mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-25 11:55:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Daniel Sneddon ff0642207e x86/speculation: Add Gather Data Sampling mitigation 
commit 8974eb5882 upstream

Gather Data Sampling (GDS) is a hardware vulnerability which allows
unprivileged speculative access to data which was previously stored in
vector registers.

Intel processors that support AVX2 and AVX512 have gather instructions
that fetch non-contiguous data elements from memory. On vulnerable
hardware, when a gather instruction is transiently executed and
encounters a fault, stale data from architectural or internal vector
registers may get transiently stored to the destination vector
register allowing an attacker to infer the stale data using typical
side channel techniques like cache timing attacks.

This mitigation is different from many earlier ones for two reasons.
First, it is enabled by default and a bit must be set to *DISABLE* it.
This is the opposite of normal mitigation polarity. This means GDS can
be mitigated simply by updating microcode and leaving the new control
bit alone.

Second, GDS has a "lock" bit. This lock bit is there because the
mitigation affects the hardware security features KeyLocker and SGX.
It needs to be enabled and *STAY* enabled for these features to be
mitigated against GDS.

The mitigation is enabled in the microcode by default. Disable it by
setting gather_data_sampling=off or by disabling all mitigations with
mitigations=off. The mitigation status can be checked by reading:

    /sys/devices/system/cpu/vulnerabilities/gather_data_sampling

Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-08-08 20:04:50 +02:00
..
accel accel/qaic: Add consistent integer overflow checks 2023-07-27 08:56:37 +02:00
accessibility
acpi ACPI/IORT: Remove erroneous id_count check in iort_node_get_rmr_info() 2023-08-03 10:26:08 +02:00
amba
android binder: fix UAF of alloc->vma in race with munmap() 2023-05-20 17:56:23 +01:00
ata ata: pata_ns87415: mark ns87560_tf_read static 2023-08-03 10:26:00 +02:00
atm
auxdisplay
base x86/speculation: Add Gather Data Sampling mitigation 2023-08-08 20:04:50 +02:00
bcma
block rbd: retrieve and check lock owner twice before blocklisting 2023-08-03 10:26:14 +02:00
bluetooth Bluetooth: btusb: Fix bluetooth on Intel Macbook 2014 2023-07-27 08:57:03 +02:00
bus bus: ixp4xx: fix IXP4XX_EXP_T1_MASK 2023-07-23 13:54:08 +02:00
cdrom
cdx cdx: fix driver managed dma support 2023-07-19 16:36:37 +02:00
char tpm_tis: Explicitly check for error code 2023-08-03 10:26:08 +02:00
clk clk: qcom: mmcc-msm8974: fix MDSS_GDSC power flags 2023-07-19 16:36:38 +02:00
clocksource clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe 2023-07-19 16:35:14 +02:00
comedi
connector
counter - New Drivers 2023-05-02 10:41:31 -07:00
cpufreq cpufreq: mediatek: correct voltages for MT7622 and MT7623 2023-07-19 16:36:38 +02:00
cpuidle RISC-V: Align SBI probe implementation with spec 2023-04-29 13:04:50 -07:00
crypto crypto: qat - unmap buffers before free for RSA 2023-07-19 16:36:19 +02:00
cxl cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws() 2023-08-03 10:25:57 +02:00
dax dax/kmem: Pass valid argument to memory_group_register_static 2023-07-19 16:36:20 +02:00
dca Mainly singleton patches all over the place. Series of note are: 2023-04-27 19:57:00 -07:00
devfreq Driver core changes for 6.4-rc1 2023-04-27 11:53:57 -07:00
dio
dma dmaengine: at_hdmac: Extend the Flow Controller bitfield to three bits 2023-05-24 11:20:28 +05:30
dma-buf dma-buf: fix an error pointer vs NULL bug 2023-08-03 10:26:14 +02:00
