linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-23 09:19:51 +00:00

No description

Find a file

Josh Poimboeuf 83e6e48e70 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations commit `18ec54fdd6` upstream Spectre v1 isn't only about array bounds checks. It can affect any conditional checks. The kernel entry code interrupt, exception, and NMI handlers all have conditional swapgs checks. Those may be problematic in the context of Spectre v1, as kernel code can speculatively run with a user GS. For example: if (coming from user space) swapgs mov %gs:<percpu_offset>, %reg mov (%reg), %reg1 When coming from user space, the CPU can speculatively skip the swapgs, and then do a speculative percpu load using the user GS value. So the user can speculatively force a read of any kernel value. If a gadget exists which uses the percpu value as an address in another load/store, then the contents of the kernel value may become visible via an L1 side channel attack. A similar attack exists when coming from kernel space. The CPU can speculatively do the swapgs, causing the user GS to get used for the rest of the speculative window. The mitigation is similar to a traditional Spectre v1 mitigation, except: a) index masking isn't possible; because the index (percpu offset) isn't user-controlled; and b) an lfence is needed in both the "from user" swapgs path and the "from kernel" non-swapgs path (because of the two attacks described above). The user entry swapgs paths already have SWITCH_TO_KERNEL_CR3, which has a CR3 write when PTI is enabled. Since CR3 writes are serializing, the lfences can be skipped in those cases. On the other hand, the kernel entry swapgs paths don't depend on PTI. To avoid unnecessary lfences for the user entry case, create two separate features for alternative patching: X86_FEATURE_FENCE_SWAPGS_USER X86_FEATURE_FENCE_SWAPGS_KERNEL Use these features in entry code to patch in lfences where needed. The features aren't enabled yet, so there's no functional change. Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Dave Hansen <dave.hansen@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-08-06 19:05:29 +02:00
arch	x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations	2019-08-06 19:05:29 +02:00
block	block/bio-integrity: fix a memory leak bug	2019-07-31 07:28:55 +02:00
certs	Replace magic for trusting the secondary keyring with #define	2018-09-09 19:55:54 +02:00
crypto	crypto: chacha20poly1305 - fix atomic sleep when using async algorithm	2019-07-31 07:28:35 +02:00
Documentation	arm64: dts: marvell: Fix A37xx UART0 register size	2019-08-04 09:32:00 +02:00
drivers	eeprom: at24: make spd world-readable again	2019-08-06 19:05:28 +02:00
firmware	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
fs	Btrfs: fix race leading to fs corruption after transaction abort	2019-08-06 19:05:25 +02:00
include	uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers	2019-08-06 19:05:24 +02:00
init	init: initialize jump labels before command line option parsing	2019-05-16 19:42:23 +02:00
ipc	ipc/mqueue.c: only perform resource calculation if user valid	2019-08-06 19:05:24 +02:00
kernel	kernel/module.c: Only return -EEXIST for modules that have finished loading	2019-08-06 19:05:20 +02:00
lib	lib/strscpy: Shut up KASAN false-positives in strscpy()	2019-07-31 07:28:44 +02:00
mm	mm/cma.c: fail if fixed declaration can't be honored	2019-08-06 19:05:23 +02:00
net	ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL	2019-08-04 09:32:03 +02:00
samples	samples, bpf: fix to change the buffer size for read()	2019-07-21 09:04:17 +02:00
scripts	kallsyms: exclude kasan local symbols on s390	2019-07-31 07:28:54 +02:00
security	selinux: fix memory leak in policydb_init()	2019-08-06 19:05:26 +02:00
sound	ALSA: hda - Add a conexant codec entry to let mute led work	2019-07-31 07:28:58 +02:00
tools	objtool: Support GCC 9 cold subfunction naming scheme	2019-08-06 19:05:28 +02:00
usr	initramfs: fix initramfs rebuilds w/ compression after disabling	2017-11-03 07:39:19 -07:00
virt	KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy	2019-07-21 09:04:24 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes	.gitattributes: set git diff driver for C source code files	2016-10-07 18:46:30 -07:00
.gitignore	kbuild: rpm-pkg: keep spec file until make mrproper	2018-02-13 10:19:46 +01:00
.mailmap	.mailmap: Add Maciej W. Rozycki's Imagination e-mail address	2017-11-10 12:16:15 -08:00
COPYING
CREDITS	MAINTAINERS: update TPM driver infrastructure changes	2017-11-09 17:58:40 -08:00
Kbuild	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
Kconfig	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
MAINTAINERS	MAINTAINERS: Add Sasha as a stable branch maintainer	2018-12-01 09:42:50 +01:00
Makefile	kbuild: initialize CLANG_FLAGS correctly in the top Makefile	2019-08-06 19:05:25 +02:00
README	README: add a new README file, pointing to the Documentation/	2016-10-24 08:12:35 -02:00

README

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.