diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0027-x86-Introduce-barrier_nospec.patch')
-rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0027-x86-Introduce-barrier_nospec.patch | 70 |
1 files changed, 0 insertions, 70 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0027-x86-Introduce-barrier_nospec.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0027-x86-Introduce-barrier_nospec.patch deleted file mode 100644 index 9b3ea121..00000000 --- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0027-x86-Introduce-barrier_nospec.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 13c25ff312ecc09941828ec112a11c40debbfef1 Mon Sep 17 00:00:00 2001 -From: Dan Williams <dan.j.williams@intel.com> -Date: Mon, 29 Jan 2018 17:02:33 -0800 -Subject: [PATCH 27/42] x86: Introduce barrier_nospec - -(cherry picked from commit b3d7ad85b80bbc404635dca80f5b129f6242bc7a) - -Rename the open coded form of this instruction sequence from -rdtsc_ordered() into a generic barrier primitive, barrier_nospec(). - -One of the mitigations for Spectre variant1 vulnerabilities is to fence -speculative execution after successfully validating a bounds check. I.e. -force the result of a bounds check to resolve in the instruction pipeline -to ensure speculative execution honors that result before potentially -operating on out-of-bounds data. - -No functional changes. - -Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> -Suggested-by: Andi Kleen <ak@linux.intel.com> -Suggested-by: Ingo Molnar <mingo@redhat.com> -Signed-off-by: Dan Williams <dan.j.williams@intel.com> -Signed-off-by: Thomas Gleixner <tglx@linutronix.de> -Cc: linux-arch@vger.kernel.org -Cc: Tom Lendacky <thomas.lendacky@amd.com> -Cc: Kees Cook <keescook@chromium.org> -Cc: kernel-hardening@lists.openwall.com -Cc: gregkh@linuxfoundation.org -Cc: Al Viro <viro@zeniv.linux.org.uk> -Cc: alan@linux.intel.com -Link: https://lkml.kernel.org/r/151727415361.33451.9049453007262764675.stgit@dwillia2-desk3.amr.corp.intel.com -Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> ---- - arch/x86/include/asm/barrier.h | 4 ++++ - arch/x86/include/asm/msr.h | 3 +-- - 2 files changed, 5 insertions(+), 2 deletions(-) - -diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h -index ca22173..8575903 100644 ---- a/arch/x86/include/asm/barrier.h -+++ b/arch/x86/include/asm/barrier.h -@@ -47,6 +47,10 @@ static inline unsigned long array_index_mask_nospec(unsigned long index, - /* Override the default implementation from linux/nospec.h. */ - #define array_index_mask_nospec array_index_mask_nospec - -+/* Prevent speculative execution past this barrier. */ -+#define barrier_nospec() alternative_2("", "mfence", X86_FEATURE_MFENCE_RDTSC, \ -+ "lfence", X86_FEATURE_LFENCE_RDTSC) -+ - #ifdef CONFIG_X86_PPRO_FENCE - #define dma_rmb() rmb() - #else -diff --git a/arch/x86/include/asm/msr.h b/arch/x86/include/asm/msr.h -index b5fee97..ed35b91 100644 ---- a/arch/x86/include/asm/msr.h -+++ b/arch/x86/include/asm/msr.h -@@ -188,8 +188,7 @@ static __always_inline unsigned long long rdtsc_ordered(void) - * that some other imaginary CPU is updating continuously with a - * time stamp. - */ -- alternative_2("", "mfence", X86_FEATURE_MFENCE_RDTSC, -- "lfence", X86_FEATURE_LFENCE_RDTSC); -+ barrier_nospec(); - return rdtsc(); - } - --- -2.7.4 - |