x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (5f882f3b) · Commits · Mirrors / github.com / raspberrypi_linux · GitLab

Commit 5f882f3b authored Apr 10, 2024 by

Josh Poimboeuf Committed by Ingo Molnar Apr 11, 2024

x86/bugs: Clarify that syscall hardening isn't a BHI mitigation



While syscall hardening helps prevent some BHI attacks, there's still
other low-hanging fruit remaining.  Don't classify it as a mitigation
and make it clear that the system may still be vulnerable if it doesn't
have a HW or SW mitigation enabled.

Fixes: ec9404e4 ("x86/bhi: Add BHI mitigation knob")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/b5951dae3fdee7f1520d5136a27be3bdfe95f88b.1712813475.git.jpoimboe@kernel.org

parent 1cea8a28

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 9c9cd014
· Apr 20, 2024

mentioned in commit 9c9cd014

mentioned in commit 9c9cd014d0489a4eb285864998ca77647d780008

Toggle commit list

Please register or to comment