Commit fde494e9 authored by Borislav Petkov (AMD)'s avatar Borislav Petkov (AMD)
Browse files

Merge tag 'tsa_x86_bugs_for_6.16' into tip-x86-bugs 



Pick up TSA changes from mainline so that attack vectors work can
continue ontop.

Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
parents 98b5dab4 8e786a85

Documentation/ABI/testing/sysfs-devices-system-cpu

+1 −0
Original line number Diff line number Diff line
@@ -584,6 +584,7 @@ What: /sys/devices/system/cpu/vulnerabilities 
		/sys/devices/system/cpu/vulnerabilities/spectre_v1

		/sys/devices/system/cpu/vulnerabilities/spectre_v2

		/sys/devices/system/cpu/vulnerabilities/srbds

		/sys/devices/system/cpu/vulnerabilities/tsa

		/sys/devices/system/cpu/vulnerabilities/tsx_async_abort

Date:		January 2018

Contact:	Linux kernel mailing list <linux-kernel@vger.kernel.org>

Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst

+1 −3
Original line number Diff line number Diff line
@@ -157,9 +157,7 @@ This is achieved by using the otherwise unused and obsolete VERW instruction in 
combination with a microcode update. The microcode clears the affected CPU

buffers when the VERW instruction is executed.



Kernel reuses the MDS function to invoke the buffer clearing:



	mds_clear_cpu_buffers()

Kernel does the buffer clearing with x86_clear_cpu_buffers().



On MDS affected CPUs, the kernel already invokes CPU buffer clear on

kernel/userspace, hypervisor/guest and C-state (idle) transitions. No

Documentation/admin-guide/kernel-parameters.txt

+13 −0
Original line number Diff line number Diff line
@@ -7488,6 +7488,19 @@ 
			having this key zero'ed is acceptable. E.g. in testing

			scenarios.



	tsa=		[X86] Control mitigation for Transient Scheduler

			Attacks on AMD CPUs. Search the following in your

			favourite search engine for more details:



			"Technical guidance for mitigating transient scheduler

			attacks".



			off		- disable the mitigation

			on		- enable the mitigation (default)

			user		- mitigate only user/kernel transitions

			vm		- mitigate only guest/host transitions





	tsc=		Disable clocksource stability checks for TSC.

			Format: <string>

			[x86] reliable: mark tsc clocksource as reliable, this

Documentation/arch/x86/mds.rst

+4 −4
Original line number Diff line number Diff line
@@ -93,7 +93,7 @@ enters a C-state. 


The kernel provides a function to invoke the buffer clearing:



    mds_clear_cpu_buffers()

    x86_clear_cpu_buffers()



Also macro CLEAR_CPU_BUFFERS can be used in ASM late in exit-to-user path.

Other than CFLAGS.ZF, this macro doesn't clobber any registers.
@@ -185,9 +185,9 @@ Mitigation points 
   idle clearing would be a window dressing exercise and is therefore not

   activated.



   The invocation is controlled by the static key mds_idle_clear which is

   switched depending on the chosen mitigation mode and the SMT state of

   the system.

   The invocation is controlled by the static key cpu_buf_idle_clear which is

   switched depending on the chosen mitigation mode and the SMT state of the

   system.



   The buffer clear is only invoked before entering the C-State to prevent

   that stale data from the idling CPU from spilling to the Hyper-Thread

arch/x86/Kconfig

+9 −0
Original line number Diff line number Diff line
@@ -2695,6 +2695,15 @@ config MITIGATION_ITS 
	  disabled, mitigation cannot be enabled via cmdline.

	  See <file:Documentation/admin-guide/hw-vuln/indirect-target-selection.rst>



config MITIGATION_TSA

	bool "Mitigate Transient Scheduler Attacks"

	depends on CPU_SUP_AMD

	default y

	help

	  Enable mitigation for Transient Scheduler Attacks. TSA is a hardware

	  security vulnerability on AMD CPUs which can lead to forwarding of

	  invalid info to subsequent instructions and thus can affect their

	  timing and thereby cause a leakage.

endif



config ARCH_HAS_ADD_PAGES