diff options
| author | Kim Phillips <[email protected]> | 2022-08-08 14:32:33 +0000 |
|---|---|---|
| committer | Borislav Petkov <[email protected]> | 2022-08-08 17:12:17 +0000 |
| commit | e6cfcdda8cbe81eaf821c897369a65fec987b404 (patch) | |
| tree | 8e6b4e846ddbf6f7d0919a3a210042df92984865 /drivers/fpga/microchip-spi.c | |
| parent | x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y (diff) | |
| download | kernel-e6cfcdda8cbe81eaf821c897369a65fec987b404.tar.gz kernel-e6cfcdda8cbe81eaf821c897369a65fec987b404.zip | |
x86/bugs: Enable STIBP for IBPB mitigated RETBleed
AMD's "Technical Guidance for Mitigating Branch Type Confusion,
Rev. 1.0 2022-07-12" whitepaper, under section 6.1.2 "IBPB On
Privileged Mode Entry / SMT Safety" says:
Similar to the Jmp2Ret mitigation, if the code on the sibling thread
cannot be trusted, software should set STIBP to 1 or disable SMT to
ensure SMT safety when using this mitigation.
So, like already being done for retbleed=unret, and now also for
retbleed=ibpb, force STIBP on machines that have it, and report its SMT
vulnerability status accordingly.
[ bp: Remove the "we" and remove "[AMD]" applicability parameter which
doesn't work here. ]
Fixes: 3ebc17006888 ("x86/bugs: Add retbleed=ibpb")
Signed-off-by: Kim Phillips <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
Cc: [email protected] # 5.10, 5.15, 5.19
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'drivers/fpga/microchip-spi.c')
0 files changed, 0 insertions, 0 deletions