edac EDAC/qcom: Get rid of hardcoded register offsets 2023-05-26 20:56:55 -07:00
eisa
extcon extcon: Fix kernel doc of property capability fields to avoid warnings 2023-07-19 16:36:31 +02:00
firewire firewire: net: fix unexpected release of object for asynchronous request packet 2023-05-11 09:06:49 +09:00
firmware firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() 2023-07-23 13:54:06 +02:00
fpga Char/Misc drivers for 6.4-rc1 2023-04-27 12:07:50 -07:00
fsi
gnss
gpio gpio: mvebu: fix irq domain leak 2023-08-03 10:25:42 +02:00
gpu dma-buf: fix an error pointer vs NULL bug 2023-08-03 10:26:14 +02:00
greybus
hid HID: add quirk for 03f0:464a HP Elite Presenter Mouse 2023-07-27 08:56:43 +02:00
hsi
hte Devicetree updates for v6.4, part 2: 2023-04-27 10:09:05 -07:00
hv x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline 2023-06-17 23:09:47 +00:00
hwmon hwmon: (pmbus_core) Fix Deadlock in pmbus_regulator_get_status 2023-08-03 10:26:07 +02:00
hwspinlock
hwtracing hwtracing: hisi_ptt: Fix potential sleep in atomic context 2023-07-19 16:36:39 +02:00
i2c i2c: nomadik: Remove a useless call in the remove function 2023-08-03 10:25:44 +02:00
i3c i3c: master: svc: fix cpu schedule in spin lock 2023-07-19 16:36:33 +02:00
idle intel_idle: mark few variables as __read_mostly 2023-04-27 19:37:36 +02:00
iio meson saradc: fix clock divider mask length 2023-07-23 13:54:07 +02:00
infiniband RDMA/irdma: Report correct WC error 2023-08-03 10:25:59 +02:00
input Input: ads7846 - fix pointer cast warning 2023-07-19 16:36:59 +02:00
interconnect interconnect: qcom: rpm: Don't use clk_get_optional for bus clocks anymore 2023-07-19 16:36:27 +02:00
iommu iommufd: Set end correctly when doing batch carry 2023-08-03 10:26:10 +02:00
ipack
irqchip irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation 2023-08-03 10:26:09 +02:00
isdn Including fixes from netfilter. 2023-05-05 19:12:01 -07:00
leds leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename 2023-07-19 16:36:58 +02:00
macintosh powerpc updates for 6.4 2023-04-28 16:24:32 -07:00
mailbox mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 2023-07-19 16:36:45 +02:00
mcb mcb-lpc: Reallocate memory region to avoid memory overlapping 2023-04-20 14:24:01 +02:00
md dm cache policy smq: ensure IO doesn't prevent cleaner policy progress 2023-08-03 10:26:13 +02:00
media media: mtk_jpeg_core: avoid unused-variable warning 2023-08-03 10:25:49 +02:00
memory memory: brcmstb_dpfe: fix testing array offset after use 2023-07-19 16:35:53 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-07-19 16:35:28 +02:00
message Objtool changes for v6.4: 2023-04-28 14:02:54 -07:00
mfd mfd: pm8008: Fix module autoloading 2023-07-23 13:54:01 +02:00
misc misc: pci_endpoint_test: Re-init completion for every test 2023-07-23 13:54:01 +02:00
mmc mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is used. 2023-07-19 16:36:52 +02:00
most
mtd mtd: rawnand: meson: fix unaligned DMA buffers handling 2023-07-23 13:53:53 +02:00
mux
net net: dsa: qca8k: fix mdb add/del case with 0 VID 2023-08-03 10:26:10 +02:00
nfc nfc: fdp: Add MODULE_FIRMWARE macros 2023-06-18 11:19:52 +01:00
ntb NTB: ntb_tool: Add check for devm_kcalloc 2023-07-23 13:53:43 +02:00
nubus nubus: Partially revert proc_create_single_data() conversion 2023-07-05 18:30:30 +01:00
nvdimm
nvme nvme: don't reject probe due to duplicate IDs for single-ported PCIe devices 2023-07-23 13:54:09 +02:00
nvmem nvmem: rmem: Use NVMEM_DEVID_AUTO 2023-07-19 16:36:37 +02:00
of of: Preserve "of-display" device name for compatibility 2023-07-27 08:56:36 +02:00
