On Tue, Jan 24, 2023 at 05:28:01PM -0800, Eric Biggers wrote: > +.. SPDX-License-Identifier: GPL-2.0 > + > +DODT - Data Operand Dependent Timing > +==================================== > + > +Data Operand Dependent Timing (DODT) is a CPU vulnerability that makes the > +execution times of instructions depend on the values of the data operated on. > + > +This vulnerability potentially enables side-channel attacks on data, including > +cryptographic keys. Most cryptography algorithms require that a variety of > +instructions be constant-time in order to prevent side-channel attacks. > + > +Affected CPUs > +------------- > + > +This vulnerability affects Intel Core family processors based on the Ice Lake > +and later microarchitectures, and Intel Atom family processors based on the > +Gracemont and later microarchitectures. For more information, see Intel's > +documentation [1]_. > + > +Mitigation > +---------- > + > +Mitigation of this vulnerability involves setting a Model Specific Register > +(MSR) bit to enable Data Operand Independent Timing Mode (DOITM). > + > +By the default, the kernel does this on all CPUs. This mitigation is global, so > +it applies to both the kernel and userspace. > + > +This mitigation can be disabled by adding ``doitm=off`` to the kernel command > +line. It's also one of the mitigations that can be disabled by > +``mitigations=off``. > + > +References > +---------- > +.. [1] Data Operand Independent Timing Instruction Set Architecture (ISA) Guidance > + https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/data-operand-independent-timing-isa-guidance.html > diff --git a/Documentation/admin-guide/hw-vuln/index.rst b/Documentation/admin-guide/hw-vuln/index.rst > index 4df436e7c4177..cd962f9634dad 100644 > --- a/Documentation/admin-guide/hw-vuln/index.rst > +++ b/Documentation/admin-guide/hw-vuln/index.rst > @@ -18,3 +18,4 @@ are configurable at compile, boot or run time. > core-scheduling.rst > l1d_flush.rst > processor_mmio_stale_data.rst > + dodt.rst > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index 6cfa6e3996cf7..a6a872c4365e6 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -1119,6 +1119,12 @@ > The filter can be disabled or changed to another > driver later using sysfs. > > + doitm=off [X86,INTEL] Disable the use of Data Operand Independent > + Timing Mode (DOITM). I.e., disable the mitigation for > + the Data Operand Dependent Timing (DODT) CPU > + vulnerability. For details, see > + Documentation/admin-guide/hw-vuln/dodt.rst > + > driver_async_probe= [KNL] > List of driver names to be probed asynchronously. * > matches with all driver names. If * is specified, the > @@ -3259,6 +3265,7 @@ > no_uaccess_flush [PPC] > mmio_stale_data=off [X86] > retbleed=off [X86] > + doitm=off [X86,INTEL] > > Exceptions: > This does not have any effect on The doc LGTM, thanks! Reviewed-by: Bagas Sanjaya <bagasdotme@xxxxxxxxx> -- An old man doll... just what I always wanted! - Clara
Attachment:
signature.asc
Description: PGP signature