git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit

x86/speculation/mmio: Reuse SRBDS mitigation for SBDS

commit a992b8a4682f119ae035a01b40d4d0665c4a2875 upstream

The Shared Buffers Data Sampling (SBDS) variant of Processor MMIO Stale
Data vulnerabilities may expose RDRAND, RDSEED and SGX EGETKEY data.
Mitigation for this is added by a microcode update.

As some of the implications of SBDS are similar to SRBDS, SRBDS mitigation
infrastructure can be leveraged by SBDS. Set X86_BUG_SRBDS and use SRBDS
mitigation.

Mitigation is enabled by default; use srbds=off to opt-out. Mitigation
status can be checked from below file:

/sys/devices/system/cpu/vulnerabilities/srbds

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
CVE-2022-21166
CVE-2022-21123
CVE-2022-21125
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>

author	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
	Fri, 20 May 2022 03:34:14 +0000 (20:34 -0700)
committer	Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
	Thu, 9 Jun 2022 14:21:11 +0000 (11:21 -0300)
commit	84ee2fba7229323bc85d3c752a51a5cceea048b8
tree	2629cbce2ef974a3bb48fb27156284d1397282f0	tree
parent	ee855cd4e7556034a903fa45e3b1a701569a2f72	commit \| diff