projects / wrapfs-5.3.y.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 19b78a9) | patch
x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
authorJosh Poimboeuf <jpoimboe@redhat.com>
Fri, 25 Feb 2022 22:32:28 +0000 (14:32 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 11 Mar 2022 11:42:05 +0000 (12:42 +0100)
commitdb3eaccf6e16c2d15d3fc8dc7c430d7df7c7bcc4
tree06a7ab92b912047d477a06e5e52d443e1db7a3d5tree | snapshot
parent19b78a9a32286216ec4aa64924d39ba5748b506dcommit | diff
x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT

commit 0de05d056afdb00eca8c7bbb0c79a3438daf700c upstream.

The commit

   44a3918c8245 ("x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting")

added a warning for the "eIBRS + unprivileged eBPF" combination, which
has been shown to be vulnerable against Spectre v2 BHB-based attacks.

However, there's no warning about the "eIBRS + LFENCE retpoline +
unprivileged eBPF" combo. The LFENCE adds more protection by shortening
the speculation window after a mispredicted branch. That makes an attack
significantly more difficult, even with unprivileged eBPF. So at least
for now the logic doesn't warn about that combination.

But if you then add SMT into the mix, the SMT attack angle weakens the
effectiveness of the LFENCE considerably.

So extend the "eIBRS + unprivileged eBPF" warning to also include the
"eIBRS + LFENCE + unprivileged eBPF + SMT" case.

  [ bp: Massage commit message. ]

Suggested-by: Alyssa Milburn <alyssa.milburn@linux.intel.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/kernel/cpu/bugs.c diff | blob | history
wrapfs-5.3.y