check bypass). With this option data leaks are possible
> in the system.
>
> - nospectre_v2 [X86,PPC_FSL_BOOK3E] Disable all mitigations for the Spectre variant 2
> - (indirect branch prediction) vulnerability. System may
> - allow data leaks with this option, which is equivalent
> - to spectre_v2=off.
> + nospectre_v2 [X86,PPC_FSL_BOOK3E,ARM64] Disable all mitigations for
> + the Spectre variant 2 (indirect branch prediction)
> + vulnerability. System may allow data leaks with this
> + option.
>
> nospec_store_bypass_disable
> [HW] Disable all mitigations for the Speculative Store Bypass vulnerability
> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
> index 9950bb0cbd52..d2b2c69d31bb 100644
> --- a/arch/arm64/kernel/cpu_errata.c
> +++ b/arch/arm64/kernel/cpu_errata.c
> @@ -220,6 +220,14 @@ static void qcom_link_stack_sanitization(void)
> : "=&r" (tmp));
> }
>
> +static bool __nospectre_v2;
> +static int __init parse_nospectre_v2(char *str)
> +{
> + __nospectre_v2 = true;
> + return 0;
> +}
> +early_param("nospectre_v2", parse_nospectre_v2);
> +
> static void
> enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry)
> {
> @@ -231,6 +239,11 @@ enable_smccc_arch_workaround_1(const struct arm64_cpu_capabilities *entry)
> if (!entry->matches(entry, SCOPE_LOCAL_CPU))
> return;
>
> + if (__nospectre_v2) {
> + pr_info_once("spectrev2 mitigation disabled by command line option\n");
> + return;
> + }
> +
> if (psci_ops.smccc_version == SMCCC_VERSION_1_0)
> return;
>
>
Powered by blists - more mailing lists