projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8f5ae30) | patch
x86/bugs: Select best SRSO mitigation
authorDavid Kaplan <david.kaplan@amd.com>
Mon, 21 Jul 2025 16:03:10 +0000 (11:03 -0500)
committerBorislav Petkov (AMD) <bp@alien8.de>
Mon, 11 Aug 2025 15:32:36 +0000 (17:32 +0200)
commit4fa7d880aeb8cdbdaa4fb72be3e53ac1d6bcc088
treef5eba150c46c41f8bd0734cbc29232c01947b411tree
parent8f5ae30d69d7543eee0d70083daf4de8fe15d585commit | diff
x86/bugs: Select best SRSO mitigation

The SRSO bug can theoretically be used to conduct user->user or guest->guest
attacks and requires a mitigation (namely IBPB instead of SBPB on context
switch) for these.  So mark SRSO as being applicable to the user->user and
guest->guest attack vectors.

Additionally, SRSO supports multiple mitigations which mitigate different
potential attack vectors.  Some CPUs are also immune to SRSO from
certain attack vectors (like user->kernel).

Use the specific attack vectors requiring mitigation to select the best
SRSO mitigation to avoid unnecessary performance hits.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250721160310.1804203-1-david.kaplan@amd.com
Documentation/admin-guide/hw-vuln/attack_vector_controls.rst diff | blob | blame | history
arch/x86/kernel/cpu/bugs.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)