Commit 3248f8ec authored by Pawan Gupta's avatar Pawan Gupta Committed by Ma Wupeng
Browse files

x86/rfds: Mitigate Register File Data Sampling (RFDS) 

stable inclusion
from stable-v6.6.22
commit 77018fb9efe50cf24e61275ee09253cf1fbb6854
bugzilla: https://gitee.com/openeuler/kernel/issues/I99TJK

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=77018fb9efe50cf24e61275ee09253cf1fbb6854



--------------------------------

commit 8076fcde016c9c0e0660543e67bff86cb48a7c9c upstream.

RFDS is a CPU vulnerability that may allow userspace to infer kernel
stale data previously used in floating point registers, vector registers
and integer registers. RFDS only affects certain Intel Atom processors.

Intel released a microcode update that uses VERW instruction to clear
the affected CPU buffers. Unlike MDS, none of the affected cores support
SMT.

Add RFDS bug infrastructure and enable the VERW based mitigation by
default, that clears the affected buffers just before exiting to
userspace. Also add sysfs reporting and cmdline parameter
"reg_file_data_sampling" to control the mitigation.

For details see:
Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst

Signed-off-by: default avatarPawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
Acked-by: default avatarJosh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Conflicts:
	arch/x86/configs/openeuler_defconfig

Signed-off-by: default avatarZhangPeng <zhangpeng362@huawei.com>
parent 42f42a40

Documentation/ABI/testing/sysfs-devices-system-cpu

+1 −0
Original line number Diff line number Diff line
@@ -519,6 +519,7 @@ What: /sys/devices/system/cpu/vulnerabilities 
		/sys/devices/system/cpu/vulnerabilities/mds

		/sys/devices/system/cpu/vulnerabilities/meltdown

		/sys/devices/system/cpu/vulnerabilities/mmio_stale_data

		/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling

		/sys/devices/system/cpu/vulnerabilities/retbleed

		/sys/devices/system/cpu/vulnerabilities/spec_store_bypass

		/sys/devices/system/cpu/vulnerabilities/spectre_v1

Documentation/admin-guide/kernel-parameters.txt

+21 −0
Original line number Diff line number Diff line
@@ -1140,6 +1140,26 @@ 
			The filter can be disabled or changed to another

			driver later using sysfs.



	reg_file_data_sampling=

			[X86] Controls mitigation for Register File Data

			Sampling (RFDS) vulnerability. RFDS is a CPU

			vulnerability which may allow userspace to infer

			kernel data values previously stored in floating point

			registers, vector registers, or integer registers.

			RFDS only affects Intel Atom processors.



			on:	Turns ON the mitigation.

			off:	Turns OFF the mitigation.



			This parameter overrides the compile time default set

			by CONFIG_MITIGATION_RFDS. Mitigation cannot be

			disabled when other VERW based mitigations (like MDS)

			are enabled. In order to disable RFDS mitigation all

			VERW based mitigations need to be disabled.



			For details see:

			Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst



	driver_async_probe=  [KNL]

			List of driver names to be probed asynchronously. *

			matches with all driver names. If * is specified, the
@@ -3401,6 +3421,7 @@ 
					       nospectre_bhb [ARM64]

					       nospectre_v1 [X86,PPC]

					       nospectre_v2 [X86,PPC,S390,ARM64]

					       reg_file_data_sampling=off [X86]

					       retbleed=off [X86]

					       spec_store_bypass_disable=off [X86,PPC]

					       spectre_v2_user=off [X86]

arch/x86/Kconfig

+11 −0
Original line number Diff line number Diff line
@@ -2633,6 +2633,17 @@ config GDS_FORCE_MITIGATION 


	  If in doubt, say N.



config MITIGATION_RFDS

	bool "RFDS Mitigation"

	depends on CPU_SUP_INTEL

	default y

	help

	  Enable mitigation for Register File Data Sampling (RFDS) by default.

	  RFDS is a hardware vulnerability which affects Intel Atom CPUs. It

	  allows unprivileged speculative access to stale data previously

	  stored in floating point, vector and integer registers.

	  See also <file:Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst>



endif



config ARCH_HAS_ADD_PAGES

arch/x86/configs/openeuler_defconfig

+1 −0
Original line number Diff line number Diff line
@@ -552,6 +552,7 @@ CONFIG_CPU_IBPB_ENTRY=y 
CONFIG_CPU_IBRS_ENTRY=y

CONFIG_CPU_SRSO=y

# CONFIG_GDS_FORCE_MITIGATION is not set

CONFIG_MITIGATION_RFDS=y

CONFIG_ARCH_HAS_ADD_PAGES=y



#

arch/x86/include/asm/cpufeatures.h

+1 −0
Original line number Diff line number Diff line
@@ -519,4 +519,5 @@ 
/* BUG word 2 */

#define X86_BUG_SRSO			X86_BUG(1*32 + 0) /* AMD SRSO bug */

#define X86_BUG_DIV0			X86_BUG(1*32 + 1) /* AMD DIV0 speculation bug */

#define X86_BUG_RFDS			X86_BUG(1*32 + 2) /* CPU is vulnerable to Register File Data Sampling */

#endif /* _ASM_X86_CPUFEATURES_H */