Patch "x86/speculation: Enable prctl mode for spectre_v2_user" has been added to the 4.14-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    x86/speculation: Enable prctl mode for spectre_v2_user

to the 4.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     x86speculation_Enable_prctl_mode_for_spectre_v2_user.patch
and it can be found in the queue-4.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


Subject: x86/speculation: Enable prctl mode for spectre_v2_user
From: Thomas Gleixner tglx@xxxxxxxxxxxxx
Date: Sun Nov 25 19:33:54 2018 +0100

From: Thomas Gleixner tglx@xxxxxxxxxxxxx

commit 7cc765a67d8e04ef7d772425ca5a2a1e2b894c15 upstream

Now that all prerequisites are in place:

 - Add the prctl command line option

 - Default the 'auto' mode to 'prctl'

 - When SMT state changes, update the static key which controls the
   conditional STIBP evaluation on context switch.

 - At init update the static key which controls the conditional IBPB
   evaluation on context switch.

Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Reviewed-by: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cc: Jiri Kosina <jkosina@xxxxxxx>
Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Cc: Andrea Arcangeli <aarcange@xxxxxxxxxx>
Cc: David Woodhouse <dwmw@xxxxxxxxxxxx>
Cc: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxx>
Cc: Casey Schaufler <casey.schaufler@xxxxxxxxx>
Cc: Asit Mallick <asit.k.mallick@xxxxxxxxx>
Cc: Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>
Cc: Jon Masters <jcm@xxxxxxxxxx>
Cc: Waiman Long <longman9394@xxxxxxxxx>
Cc: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: Dave Stewart <david.c.stewart@xxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Link: https://lkml.kernel.org/r/20181125185005.958421388@xxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 Documentation/admin-guide/kernel-parameters.txt |    7 +++-
 arch/x86/kernel/cpu/bugs.c                      |   41 ++++++++++++++++++------
 2 files changed, 38 insertions(+), 10 deletions(-)

--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4036,9 +4036,14 @@
 			off     - Unconditionally disable mitigations. Is
 				  enforced by spectre_v2=off
 
+			prctl   - Indirect branch speculation is enabled,
+				  but mitigation can be enabled via prctl
+				  per thread.  The mitigation control state
+				  is inherited on fork.
+
 			auto    - Kernel selects the mitigation depending on
 				  the available CPU features and vulnerability.
-				  Default is off.
+				  Default is prctl.
 
 			Not specifying this option is equivalent to
 			spectre_v2_user=auto.
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -254,11 +254,13 @@ enum spectre_v2_user_cmd {
 	SPECTRE_V2_USER_CMD_NONE,
 	SPECTRE_V2_USER_CMD_AUTO,
 	SPECTRE_V2_USER_CMD_FORCE,
+	SPECTRE_V2_USER_CMD_PRCTL,
 };
 
 static const char * const spectre_v2_user_strings[] = {
 	[SPECTRE_V2_USER_NONE]		= "User space: Vulnerable",
 	[SPECTRE_V2_USER_STRICT]	= "User space: Mitigation: STIBP protection",
+	[SPECTRE_V2_USER_PRCTL]		= "User space: Mitigation: STIBP via prctl",
 };
 
 static const struct {
@@ -269,6 +271,7 @@ static const struct {
 	{ "auto",	SPECTRE_V2_USER_CMD_AUTO,	false },
 	{ "off",	SPECTRE_V2_USER_CMD_NONE,	false },
 	{ "on",		SPECTRE_V2_USER_CMD_FORCE,	true  },
+	{ "prctl",	SPECTRE_V2_USER_CMD_PRCTL,	false },
 };
 
 static void __init spec_v2_user_print_cond(const char *reason, bool secure)
@@ -323,12 +326,15 @@ spectre_v2_user_select_mitigation(enum s
 		smt_possible = false;
 
 	switch (spectre_v2_parse_user_cmdline(v2_cmd)) {
-	case SPECTRE_V2_USER_CMD_AUTO:
 	case SPECTRE_V2_USER_CMD_NONE:
 		goto set_mode;
 	case SPECTRE_V2_USER_CMD_FORCE:
 		mode = SPECTRE_V2_USER_STRICT;
 		break;
+	case SPECTRE_V2_USER_CMD_AUTO:
+	case SPECTRE_V2_USER_CMD_PRCTL:
+		mode = SPECTRE_V2_USER_PRCTL;
+		break;
 	}
 
 	/* Initialize Indirect Branch Prediction Barrier */
@@ -339,6 +345,9 @@ spectre_v2_user_select_mitigation(enum s
 		case SPECTRE_V2_USER_STRICT:
 			static_branch_enable(&switch_mm_always_ibpb);
 			break;
+		case SPECTRE_V2_USER_PRCTL:
+			static_branch_enable(&switch_mm_cond_ibpb);
+			break;
 		default:
 			break;
 		}
@@ -351,6 +360,12 @@ spectre_v2_user_select_mitigation(enum s
 	if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
 		return;
 
+	/*
+	 * If SMT is not possible or STIBP is not available clear the STIPB
+	 * mode.
+	 */
+	if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP))
+		mode = SPECTRE_V2_USER_NONE;
 set_mode:
 	spectre_v2_user = mode;
 	/* Only print the STIBP mode when SMT possible */
@@ -549,6 +564,15 @@ static void update_stibp_strict(void)
 	on_each_cpu(update_stibp_msr, NULL, 1);
 }
 
