UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/Documentation/admin-guide/hw-vuln
History
Josh Poimboeuf 0a958abffa x86/srso: Fix vulnerability reporting for missing microcode 
[ Upstream commit dc6306ad5b0dda040baf1fde3cfd458e6abfc4da ]

The SRSO default safe-ret mitigation is reported as "mitigated" even if
microcode hasn't been updated.  That's wrong because userspace may still
be vulnerable to SRSO attacks due to IBPB not flushing branch type
predictions.

Report the safe-ret + !microcode case as vulnerable.

Also report the microcode-only case as vulnerable as it leaves the
kernel open to attacks.

Fixes: fb3bd914b3 ("x86/srso: Add a Speculative RAS Overflow mitigation")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/a8a14f97d1b0e03ec255c81637afdf4cf0ae9c99.1693889988.git.jpoimboe@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-11-20 11:58:52 +01:00
..
core-scheduling.rst uapi/linux/prctl: provide macro definitions for the PR_SCHED_CORE type argument 2021-09-29 13:00:05 +02:00
cross-thread-rsb.rst Documentation/hw-vuln: Fix rST warning 2023-02-15 07:24:23 -05:00
gather_data_sampling.rst Documentation/x86: Fix backwards on/off logic about YMM support 2023-08-01 15:28:24 -07:00
index.rst Documentation/hw-vuln: Unify filename specification in index 2023-08-10 10:48:12 +02:00
l1d_flush.rst Documentation: Add L1D flushing Documentation 2021-07-28 11:42:25 +02:00
l1tf.rst docs: add IRQ documentation at the core-api book 2020-05-15 12:00:56 -06:00
mds.rst docs: move x86 documentation into Documentation/arch/ 2023-03-30 12:58:51 -06:00
multihit.rst x86/bugs/multihit: Fix mitigation reporting when VMX is not in use 2020-08-07 01:32:00 +02:00
processor_mmio_stale_data.rst x86/bugs: Add "unknown" reporting for MMIO Stale Data 2022-08-18 15:35:22 +02:00
special-register-buffer-data-sampling.rst docs: admin-guide: hw-vuln: avoid using ReST :doc:`foo` markup 2021-06-17 13:24:36 -06:00
spectre.rst x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled 2023-07-22 18:04:22 +02:00
srso.rst x86/srso: Fix vulnerability reporting for missing microcode 2023-11-20 11:58:52 +01:00
tsx_async_abort.rst docs: move x86 documentation into Documentation/arch/ 2023-03-30 12:58:51 -06:00