x86: up-level speculative attack mitigations
These are now part of the common Kconfig and we build spec_ctrl.c for all. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
parent
c71e66e2a5
commit
edc14e50ad
5 changed files with 52 additions and 52 deletions
|
@ -225,6 +225,56 @@ config X86_NO_SPECULATIVE_VULNERABILITIES
|
|||
or is a newer chip which is immune to the class of vulnerabilities
|
||||
which exploit speculative execution side channel attacks.
|
||||
|
||||
config DISABLE_SSBD
|
||||
bool "Disable Speculative Store Bypass"
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V4
|
||||
help
|
||||
This option will disable Speculative Store Bypass in order to
|
||||
mitigate against certain kinds of side channel attacks. Quoting
|
||||
the "Speculative Execution Side Channels" document, version 2.0:
|
||||
|
||||
When SSBD is set, loads will not execute speculatively
|
||||
until the addresses of all older stores are known. This
|
||||
ensure s that a load does not speculatively consume stale
|
||||
data values due to bypassing an older store on the same
|
||||
logical processor.
|
||||
|
||||
If enabled, this applies to all threads in the system.
|
||||
|
||||
Even if enabled, will have no effect on CPUs that do not
|
||||
require this feature.
|
||||
|
||||
config ENABLE_EXTENDED_IBRS
|
||||
bool "Enable Extended IBRS"
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V2
|
||||
help
|
||||
This option will enable the Extended Indirect Branch Restricted
|
||||
Speculation 'always on' feature. This mitigates Indirect Branch
|
||||
Control vulnerabilities (aka Spectre V2).
|
||||
|
||||
config X86_BOUNDS_CHECK_BYPASS_MITIGATION
|
||||
bool
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V1
|
||||
select BOUNDS_CHECK_BYPASS_MITIGATION
|
||||
help
|
||||
Hidden config to select arch-independent option to enable
|
||||
Spectre V1 mitigations by default if the CPU is not known
|
||||
to be immune to it.
|
||||
|
||||
config X86_KPTI
|
||||
bool "Enable kernel page table isolation"
|
||||
default y
|
||||
depends on USERSPACE
|
||||
depends on !X86_NO_MELTDOWN
|
||||
help
|
||||
Implements kernel page table isolation to mitigate Meltdown exploits
|
||||
to read Kernel RAM. Incurs a significant performance cost for
|
||||
user thread interrupts and system calls, and significant footprint
|
||||
increase for additional page tables and trampoline stacks.
|
||||
|
||||
source "arch/x86/core/Kconfig.ia32"
|
||||
source "arch/x86/core/Kconfig.intel64"
|
||||
|
||||
|
|
|
@ -11,6 +11,7 @@ zephyr_library_sources(cpuhalt.c)
|
|||
zephyr_library_sources(memmap.c)
|
||||
zephyr_library_sources(prep_c.c)
|
||||
zephyr_library_sources(fatal.c)
|
||||
zephyr_library_sources(spec_ctrl.c)
|
||||
|
||||
zephyr_library_sources_if_kconfig(pcie.c)
|
||||
zephyr_library_sources_if_kconfig(reboot_rst_cnt.c)
|
||||
|
|
|
@ -41,34 +41,7 @@ config GDT_DYNAMIC
|
|||
|
||||
endmenu
|
||||
|
||||
config DISABLE_SSBD
|
||||
bool "Disable Speculative Store Bypass"
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V4
|
||||
help
|
||||
This option will disable Speculative Store Bypass in order to
|
||||
mitigate against certain kinds of side channel attacks. Quoting
|
||||
the "Speculative Execution Side Channels" document, version 2.0:
|
||||
|
||||
When SSBD is set, loads will not execute speculatively
|
||||
until the addresses of all older stores are known. This
|
||||
ensure s that a load does not speculatively consume stale
|
||||
data values due to bypassing an older store on the same
|
||||
logical processor.
|
||||
|
||||
If enabled, this applies to all threads in the system.
|
||||
|
||||
Even if enabled, will have no effect on CPUs that do not
|
||||
require this feature.
|
||||
|
||||
config ENABLE_EXTENDED_IBRS
|
||||
bool "Enable Extended IBRS"
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V2
|
||||
help
|
||||
This option will enable the Extended Indirect Branch Restricted
|
||||
Speculation 'always on' feature. This mitigates Indirect Branch
|
||||
Control vulnerabilities (aka Spectre V2).
|
||||
menu "Processor Capabilities"
|
||||
|
||||
config X86_RETPOLINE
|
||||
bool "Build with retpolines enabled in x86 assembly code"
|
||||
|
@ -80,18 +53,6 @@ config X86_RETPOLINE
|
|||
|
||||
[1] https://support.google.com/faqs/answer/7625886
|
||||
|
||||
config X86_BOUNDS_CHECK_BYPASS_MITIGATION
|
||||
bool
|
||||
depends on USERSPACE
|
||||
default y if !X86_NO_SPECTRE_V1
|
||||
select BOUNDS_CHECK_BYPASS_MITIGATION
|
||||
help
|
||||
Hidden config to select arch-independent option to enable
|
||||
Spectre V1 mitigations by default if the CPU is not known
|
||||
to be immune to it.
|
||||
|
||||
menu "Processor Capabilities"
|
||||
|
||||
config X86_ENABLE_TSS
|
||||
bool
|
||||
help
|
||||
|
@ -124,17 +85,6 @@ config X86_USERSPACE
|
|||
supporting user-level threads that are protected from each other and
|
||||
from crashing the kernel.
|
||||
|
||||
config X86_KPTI
|
||||
bool "Enable kernel page table isolation"
|
||||
default y
|
||||
depends on USERSPACE
|
||||
depends on !X86_NO_MELTDOWN
|
||||
help
|
||||
Implements kernel page table isolation to mitigate Meltdown exploits
|
||||
to read Kernel RAM. Incurs a significant performance cost for
|
||||
user thread interrupts and system calls, and significant footprint
|
||||
increase for additional page tables and trampoline stacks.
|
||||
|
||||
menu "Architecture Floating Point Options"
|
||||
depends on CPU_HAS_FPU
|
||||
|
||||
|
|
|
@ -17,7 +17,6 @@ zephyr_library_sources(
|
|||
ia32/irq_manage.c
|
||||
ia32/swap.S
|
||||
ia32/thread.c
|
||||
ia32/spec_ctrl.c
|
||||
)
|
||||
|
||||
zephyr_library_sources_ifdef(CONFIG_IRQ_OFFLOAD ia32/irq_offload.c)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue