diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0055-seccomp-Move-speculation-migitation-control-to-arch-.patch')
| -rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0055-seccomp-Move-speculation-migitation-control-to-arch-.patch | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0055-seccomp-Move-speculation-migitation-control-to-arch-.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0055-seccomp-Move-speculation-migitation-control-to-arch-.patch deleted file mode 100644 index ca98b862..00000000 --- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0055-seccomp-Move-speculation-migitation-control-to-arch-.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 2a4ae48837c977605ea36a01ed63fa8638e4c881 Mon Sep 17 00:00:00 2001 -From: Thomas Gleixner <tglx@linutronix.de> -Date: Fri, 4 May 2018 15:12:06 +0200 -Subject: [PATCH 55/93] seccomp: Move speculation migitation control to arch - code - -commit 8bf37d8c067bb7eb8e7c381bdadf9bd89182b6bc upstream - -The migitation control is simpler to implement in architecture code as it -avoids the extra function call to check the mode. Aside of that having an -explicit seccomp enabled mode in the architecture mitigations would require -even more workarounds. - -Move it into architecture code and provide a weak function in the seccomp -code. Remove the 'which' argument as this allows the architecture to decide -which mitigations are relevant for seccomp. - -Signed-off-by: Thomas Gleixner <tglx@linutronix.de> -Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> ---- - arch/x86/kernel/cpu/bugs.c | 29 ++++++++++++++++++----------- - include/linux/nospec.h | 2 ++ - kernel/seccomp.c | 15 ++------------- - 3 files changed, 22 insertions(+), 24 deletions(-) - -diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c -index fdbd8e5..131617d 100644 ---- a/arch/x86/kernel/cpu/bugs.c -+++ b/arch/x86/kernel/cpu/bugs.c -@@ -568,6 +568,24 @@ static int ssb_prctl_set(struct task_struct *task, unsigned long ctrl) - return 0; - } - -+int arch_prctl_spec_ctrl_set(struct task_struct *task, unsigned long which, -+ unsigned long ctrl) -+{ -+ switch (which) { -+ case PR_SPEC_STORE_BYPASS: -+ return ssb_prctl_set(task, ctrl); -+ default: -+ return -ENODEV; -+ } -+} -+ -+#ifdef CONFIG_SECCOMP -+void arch_seccomp_spec_mitigate(struct task_struct *task) -+{ -+ ssb_prctl_set(task, PR_SPEC_FORCE_DISABLE); -+} -+#endif -+ - static int ssb_prctl_get(struct task_struct *task) - { - switch (ssb_mode) { -@@ -586,17 +604,6 @@ static int ssb_prctl_get(struct task_struct *task) - } - } - --int arch_prctl_spec_ctrl_set(struct task_struct *task, unsigned long which, -- unsigned long ctrl) --{ -- switch (which) { -- case PR_SPEC_STORE_BYPASS: -- return ssb_prctl_set(task, ctrl); -- default: -- return -ENODEV; -- } --} -- - int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which) - { - switch (which) { -diff --git a/include/linux/nospec.h b/include/linux/nospec.h -index a908c95..0c5ef54 100644 ---- a/include/linux/nospec.h -+++ b/include/linux/nospec.h -@@ -62,5 +62,7 @@ static inline unsigned long array_index_mask_nospec(unsigned long index, - int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which); - int arch_prctl_spec_ctrl_set(struct task_struct *task, unsigned long which, - unsigned long ctrl); -+/* Speculation control for seccomp enforced mitigation */ -+void arch_seccomp_spec_mitigate(struct task_struct *task); - - #endif /* _LINUX_NOSPEC_H */ -diff --git a/kernel/seccomp.c b/kernel/seccomp.c -index 62a60e7..3975856 100644 ---- a/kernel/seccomp.c -+++ b/kernel/seccomp.c -@@ -216,18 +216,7 @@ static inline bool seccomp_may_assign_mode(unsigned long seccomp_mode) - return true; - } - --/* -- * If a given speculation mitigation is opt-in (prctl()-controlled), -- * select it, by disabling speculation (enabling mitigation). -- */ --static inline void spec_mitigate(struct task_struct *task, -- unsigned long which) --{ -- int state = arch_prctl_spec_ctrl_get(task, which); -- -- if (state > 0 && (state & PR_SPEC_PRCTL)) -- arch_prctl_spec_ctrl_set(task, which, PR_SPEC_FORCE_DISABLE); --} -+void __weak arch_seccomp_spec_mitigate(struct task_struct *task) { } - - static inline void seccomp_assign_mode(struct task_struct *task, - unsigned long seccomp_mode, -@@ -243,7 +232,7 @@ static inline void seccomp_assign_mode(struct task_struct *task, - smp_mb__before_atomic(); - /* Assume default seccomp processes want spec flaw mitigation. */ - if ((flags & SECCOMP_FILTER_FLAG_SPEC_ALLOW) == 0) -- spec_mitigate(task, PR_SPEC_STORE_BYPASS); -+ arch_seccomp_spec_mitigate(task); - set_tsk_thread_flag(task, TIF_SECCOMP); - } - --- -2.7.4 - |