Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull STIBP fallout fixes from Thomas Gleixner:
"The performance destruction department finally got it's act together
and came up with a cure for the STIPB regression:
- Provide a command line option to control the spectre v2 user space
mitigations. Default is either seccomp or prctl (if seccomp is
disabled in Kconfig). prctl allows mitigation opt-in, seccomp
enables the migitation for sandboxed processes.
- Rework the code to handle the conditional STIBP/IBPB control and
remove the now unused ptrace_may_access_sched() optimization
attempt
- Disable STIBP automatically when SMT is disabled
- Optimize the switch_to() logic to avoid MSR writes and invocations
of __switch_to_xtra().
- Make the asynchronous speculation TIF updates synchronous to
prevent stale mitigation state.
As a general cleanup this also makes retpoline directly depend on
compiler support and removes the 'minimal retpoline' option which just
pretended to provide some form of security while providing none"
* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (31 commits)
x86/speculation: Provide IBPB always command line options
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Enable prctl mode for spectre_v2_user
x86/speculation: Add prctl() control for indirect branch speculation
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Split out TIF update
ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
x86/speculation: Prepare for conditional IBPB in switch_mm()
x86/speculation: Avoid __switch_to_xtra() calls
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Prepare for per task indirect branch speculation control
x86/speculation: Add command line control for indirect branch speculation
x86/speculation: Unify conditional spectre v2 print functions
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Mark string arrays const correctly
x86/speculation: Reorder the spec_v2 code
x86/l1tf: Show actual SMT state
x86/speculation: Rework SMT state change
sched/smt: Expose sched_smt_present static key
...
No related branches found
No related tags found
Showing
- Documentation/admin-guide/kernel-parameters.txt 54 additions, 2 deletionsDocumentation/admin-guide/kernel-parameters.txt
- Documentation/userspace-api/spec_ctrl.rst 9 additions, 0 deletionsDocumentation/userspace-api/spec_ctrl.rst
- arch/x86/Kconfig 1 addition, 11 deletionsarch/x86/Kconfig
- arch/x86/Makefile 3 additions, 2 deletionsarch/x86/Makefile
- arch/x86/include/asm/msr-index.h 3 additions, 2 deletionsarch/x86/include/asm/msr-index.h
- arch/x86/include/asm/nospec-branch.h 20 additions, 6 deletionsarch/x86/include/asm/nospec-branch.h
- arch/x86/include/asm/spec-ctrl.h 14 additions, 6 deletionsarch/x86/include/asm/spec-ctrl.h
- arch/x86/include/asm/switch_to.h 0 additions, 3 deletionsarch/x86/include/asm/switch_to.h
- arch/x86/include/asm/thread_info.h 17 additions, 3 deletionsarch/x86/include/asm/thread_info.h
- arch/x86/include/asm/tlbflush.h 6 additions, 2 deletionsarch/x86/include/asm/tlbflush.h
- arch/x86/kernel/cpu/bugs.c 388 additions, 137 deletionsarch/x86/kernel/cpu/bugs.c
- arch/x86/kernel/process.c 82 additions, 19 deletionsarch/x86/kernel/process.c
- arch/x86/kernel/process.h 39 additions, 0 deletionsarch/x86/kernel/process.h
- arch/x86/kernel/process_32.c 3 additions, 7 deletionsarch/x86/kernel/process_32.c
- arch/x86/kernel/process_64.c 3 additions, 7 deletionsarch/x86/kernel/process_64.c
- arch/x86/mm/tlb.c 86 additions, 29 deletionsarch/x86/mm/tlb.c
- include/linux/ptrace.h 0 additions, 17 deletionsinclude/linux/ptrace.h
- include/linux/sched.h 9 additions, 0 deletionsinclude/linux/sched.h
- include/linux/sched/smt.h 20 additions, 0 deletionsinclude/linux/sched/smt.h
- include/uapi/linux/prctl.h 1 addition, 0 deletionsinclude/uapi/linux/prctl.h
Loading
Please register or sign in to comment