git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Sun, 29 Apr 2018 13:21:42 +0000 (15:21 +0200)
committer	Stefan Bader <stefan.bader@canonical.com>
	Mon, 14 May 2018 10:09:54 +0000 (12:09 +0200)
commit	0b35aca27a5af421387b4a438eb18f82a855376d
tree	6023deb217306556c9408a5bc0a4e793da3cd2d8	tree
parent	f12a33c4eaa935b8c30cf98263c558e4e4bb013e	commit \| diff

x86/process: Allow runtime control of Speculative Store Bypass

The Speculative Store Bypass vulnerability can be mitigated with the
Reduced Data Speculation (RDS) feature. To allow finer grained control of
this eventually expensive mitigation a per task mitigation control is
required.

Add a new TIF_RDS flag and put it into the group of TIF flags which are
evaluated for mismatch in switch_to(). If these bits differ in the previous
and the next task, then the slow path function __switch_to_xtra() is
invoked. Implement the TIF_RDS dependent mitigation control in the slow
path.

If the prctl for controlling Speculative Store Bypass is disabled or no
task uses the prctl then there is no overhead in the switch_to() fast
path.

Update the KVM related speculation control functions to take TID_RDS into
account as well.

Based on a patch from Tim Chen. Completely rewritten.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CVE-2018-3639 (x86)

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

arch/x86/include/asm/msr-index.h		diff \| blob \| blame \| history
arch/x86/include/asm/spec-ctrl.h		diff \| blob \| blame \| history
arch/x86/include/asm/thread_info.h		diff \| blob \| blame \| history
arch/x86/kernel/cpu/bugs.c		diff \| blob \| blame \| history
arch/x86/kernel/process.c		diff \| blob \| blame \| history