4b78317679
Pull STIBP fallout fixes from Thomas Gleixner: "The performance destruction department finally got it's act together and came up with a cure for the STIPB regression: - Provide a command line option to control the spectre v2 user space mitigations. Default is either seccomp or prctl (if seccomp is disabled in Kconfig). prctl allows mitigation opt-in, seccomp enables the migitation for sandboxed processes. - Rework the code to handle the conditional STIBP/IBPB control and remove the now unused ptrace_may_access_sched() optimization attempt - Disable STIBP automatically when SMT is disabled - Optimize the switch_to() logic to avoid MSR writes and invocations of __switch_to_xtra(). - Make the asynchronous speculation TIF updates synchronous to prevent stale mitigation state. As a general cleanup this also makes retpoline directly depend on compiler support and removes the 'minimal retpoline' option which just pretended to provide some form of security while providing none" * 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (31 commits) x86/speculation: Provide IBPB always command line options x86/speculation: Add seccomp Spectre v2 user space protection mode x86/speculation: Enable prctl mode for spectre_v2_user x86/speculation: Add prctl() control for indirect branch speculation x86/speculation: Prepare arch_smt_update() for PRCTL mode x86/speculation: Prevent stale SPEC_CTRL msr content x86/speculation: Split out TIF update ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS x86/speculation: Prepare for conditional IBPB in switch_mm() x86/speculation: Avoid __switch_to_xtra() calls x86/process: Consolidate and simplify switch_to_xtra() code x86/speculation: Prepare for per task indirect branch speculation control x86/speculation: Add command line control for indirect branch speculation x86/speculation: Unify conditional spectre v2 print functions x86/speculataion: Mark command line parser data __initdata x86/speculation: Mark string arrays const correctly x86/speculation: Reorder the spec_v2 code x86/l1tf: Show actual SMT state x86/speculation: Rework SMT state change sched/smt: Expose sched_smt_present static key ... |
||
---|---|---|
.. | ||
basic | ||
coccinelle | ||
dtc | ||
gcc-plugins | ||
gdb | ||
genksyms | ||
kconfig | ||
ksymoops | ||
mod | ||
package | ||
selinux | ||
tracing | ||
.gitignore | ||
adjust_autoksyms.sh | ||
asn1_compiler.c | ||
bin2c.c | ||
bloat-o-meter | ||
bootgraph.pl | ||
bpf_helpers_doc.py | ||
cc-can-link.sh | ||
check_extable.sh | ||
checkincludes.pl | ||
checkkconfigsymbols.py | ||
checkpatch.pl | ||
checkstack.pl | ||
checksyscalls.sh | ||
checkversion.pl | ||
clang-version.sh | ||
cleanfile | ||
cleanpatch | ||
coccicheck | ||
config | ||
conmakehash.c | ||
const_structs.checkpatch | ||
decode_stacktrace.sh | ||
decodecode | ||
depmod.sh | ||
diffconfig | ||
documentation-file-ref-check | ||
export_report.pl | ||
extract_xc3028.pl | ||
extract-cert.c | ||
extract-ikconfig | ||
extract-module-sig.pl | ||
extract-sys-certs.pl | ||
extract-vmlinux | ||
faddr2line | ||
file-size.sh | ||
find-unused-docs.sh | ||
gcc-goto.sh | ||
gcc-ld | ||
gcc-plugin.sh | ||
gcc-version.sh | ||
gcc-x86_32-has-stack-protector.sh | ||
gcc-x86_64-has-stack-protector.sh | ||
get_dvb_firmware | ||
get_maintainer.pl | ||
gfp-translate | ||
headerdep.pl | ||
headers_check.pl | ||
headers_install.sh | ||
headers.sh | ||
insert-sys-cert.c | ||
kallsyms.c | ||
Kbuild.include | ||
Kconfig.include | ||
kernel-doc | ||
ld-version.sh | ||
leaking_addresses.pl | ||
Lindent | ||
link-vmlinux.sh | ||
Makefile | ||
Makefile.asm-generic | ||
Makefile.build | ||
Makefile.clean | ||
Makefile.dtbinst | ||
Makefile.extrawarn | ||
Makefile.gcc-plugins | ||
Makefile.headersinst | ||
Makefile.host | ||
Makefile.kasan | ||
Makefile.kcov | ||
Makefile.lib | ||
Makefile.modbuiltin | ||
Makefile.modinst | ||
Makefile.modpost | ||
Makefile.modsign | ||
Makefile.ubsan | ||
makelst | ||
markup_oops.pl | ||
mkcompile_h | ||
mkmakefile | ||
mksysmap | ||
mkuboot.sh | ||
module-common.lds | ||
namespace.pl | ||
objdiff | ||
parse-maintainers.pl | ||
patch-kernel | ||
pnmtologo.c | ||
profile2linkerlist.pl | ||
prune-kernel | ||
recordmcount.c | ||
recordmcount.h | ||
recordmcount.pl | ||
setlocalversion | ||
show_delta | ||
sign-file.c | ||
sortextable.c | ||
sortextable.h | ||
spdxcheck.py | ||
spelling.txt | ||
sphinx-pre-install | ||
split-man.pl | ||
stackdelta | ||
stackusage | ||
subarch.include | ||
tags.sh | ||
unifdef.c | ||
ver_linux | ||
xen-hypercalls.sh | ||
xz_wrap.sh |