mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-26 04:16:39 +00:00
Code Issues Releases Wiki Activity
linux-stable/Documentation/admin-guide/hw-vuln
History
Pawan Gupta c2b9e03889 x86/bhi: Mitigate KVM by default 
commit 95a6ccbdc7 upstream.

BHI mitigation mode spectre_bhi=auto does not deploy the software
mitigation by default. In a cloud environment, it is a likely scenario
where userspace is trusted but the guests are not trusted. Deploying
system wide mitigation in such cases is not desirable.

Update the auto mode to unconditionally mitigate against malicious
guests. Deploy the software sequence at VMexit in auto mode also, when
hardware mitigation is not available. Unlike the force =on mode,
software sequence is not deployed at syscalls in auto mode.

Suggested-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Daniel Sneddon <daniel.sneddon@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-04-10 16:19:44 +02:00
..
core-scheduling.rst admin-guide/hw-vuln: Rephrase a section of core-scheduling.rst 2021-07-25 14:39:17 -06:00
cross-thread-rsb.rst Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions 2023-02-14 19:18:05 +01:00
gather_data_sampling.rst Documentation/x86: Fix backwards on/off logic about YMM support 2023-08-08 19:58:33 +02:00
index.rst Documentation/hw-vuln: Add documentation for RFDS 2024-04-10 16:18:48 +02:00
l1d_flush.rst Documentation: Add L1D flushing Documentation 2021-07-28 11:42:25 +02:00
l1tf.rst docs: add IRQ documentation at the core-api book 2020-05-15 12:00:56 -06:00
mds.rst
multihit.rst x86/bugs/multihit: Fix mitigation reporting when VMX is not in use 2020-08-07 01:32:00 +02:00
processor_mmio_stale_data.rst x86/bugs: Add "unknown" reporting for MMIO Stale Data 2022-08-31 17:16:47 +02:00
reg-file-data-sampling.rst Documentation/hw-vuln: Add documentation for RFDS 2024-04-10 16:18:48 +02:00
special-register-buffer-data-sampling.rst docs: admin-guide: hw-vuln: avoid using ReST :doc:foo markup 2021-06-17 13:24:36 -06:00
spectre.rst x86/bhi: Mitigate KVM by default 2024-04-10 16:19:44 +02:00
srso.rst x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 2023-08-26 14:23:39 +02:00
tsx_async_abort.rst Documentation: fix multiple typos found in the admin-guide subdirectory 2020-12-08 10:27:56 -07:00