mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
725,241 Commits 103 Branches 5,016 Tags 5.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Mark Gross 9ecf57e4aa x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 
commit 7e5b3c267d upstream

SRBDS is an MDS-like speculative side channel that can leak bits from the
random number generator (RNG) across cores and threads. New microcode
serializes the processor access during the execution of RDRAND and
RDSEED. This ensures that the shared buffer is overwritten before it is
released for reuse.

While it is present on all affected CPU models, the microcode mitigation
is not needed on models that enumerate ARCH_CAPABILITIES[MDS_NO] in the
cases where TSX is not supported or has been disabled with TSX_CTRL.

The mitigation is activated by default on affected processors and it
increases latency for RDRAND and RDSEED instructions. Among other
effects this will reduce throughput from /dev/urandom.

* Enable administrator to configure the mitigation off when desired using
  either mitigations=off or srbds=off.

* Export vulnerability status via sysfs

* Rename file-scoped macros to apply for non-whitelist table initializations.

 [ bp: Massage,
   - s/VULNBL_INTEL_STEPPING/VULNBL_INTEL_STEPPINGS/g,
   - do not read arch cap MSR a second time in tsx_fused_off() - just pass it in,
   - flip check in cpu_set_bug_bits() to save an indentation level,
   - reflow comments.
   jpoimboe: s/Mitigated/Mitigation/ in user-visible strings
   tglx: Dropped the fused off magic for now
 ]

Signed-off-by: Mark Gross <mgross@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Tested-by: Neelima Krishnan <neelima.krishnan@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-06-11 09:23:01 +02:00
Documentation x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-06-11 09:23:01 +02:00
arch x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-06-11 09:23:01 +02:00
block block, bfq: fix use-after-free in bfq_idle_slice_timer_body 2020-04-24 08:00:30 +02:00
certs Replace magic for trusting the secondary keyring with #define 2018-09-09 19:55:54 +02:00
crypto gcc-10: avoid shadowing standard library 'free()' in crypto 2020-05-20 08:17:11 +02:00
drivers x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation 2020-06-11 09:23:01 +02:00
firmware Fix built-in early-load Intel microcode alignment 2020-01-23 08:20:30 +01:00
fs fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() 2020-06-03 08:18:03 +02:00
include x86/cpu: Add a steppings field to struct x86_cpu_id 2020-06-11 09:23:01 +02:00
init x86: Fix early boot crash on gcc-10, third try 2020-05-20 08:17:15 +02:00
ipc ipc/util.c: sysvipc_find_ipc() incorrectly updates position index 2020-05-20 08:17:07 +02:00
kernel kernel/relay.c: handle alloc_percpu returning NULL in relay_open 2020-06-11 09:22:58 +02:00
lib ubsan: build ubsan.c more conservatively 2020-05-27 16:43:08 +02:00
mm mm: Fix mremap not considering huge pmd devmap 2020-06-11 09:22:57 +02:00
net l2tp: add sk_family checks to l2tp_validate_socket 2020-06-11 09:22:59 +02:00
samples samples: bpf: Fix build error 2020-06-03 08:17:55 +02:00
scripts gcc-common.h: Update for GCC 10 2020-05-27 16:42:53 +02:00
security exec: Always set cap_ambient in cap_bprm_set_creds 2020-06-03 08:18:01 +02:00
sound ALSA: hda/realtek - Add new codec supported for ALC287 2020-06-03 08:18:02 +02:00
tools objtool: Fix stack offset tracking for indirect CFAs 2020-05-20 08:17:01 +02:00
usr initramfs: restore default compression behavior 2020-04-13 10:34:19 +02:00
virt KVM: arm: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER 2020-05-20 08:16:58 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: rpm-pkg: keep spec file until make mrproper 2018-02-13 10:19:46 +01:00
.mailmap .mailmap: Add Maciej W. Rozycki's Imagination e-mail address 2017-11-10 12:16:15 -08:00
COPYING
CREDITS MAINTAINERS: update TPM driver infrastructure changes 2017-11-09 17:58:40 -08:00
Kbuild License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
MAINTAINERS MAINTAINERS: Update drm/i915 bug filing URL 2020-02-28 16:36:12 +01:00
Makefile Linux 4.14.183 2020-06-03 08:18:13 +02:00
README README: add a new README file, pointing to the Documentation/ 2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.