opp opp: Fix use-after-free in lazy_opp_tables after probe deferral 2023-07-23 13:54:07 +02:00
parisc parisc: Replace regular spinlock with spin_trylock on panic path 2023-05-03 17:43:26 +02:00
parport
pci PCI: rockchip: Don't advertise MSI-X in PCIe capabilities 2023-08-03 10:25:44 +02:00
pcmcia
peci
perf perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start() 2023-07-23 13:54:09 +02:00
phy phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() 2023-08-03 10:25:50 +02:00
pinctrl pinctrl: renesas: rzg2l: Handle non-unique subnode names 2023-07-27 08:56:53 +02:00
platform platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 2023-08-03 10:25:52 +02:00
pnp
power power: supply: rt9467: Make charger-enable control as logic level 2023-07-19 16:36:33 +02:00
powercap powercap: RAPL: Fix CONFIG_IOSF_MBI dependency 2023-07-19 16:35:15 +02:00
pps
ps3
ptp Driver core changes for 6.4-rc1 2023-04-27 11:53:57 -07:00
pwm pwm: meson: fix handling of period/duty if greater than UINT_MAX 2023-07-23 13:54:11 +02:00
rapidio Mainly singleton patches all over the place. Series of note are: 2023-04-27 19:57:00 -07:00
ras
regulator regulator: da9063: fix null pointer deref with partial DT config 2023-07-27 08:56:56 +02:00
remoteproc Mainly singleton patches all over the place. Series of note are: 2023-04-27 19:57:00 -07:00
reset Nothing looks out of the ordinary in this batch of clk driver updates. There 2023-04-29 17:29:39 -07:00
rpmsg Driver core changes for 6.4-rc1 2023-04-27 11:53:57 -07:00
rtc rtc: st-lpc: Release some resources in st_rtc_probe() in case of error 2023-07-19 16:36:40 +02:00
s390 s390/dasd: print copy pair message only for the correct error 2023-08-03 10:26:12 +02:00
sbus Driver core changes for 6.4-rc1 2023-04-27 11:53:57 -07:00
scsi scsi: sg: Fix checking return value of blk_get_queue() 2023-07-27 08:57:06 +02:00
sh
siox
slimbus
soc soc: qcom: mdt_loader: Fix unconditional call to scm_pas_mem_setup 2023-07-23 13:53:57 +02:00
soundwire soundwire: fix enumeration completion 2023-08-03 10:26:10 +02:00
spi spi: dw: Remove misleading comment for Mount Evans SoC 2023-07-27 08:57:06 +02:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-04-20 14:16:39 +02:00
ssb
staging staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() 2023-08-03 10:26:05 +02:00
target scsi: target: core: Fix error path in target_setup_session() 2023-06-14 21:54:35 -04:00
tc
tee AMDTEE add return origin to load TA command 2023-06-07 12:58:22 +02:00
thermal thermal: of: fix double-free on unregistration 2023-08-03 10:26:13 +02:00
thunderbolt thunderbolt: Mask ring interrupt on Intel hardware as well 2023-05-31 10:37:21 +03:00
tty tty: n_gsm: fix UAF in gsm_cleanup_mux 2023-08-03 10:26:05 +02:00
ufs scsi: ufs: ufs-mediatek: Add dependency for RESET_CONTROLLER 2023-07-23 13:53:40 +02:00
uio
usb Revert "xhci: add quirk for host controllers that don't update endpoint DCS" 2023-08-03 10:26:05 +02:00
vdpa vduse: fix NULL pointer dereference 2023-07-19 16:36:47 +02:00
vfio vfio/mdev: Move the compat_class initialization to module init 2023-07-19 16:36:18 +02:00
vhost vhost_vdpa: support PACKED when setting-getting vring_base 2023-06-09 12:08:04 -04:00
video fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe 2023-07-27 08:57:01 +02:00
virt virt: sevguest: Add CONFIG_CRYPTO dependency 2023-07-19 16:35:08 +02:00
virtio virtio-vdpa: Fix unchecked call to NULL set_vq_affinity 2023-07-19 16:36:41 +02:00
vlynq
w1 w1: fix loop in w1_fini() 2023-07-19 16:36:25 +02:00
watchdog linux-watchdog 6.4-rc1 tag 2023-05-04 18:33:56 -07:00
xen xen: speed up grant-table reclaim 2023-08-03 10:26:09 +02:00
zorro
Kconfig
Makefile