forked from mirrors/linux
4b78317679
Pull STIBP fallout fixes from Thomas Gleixner:
"The performance destruction department finally got it's act together
and came up with a cure for the STIPB regression:
- Provide a command line option to control the spectre v2 user space
mitigations. Default is either seccomp or prctl (if seccomp is
disabled in Kconfig). prctl allows mitigation opt-in, seccomp
enables the migitation for sandboxed processes.
- Rework the code to handle the conditional STIBP/IBPB control and
remove the now unused ptrace_may_access_sched() optimization
attempt
- Disable STIBP automatically when SMT is disabled
- Optimize the switch_to() logic to avoid MSR writes and invocations
of __switch_to_xtra().
- Make the asynchronous speculation TIF updates synchronous to
prevent stale mitigation state.
As a general cleanup this also makes retpoline directly depend on
compiler support and removes the 'minimal retpoline' option which just
pretended to provide some form of security while providing none"
* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (31 commits)
x86/speculation: Provide IBPB always command line options
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Enable prctl mode for spectre_v2_user
x86/speculation: Add prctl() control for indirect branch speculation
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Split out TIF update
ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
x86/speculation: Prepare for conditional IBPB in switch_mm()
x86/speculation: Avoid __switch_to_xtra() calls
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Prepare for per task indirect branch speculation control
x86/speculation: Add command line control for indirect branch speculation
x86/speculation: Unify conditional spectre v2 print functions
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Mark string arrays const correctly
x86/speculation: Reorder the spec_v2 code
x86/l1tf: Show actual SMT state
x86/speculation: Rework SMT state change
sched/smt: Expose sched_smt_present static key
...
|
||
|---|---|---|
| .. | ||
| ABI | ||
| accelerators | ||
| accounting | ||
| acpi | ||
| admin-guide | ||
| aoe | ||
| arm | ||
| arm64 | ||
| auxdisplay | ||
| backlight | ||
| block | ||
| blockdev | ||
| bpf | ||
| bus-devices | ||
| cdrom | ||
| cgroup-v1 | ||
| cma | ||
| connector | ||
| console | ||
| core-api | ||
| cpu-freq | ||
| cpuidle | ||
| crypto | ||
| dev-tools | ||
| device-mapper | ||
| devicetree | ||
| doc-guide | ||
| driver-api | ||
| driver-model | ||
| early-userspace | ||
| EDID | ||
| extcon | ||
| fault-injection | ||
| fb | ||
| features | ||
| filesystems | ||
| firmware_class | ||
| fmc | ||
| fpga | ||
| gpio | ||
| gpu | ||
| hid | ||
| hwmon | ||
| i2c | ||
| ia64 | ||
| ide | ||
| iio | ||
| infiniband | ||
| input | ||
| ioctl | ||
| isdn | ||
| kbuild | ||
| kdump | ||
| kernel-hacking | ||
| laptops | ||
| leds | ||
| lightnvm | ||
| livepatch | ||
| locking | ||
| m68k | ||
| maintainer | ||
| md | ||
| media | ||
| memory-devices | ||
| mic | ||
| mips | ||
| misc-devices | ||
| mmc | ||
| mtd | ||
| namespaces | ||
| netlabel | ||
| networking | ||
| nfc | ||
| nios2 | ||
| nvdimm | ||
| nvmem | ||
| openrisc | ||
| parisc | ||
| PCI | ||
| pcmcia | ||
| perf | ||
| phy | ||
| platform | ||
| power | ||
| powerpc | ||
| pps | ||
| process | ||
| pti | ||
| ptp | ||
| rapidio | ||
| RCU | ||
| riscv | ||
| s390 | ||
| scheduler | ||
| scsi | ||
| security | ||
| serial | ||
| sh | ||
| sound | ||
| sparc | ||
| sphinx | ||
| sphinx-static | ||
| spi | ||
| sysctl | ||
| target | ||
| thermal | ||
| timers | ||
| trace | ||
| translations | ||
| usb | ||
| userspace-api | ||
| virtual | ||
| vm | ||
| w1 | ||
| watchdog | ||
| wimax | ||
| x86 | ||
| xilinx | ||
| xtensa | ||
| .gitignore | ||
| atomic_bitops.txt | ||
| atomic_t.txt | ||
| bt8xxgpio.txt | ||
| btmrvl.txt | ||
| bus-virt-phys-mapping.txt | ||
| Changes | ||
| clearing-warn-once.txt | ||
| CodingStyle | ||
| conf.py | ||
| cpu-load.txt | ||
| cputopology.txt | ||
| crc32.txt | ||
| dcdbas.txt | ||
| debugging-modules.txt | ||
| debugging-via-ohci1394.txt | ||
| dell_rbu.txt | ||
| digsig.txt | ||
| DMA-API-HOWTO.txt | ||
| DMA-API.txt | ||
| DMA-attributes.txt | ||
| DMA-ISA-LPC.txt | ||
| docutils.conf | ||
| dontdiff | ||
| efi-stub.txt | ||
| eisa.txt | ||
| flexible-arrays.txt | ||
| futex-requeue-pi.txt | ||
| gcc-plugins.txt | ||
| highuid.txt | ||
| hw_random.txt | ||
| hwspinlock.txt | ||
| index.rst | ||
| Intel-IOMMU.txt | ||
| intel_txt.txt | ||
| io-mapping.txt | ||
| io_ordering.txt | ||
| iostats.txt | ||
| IPMI.txt | ||
| IRQ-affinity.txt | ||
| IRQ-domain.txt | ||
| IRQ.txt | ||
| irqflags-tracing.txt | ||
| isa.txt | ||
| isapnp.txt | ||
| kernel-per-CPU-kthreads.txt | ||
| kobject.txt | ||
| kprobes.txt | ||
| kref.txt | ||
| ldm.txt | ||
| lockup-watchdogs.txt | ||
| logo.gif | ||
| logo.txt | ||
| lsm.txt | ||
| lzo.txt | ||
| mailbox.txt | ||
| Makefile | ||
| memory-barriers.txt | ||
| men-chameleon-bus.txt | ||
| nommu-mmap.txt | ||
| ntb.txt | ||
| numastat.txt | ||
| padata.txt | ||
| parport-lowlevel.txt | ||
| percpu-rw-semaphore.txt | ||
| phy.txt | ||
| pi-futex.txt | ||
| pnp.txt | ||
| preempt-locking.txt | ||
| pwm.txt | ||
| rbtree.txt | ||
| remoteproc.txt | ||
| rfkill.txt | ||
| robust-futex-ABI.txt | ||
| robust-futexes.txt | ||
| rpmsg.txt | ||
| rtc.txt | ||
| SAK.txt | ||
| sgi-ioc4.txt | ||
| siphash.txt | ||
| SM501.txt | ||
| smsc_ece1099.txt | ||
| speculation.txt | ||
| static-keys.txt | ||
| SubmittingPatches | ||
| svga.txt | ||
| switchtec.txt | ||
| sync_file.txt | ||
| tee.txt | ||
| this_cpu_ops.txt | ||
| unaligned-memory-access.txt | ||
| vfio-mediated-device.txt | ||
| vfio.txt | ||
| video-output.txt | ||
| xillybus.txt | ||
| xz.txt | ||
| zorro.txt | ||