+/* Update the static key controlling the evaluation of TIF_SPEC_IB */
+static void update_indir_branch_cond(void)
+{
+	if (sched_smt_active())
+		static_branch_enable(&switch_to_cond_stibp);
+	else
+		static_branch_disable(&switch_to_cond_stibp);
+}
+
 void arch_smt_update(void)
 {
 	/* Enhanced IBRS implies STIBP. No update required. */
@@ -564,6 +588,7 @@ void arch_smt_update(void)
 		update_stibp_strict();
 		break;
 	case SPECTRE_V2_USER_PRCTL:
+		update_indir_branch_cond();
 		break;
 	}
 
@@ -1035,7 +1060,8 @@ static char *stibp_state(void)
 	case SPECTRE_V2_USER_STRICT:
 		return ", STIBP: forced";
 	case SPECTRE_V2_USER_PRCTL:
-		return "";
+		if (static_key_enabled(&switch_to_cond_stibp))
+			return ", STIBP: conditional";
 	}
 	return "";
 }
@@ -1043,14 +1069,11 @@ static char *stibp_state(void)
 static char *ibpb_state(void)
 {
 	if (boot_cpu_has(X86_FEATURE_IBPB)) {
-		switch (spectre_v2_user) {
-		case SPECTRE_V2_USER_NONE:
-			return ", IBPB: disabled";
-		case SPECTRE_V2_USER_STRICT:
+		if (static_key_enabled(&switch_mm_always_ibpb))
 			return ", IBPB: always-on";
-		case SPECTRE_V2_USER_PRCTL:
-			return "";
-		}
+		if (static_key_enabled(&switch_mm_cond_ibpb))
+			return ", IBPB: conditional";
+		return ", IBPB: disabled";
 	}
 	return "";
 }


Patches currently in stable-queue which might be from tglx@xxxxxxxxxxxxx are

queue-4.14/x86speculation_Prepare_for_conditional_IBPB_in_switch_mm.patch
queue-4.14/x86speculation_Rework_SMT_state_change.patch
queue-4.14/x86bugs_Switch_the_selection_of_mitigation_from_CPU_vendor_to_CPU_features.patch
queue-4.14/x86Kconfig_Select_SCHED_SMT_if_SMP_enabled.patch
queue-4.14/x86speculation_Move_STIPBIBPB_string_conditionals_out_of_cpu_show_common().patch
queue-4.14/x86speculation_Propagate_information_about_RSB_filling_mitigation_to_sysfs.patch
queue-4.14/x86speculation_Prepare_arch_smt_update_for_PRCTL_mode.patch
queue-4.14/x86speculation_Enable_cross-hyperthread_spectre_v2_STIBP_mitigation.patch
queue-4.14/bpf-prevent-memory-disambiguation-attack.patch
queue-4.14/x86speculation_Prevent_stale_SPEC_CTRL_msr_content.patch
queue-4.14/ptrace_Remove_unused_ptrace_may_access_sched_and_MODE_IBRS.patch
queue-4.14/x86speculation_Mark_string_arrays_const_correctly.patch
queue-4.14/x86process_Consolidate_and_simplify_switch_to_xtra_code.patch
queue-4.14/x86speculation_Apply_IBPB_more_strictly_to_avoid_cross-process_data_leak.patch
queue-4.14/x86speculation_Enable_prctl_mode_for_spectre_v2_user.patch
queue-4.14/x86speculation_Rename_SSBD_update_functions.patch
queue-4.14/x86speculation_Add_command_line_control_for_indirect_branch_speculation.patch
queue-4.14/x86l1tf_Show_actual_SMT_state.patch
queue-4.14/x86speculation_Split_out_TIF_update.patch
queue-4.14/schedsmt_Make_sched_smt_present_track_topology.patch
queue-4.14/x86retpoline_Make_CONFIG_RETPOLINE_depend_on_compiler_support.patch
queue-4.14/schedsmt_Expose_sched_smt_present_static_key.patch
queue-4.14/x86speculation_Reorder_the_spec_v2_code.patch
queue-4.14/x86speculation_Add_prctl()_control_for_indirect_branch_speculation.patch
queue-4.14/x86bugs_Update_when_to_check_for_the_LS_CFG_SSBD_mitigation.patch
queue-4.14/x86speculation_Provide_IBPB_always_command_line_options.patch
queue-4.14/x86speculation_Prepare_for_per_task_indirect_branch_speculation_control.patch
queue-4.14/x86speculataion_Mark_command_line_parser_data___initdata.patch
queue-4.14/x86speculation_Disable_STIBP_when_enhanced_IBRS_is_in_use.patch
queue-4.14/x86speculation_Reorganize_speculation_control_MSRs_update.patch
queue-4.14/x86bugs_Add_AMDs_SPEC_CTRL_MSR_usage.patch
queue-4.14/x86speculation_Clean_up_spectre_v2_parse_cmdline().patch
queue-4.14/x86speculation_Update_the_TIF_SSBD_comment.patch
queue-4.14/x86speculation_Add_seccomp_Spectre_v2_user_space_protection_mode.patch
queue-4.14/x86bugs_Add_AMDs_variant_of_SSB_NO.patch
queue-4.14/schedcore_Fix_cpu.max_vs._cpuhotplug_deadlock.patch
queue-4.14/x86speculation_Unify_conditional_spectre_v2_print_functions.patch
queue-4.14/x86speculation_Avoid___switch_to_xtra_calls.patch
queue-4.14/x86speculation_Remove_unnecessary_ret_variable_in_cpu_show_common().patch
queue-4.14/x86bugs_Fix_the_AMD_SSBD_usage_of_the_SPEC_CTRL_MSR.patch
queue-4.14/x86retpoline_Remove_minimal_retpoline_support.patch
queue-4.14/x86speculation_Add_RETPOLINE_AMD_support_to_the_inline_asm_CALL_NOSPEC_variant.patch
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux