iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/Documentation/admin-guide/hw-vuln
History
Josh Poimboeuf 0a958abffa x86/srso: Fix vulnerability reporting for missing microcode 
[ Upstream commit dc6306ad5b0dda040baf1fde3cfd458e6abfc4da ]

The SRSO default safe-ret mitigation is reported as "mitigated" even if
microcode hasn't been updated.  That's wrong because userspace may still
be vulnerable to SRSO attacks due to IBPB not flushing branch type
predictions.

Report the safe-ret + !microcode case as vulnerable.

Also report the microcode-only case as vulnerable as it leaves the
kernel open to attacks.

Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/a8a14f97d1b0e03ec255c81637afdf4cf0ae9c99.1693889988.git.jpoimboe@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-11-20 11:58:52 +01:00
..
core-scheduling.rst
uapi/linux/prctl: provide macro definitions for the PR_SCHED_CORE type argument
2021-09-29 13:00:05 +02:00
cross-thread-rsb.rst
Documentation/hw-vuln: Fix rST warning
2023-02-15 07:24:23 -05:00
gather_data_sampling.rst
Documentation/x86: Fix backwards on/off logic about YMM support
2023-08-01 15:28:24 -07:00
index.rst
Documentation/hw-vuln: Unify filename specification in index
2023-08-10 10:48:12 +02:00
l1d_flush.rst
Documentation: Add L1D flushing Documentation
2021-07-28 11:42:25 +02:00
l1tf.rst
docs: add IRQ documentation at the core-api book
2020-05-15 12:00:56 -06:00
mds.rst
docs: move x86 documentation into Documentation/arch/
2023-03-30 12:58:51 -06:00
multihit.rst
x86/bugs/multihit: Fix mitigation reporting when VMX is not in use
2020-08-07 01:32:00 +02:00
processor_mmio_stale_data.rst
x86/bugs: Add "unknown" reporting for MMIO Stale Data
2022-08-18 15:35:22 +02:00
special-register-buffer-data-sampling.rst
docs: admin-guide: hw-vuln: avoid using ReST :doc:foo markup
2021-06-17 13:24:36 -06:00
spectre.rst
x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled
2023-07-22 18:04:22 +02:00
srso.rst
x86/srso: Fix vulnerability reporting for missing microcode
2023-11-20 11:58:52 +01:00
tsx_async_abort.rst
docs: move x86 documentation into Documentation/arch/
2023-03-30 12:58:51 -06:00