git.kernel.dk Git - linux-block.git/commit

x86/rfds: Mitigate Register File Data Sampling (RFDS)

RFDS is a CPU vulnerability that may allow userspace to infer kernel
stale data previously used in floating point registers, vector registers
and integer registers. RFDS only affects certain Intel Atom processors.

Intel released a microcode update that uses VERW instruction to clear
the affected CPU buffers. Unlike MDS, none of the affected cores support
SMT.

Add RFDS bug infrastructure and enable the VERW based mitigation by
default, that clears the affected buffers just before exiting to
userspace. Also add sysfs reporting and cmdline parameter
"reg_file_data_sampling" to control the mitigation.

For details see:
Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Josh Poimboeuf <jpoimboe@kernel.org>

author	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
	Mon, 11 Mar 2024 19:29:43 +0000 (12:29 -0700)
committer	Dave Hansen <dave.hansen@linux.intel.com>
	Mon, 11 Mar 2024 20:13:48 +0000 (13:13 -0700)
commit	8076fcde016c9c0e0660543e67bff86cb48a7c9c
tree	b07933926b045b08a417655be3f4310cebdbb1a6	tree \| snapshot
parent	4e42765d1be01111df0c0275bbaf1db1acef346e	commit \| diff

Documentation/ABI/testing/sysfs-devices-system-cpu		diff \| blob \| blame \| history
Documentation/admin-guide/kernel-parameters.txt		diff \| blob \| blame \| history
arch/x86/Kconfig		diff \| blob \| blame \| history
arch/x86/include/asm/cpufeatures.h		diff \| blob \| blame \| history
arch/x86/include/asm/msr-index.h		diff \| blob \| blame \| history
arch/x86/kernel/cpu/bugs.c		diff \| blob \| blame \| history
arch/x86/kernel/cpu/common.c		diff \| blob \| blame \| history
drivers/base/cpu.c		diff \| blob \| blame \| history
include/linux/cpu.h		diff \| blob \| blame \| history