x86: up-level speculative attack mitigations

These are now part of the common Kconfig and we
build spec_ctrl.c for all.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit is contained in:
Andrew Boie 2019-11-19 23:28:17 -08:00 committed by Anas Nashif
commit edc14e50ad
5 changed files with 52 additions and 52 deletions

View file

@ -225,6 +225,56 @@ config X86_NO_SPECULATIVE_VULNERABILITIES
or is a newer chip which is immune to the class of vulnerabilities
which exploit speculative execution side channel attacks.
config DISABLE_SSBD
bool "Disable Speculative Store Bypass"
depends on USERSPACE
default y if !X86_NO_SPECTRE_V4
help
This option will disable Speculative Store Bypass in order to
mitigate against certain kinds of side channel attacks. Quoting
the "Speculative Execution Side Channels" document, version 2.0:
When SSBD is set, loads will not execute speculatively
until the addresses of all older stores are known. This
ensure s that a load does not speculatively consume stale
data values due to bypassing an older store on the same
logical processor.
If enabled, this applies to all threads in the system.
Even if enabled, will have no effect on CPUs that do not
require this feature.
config ENABLE_EXTENDED_IBRS
bool "Enable Extended IBRS"
depends on USERSPACE
default y if !X86_NO_SPECTRE_V2
help
This option will enable the Extended Indirect Branch Restricted
Speculation 'always on' feature. This mitigates Indirect Branch
Control vulnerabilities (aka Spectre V2).
config X86_BOUNDS_CHECK_BYPASS_MITIGATION
bool
depends on USERSPACE
default y if !X86_NO_SPECTRE_V1
select BOUNDS_CHECK_BYPASS_MITIGATION
help
Hidden config to select arch-independent option to enable
Spectre V1 mitigations by default if the CPU is not known
to be immune to it.
config X86_KPTI
bool "Enable kernel page table isolation"
default y
depends on USERSPACE
depends on !X86_NO_MELTDOWN
help
Implements kernel page table isolation to mitigate Meltdown exploits
to read Kernel RAM. Incurs a significant performance cost for
user thread interrupts and system calls, and significant footprint
increase for additional page tables and trampoline stacks.
source "arch/x86/core/Kconfig.ia32"
source "arch/x86/core/Kconfig.intel64"

View file

@ -11,6 +11,7 @@ zephyr_library_sources(cpuhalt.c)
zephyr_library_sources(memmap.c)
zephyr_library_sources(prep_c.c)
zephyr_library_sources(fatal.c)
zephyr_library_sources(spec_ctrl.c)
zephyr_library_sources_if_kconfig(pcie.c)
zephyr_library_sources_if_kconfig(reboot_rst_cnt.c)

View file

@ -41,34 +41,7 @@ config GDT_DYNAMIC
endmenu
config DISABLE_SSBD
bool "Disable Speculative Store Bypass"
depends on USERSPACE
default y if !X86_NO_SPECTRE_V4
help
This option will disable Speculative Store Bypass in order to
mitigate against certain kinds of side channel attacks. Quoting
the "Speculative Execution Side Channels" document, version 2.0:
When SSBD is set, loads will not execute speculatively
until the addresses of all older stores are known. This
ensure s that a load does not speculatively consume stale
data values due to bypassing an older store on the same
logical processor.
If enabled, this applies to all threads in the system.
Even if enabled, will have no effect on CPUs that do not
require this feature.
config ENABLE_EXTENDED_IBRS
bool "Enable Extended IBRS"
depends on USERSPACE
default y if !X86_NO_SPECTRE_V2
help
This option will enable the Extended Indirect Branch Restricted
Speculation 'always on' feature. This mitigates Indirect Branch
Control vulnerabilities (aka Spectre V2).
menu "Processor Capabilities"
config X86_RETPOLINE
bool "Build with retpolines enabled in x86 assembly code"
@ -80,18 +53,6 @@ config X86_RETPOLINE
[1] https://support.google.com/faqs/answer/7625886
config X86_BOUNDS_CHECK_BYPASS_MITIGATION
bool
depends on USERSPACE
default y if !X86_NO_SPECTRE_V1
select BOUNDS_CHECK_BYPASS_MITIGATION
help
Hidden config to select arch-independent option to enable
Spectre V1 mitigations by default if the CPU is not known
to be immune to it.
menu "Processor Capabilities"
config X86_ENABLE_TSS
bool
help
@ -124,17 +85,6 @@ config X86_USERSPACE
supporting user-level threads that are protected from each other and
from crashing the kernel.
config X86_KPTI
bool "Enable kernel page table isolation"
default y
depends on USERSPACE
depends on !X86_NO_MELTDOWN
help
Implements kernel page table isolation to mitigate Meltdown exploits
to read Kernel RAM. Incurs a significant performance cost for
user thread interrupts and system calls, and significant footprint
increase for additional page tables and trampoline stacks.
menu "Architecture Floating Point Options"
depends on CPU_HAS_FPU

View file

@ -17,7 +17,6 @@ zephyr_library_sources(
ia32/irq_manage.c
ia32/swap.S
ia32/thread.c
ia32/spec_ctrl.c
)
zephyr_library_sources_ifdef(CONFIG_IRQ_OFFLOAD ia32/irq_offload.c)