|
Borislav Petkov |
d537ae |
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
|
|
Borislav Petkov |
d537ae |
Date: Thu, 19 May 2022 20:33:13 -0700
|
|
Borislav Petkov |
d537ae |
Subject: x86/speculation/srbds: Update SRBDS mitigation selection
|
|
Borislav Petkov |
d537ae |
Git-commit: 22cac9c677c95f3ac5c9244f8ca0afdc7c8afb19
|
|
Borislav Petkov |
d537ae |
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git
|
|
Borislav Petkov |
d537ae |
Patch-mainline: Queued in tip for v5.19
|
|
Borislav Petkov |
d537ae |
References: bsc#1199650 CVE-2022-21166 CVE-2022-21127 CVE-2022-21123 CVE-2022-21125 CVE-2022-21180
|
|
Borislav Petkov |
d537ae |
|
|
Borislav Petkov |
d537ae |
Currently, Linux disables SRBDS mitigation on CPUs not affected by
|
|
Borislav Petkov |
d537ae |
MDS and have the TSX feature disabled. On such CPUs, secrets cannot
|
|
Borislav Petkov |
d537ae |
be extracted from CPU fill buffers using MDS or TAA. Without SRBDS
|
|
Borislav Petkov |
d537ae |
mitigation, Processor MMIO Stale Data vulnerabilities can be used to
|
|
Borislav Petkov |
d537ae |
extract RDRAND, RDSEED, and EGETKEY data.
|
|
Borislav Petkov |
d537ae |
|
|
Borislav Petkov |
d537ae |
Do not disable SRBDS mitigation by default when CPU is also affected by
|
|
Borislav Petkov |
d537ae |
Processor MMIO Stale Data vulnerabilities.
|
|
Borislav Petkov |
d537ae |
|
|
Borislav Petkov |
d537ae |
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
|
|
Borislav Petkov |
d537ae |
Signed-off-by: Borislav Petkov <bp@suse.de>
|
|
Borislav Petkov |
d537ae |
---
|
|
Borislav Petkov |
d537ae |
arch/x86/kernel/cpu/bugs.c | 8 +++++---
|
|
Borislav Petkov |
d537ae |
1 file changed, 5 insertions(+), 3 deletions(-)
|
|
Borislav Petkov |
d537ae |
|
|
Borislav Petkov |
d537ae |
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
|
|
Borislav Petkov |
d537ae |
index 38853077ca58..ef4749097f42 100644
|
|
Borislav Petkov |
d537ae |
--- a/arch/x86/kernel/cpu/bugs.c
|
|
Borislav Petkov |
d537ae |
+++ b/arch/x86/kernel/cpu/bugs.c
|
|
Borislav Petkov |
d537ae |
@@ -595,11 +595,13 @@ static void __init srbds_select_mitigation(void)
|
|
Borislav Petkov |
d537ae |
return;
|
|
Borislav Petkov |
d537ae |
|
|
Borislav Petkov |
d537ae |
/*
|
|
Borislav Petkov |
d537ae |
- * Check to see if this is one of the MDS_NO systems supporting
|
|
Borislav Petkov |
d537ae |
- * TSX that are only exposed to SRBDS when TSX is enabled.
|
|
Borislav Petkov |
d537ae |
+ * Check to see if this is one of the MDS_NO systems supporting TSX that
|
|
Borislav Petkov |
d537ae |
+ * are only exposed to SRBDS when TSX is enabled or when CPU is affected
|
|
Borislav Petkov |
d537ae |
+ * by Processor MMIO Stale Data vulnerability.
|
|
Borislav Petkov |
d537ae |
*/
|
|
Borislav Petkov |
d537ae |
ia32_cap = x86_read_arch_cap_msr();
|
|
Borislav Petkov |
d537ae |
- if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM))
|
|
Borislav Petkov |
d537ae |
+ if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
|
|
Borislav Petkov |
d537ae |
+ !boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA))
|
|
Borislav Petkov |
d537ae |
srbds_mitigation = SRBDS_MITIGATION_TSX_OFF;
|
|
Borislav Petkov |
d537ae |
else if (boot_cpu_has(X86_FEATURE_HYPERVISOR))
|
|
Borislav Petkov |
d537ae |
srbds_mitigation = SRBDS_MITIGATION_HYPERVISOR;
|
|
Borislav Petkov |
d537ae |
|