lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 12 Apr 2019 15:39:27 -0500
From:   Josh Poimboeuf <>
Cc:, Thomas Gleixner <>,
        Ingo Molnar <>, Borislav Petkov <>,
        "H . Peter Anvin" <>,
        Andy Lutomirski <>,
        Peter Zijlstra <>,
        Jiri Kosina <>,
        Waiman Long <>,
        Andrea Arcangeli <>,
        Jon Masters <>,
        Benjamin Herrenschmidt <>,
        Paul Mackerras <>,
        Michael Ellerman <>,,
        Martin Schwidefsky <>,
        Heiko Carstens <>,,
        Catalin Marinas <>,
        Will Deacon <>,,,
        Greg Kroah-Hartman <>,
        Tyler Hicks <>,
        Linus Torvalds <>,
        Randy Dunlap <>,
        Steven Price <>,
        Phil Auld <>
Subject: [PATCH v2 0/5] cpu/speculation: Add 'mitigations=' cmdline option

- docs improvements: [Randy, Michael]
- Rename to "mitigations=" [Michael]
- Add cpu_mitigations_off() function wrapper [Michael]
- x86: Simplify logic [Boris]
- powerpc: Fix no_rfi_flush checking bug (use '&&' instead of '||')
- arm64: Rebase onto Jeremy Linton's v7 patches [Will]
- arm64: "kpti command line option" [Steve P]
- arm64: Add nospectre_v2 support


Keeping track of the number of mitigations for all the CPU speculation
bugs has become overwhelming for many users.  It's getting more and more
complicated to decide which mitigations are needed for a given
architecture.  Complicating matters is the fact that each arch tends to
have its own custom way to mitigate the same vulnerability.

Most users fall into a few basic categories:

a) they want all mitigations off;

b) they want all reasonable mitigations on, with SMT enabled even if
   it's vulnerable; or

c) they want all reasonable mitigations on, with SMT disabled if

Define a set of curated, arch-independent options, each of which is an
aggregation of existing options:

- mitigations=off: Disable all mitigations.

- mitigations=auto: [default] Enable all the default mitigations, but
  leave SMT enabled, even if it's vulnerable.

- mitigations=auto,nosmt: Enable all the default mitigations, disabling
  SMT if needed by a mitigation.

Josh Poimboeuf (5):
  cpu/speculation: Add 'mitigations=' cmdline option
  x86/speculation: Support 'mitigations=' cmdline option
  powerpc/speculation: Support 'mitigations=' cmdline option
  s390/speculation: Support 'mitigations=' cmdline option
  arm64/speculation: Support 'mitigations=' cmdline option

 .../admin-guide/kernel-parameters.txt         | 34 +++++++++++++++++++
 arch/arm64/kernel/cpu_errata.c                |  6 +++-
 arch/arm64/kernel/cpufeature.c                |  8 ++++-
 arch/powerpc/kernel/security.c                |  6 ++--
 arch/powerpc/kernel/setup_64.c                |  2 +-
 arch/s390/kernel/nospec-branch.c              |  3 +-
 arch/x86/kernel/cpu/bugs.c                    | 11 ++++--
 arch/x86/mm/pti.c                             |  4 ++-
 include/linux/cpu.h                           | 24 +++++++++++++
 kernel/cpu.c                                  | 15 ++++++++
 10 files changed, 103 insertions(+), 10 deletions(-)


Powered by blists - more mailing lists