mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
94a855111e
been long in the making. It is a lighterweight software-only fix for Skylake-based cores where enabling IBRS is a big hammer and causes a significant performance impact. What it basically does is, it aligns all kernel functions to 16 bytes boundary and adds a 16-byte padding before the function, objtool collects all functions' locations and when the mitigation gets applied, it patches a call accounting thunk which is used to track the call depth of the stack at any time. When that call depth reaches a magical, microarchitecture-specific value for the Return Stack Buffer, the code stuffs that RSB and avoids its underflow which could otherwise lead to the Intel variant of Retbleed. This software-only solution brings a lot of the lost performance back, as benchmarks suggest: https://lore.kernel.org/all/20220915111039.092790446@infradead.org/ That page above also contains a lot more detailed explanation of the whole mechanism - Implement a new control flow integrity scheme called FineIBT which is based on the software kCFI implementation and uses hardware IBT support where present to annotate and track indirect branches using a hash to validate them - Other misc fixes and cleanups -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmOZp5EACgkQEsHwGGHe VUrZFxAAvi/+8L0IYSK4mKJvixGbTFjxN/Swo2JVOfs34LqGUT6JaBc+VUMwZxdb VMTFIZ3ttkKEodjhxGI7oGev6V8UfhI37SmO2lYKXpQVjXXnMlv/M+Vw3teE38CN gopi+xtGnT1IeWQ3tc/Tv18pleJ0mh5HKWiW+9KoqgXj0wgF9x4eRYDz1TDCDA/A iaBzs56j8m/FSykZHnrWZ/MvjKNPdGlfJASUCPeTM2dcrXQGJ93+X2hJctzDte0y Nuiw6Y0htfFBE7xoJn+sqm5Okr+McoUM18/CCprbgSKYk18iMYm3ZtAi6FUQZS1A ua4wQCf49loGp15PO61AS5d3OBf5D3q/WihQRbCaJvTVgPp9sWYnWwtcVUuhMllh ZQtBU9REcVJ/22bH09Q9CjBW0VpKpXHveqQdqRDViLJ6v/iI6EFGmD24SW/VxyRd 73k9MBGrL/dOf1SbEzdsnvcSB3LGzp0Om8o/KzJWOomrVKjBCJy16bwTEsCZEJmP i406m92GPXeaN1GhTko7vmF0GnkEdJs1GVCZPluCAxxbhHukyxHnrjlQjI4vC80n Ylc0B3Kvitw7LGJsPqu+/jfNHADC/zhx1qz/30wb5cFmFbN1aRdp3pm8JYUkn+l/ zri2Y6+O89gvE/9/xUhMohzHsWUO7xITiBavewKeTP9GSWybWUs= =cRy1 -----END PGP SIGNATURE----- Merge tag 'x86_core_for_v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 core updates from Borislav Petkov: - Add the call depth tracking mitigation for Retbleed which has been long in the making. It is a lighterweight software-only fix for Skylake-based cores where enabling IBRS is a big hammer and causes a significant performance impact. What it basically does is, it aligns all kernel functions to 16 bytes boundary and adds a 16-byte padding before the function, objtool collects all functions' locations and when the mitigation gets applied, it patches a call accounting thunk which is used to track the call depth of the stack at any time. When that call depth reaches a magical, microarchitecture-specific value for the Return Stack Buffer, the code stuffs that RSB and avoids its underflow which could otherwise lead to the Intel variant of Retbleed. This software-only solution brings a lot of the lost performance back, as benchmarks suggest: https://lore.kernel.org/all/20220915111039.092790446@infradead.org/ That page above also contains a lot more detailed explanation of the whole mechanism - Implement a new control flow integrity scheme called FineIBT which is based on the software kCFI implementation and uses hardware IBT support where present to annotate and track indirect branches using a hash to validate them - Other misc fixes and cleanups * tag 'x86_core_for_v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (80 commits) x86/paravirt: Use common macro for creating simple asm paravirt functions x86/paravirt: Remove clobber bitmask from .parainstructions x86/debug: Include percpu.h in debugreg.h to get DECLARE_PER_CPU() et al x86/cpufeatures: Move X86_FEATURE_CALL_DEPTH from bit 18 to bit 19 of word 11, to leave space for WIP X86_FEATURE_SGX_EDECCSSA bit x86/Kconfig: Enable kernel IBT by default x86,pm: Force out-of-line memcpy() objtool: Fix weak hole vs prefix symbol objtool: Optimize elf_dirty_reloc_sym() x86/cfi: Add boot time hash randomization x86/cfi: Boot time selection of CFI scheme x86/ibt: Implement FineIBT objtool: Add --cfi to generate the .cfi_sites section x86: Add prefix symbols for function padding objtool: Add option to generate prefix symbols objtool: Avoid O(bloody terrible) behaviour -- an ode to libelf objtool: Slice up elf_create_section_symbol() kallsyms: Revert "Take callthunks into account" x86: Unconfuse CONFIG_ and X86_FEATURE_ namespaces x86/retpoline: Fix crash printing warning x86/paravirt: Fix a !PARAVIRT build warning ... |
||
|---|---|---|
| .. | ||
| atomic | ||
| basic | ||
| clang-tools | ||
| coccinelle | ||
| dtc | ||
| dummy-tools | ||
| gcc-plugins | ||
| gdb | ||
| genksyms | ||
| kconfig | ||
| ksymoops | ||
| mod | ||
| package | ||
| selinux | ||
| tracing | ||
| .gitignore | ||
| adjust_autoksyms.sh | ||
| as-version.sh | ||
| asn1_compiler.c | ||
| bin2c.c | ||
| bloat-o-meter | ||
| bootgraph.pl | ||
| bpf_doc.py | ||
| cc-can-link.sh | ||
| cc-version.sh | ||
| check-local-export | ||
| check-sysctl-docs | ||
| check_extable.sh | ||
| checkdeclares.pl | ||
| checkincludes.pl | ||
| checkkconfigsymbols.py | ||
| checkpatch.pl | ||
| checkstack.pl | ||
| checksyscalls.sh | ||
| checkversion.pl | ||
| cleanfile | ||
| cleanpatch | ||
| coccicheck | ||
| config | ||
| const_structs.checkpatch | ||
| decode_stacktrace.sh | ||
| decodecode | ||
| depmod.sh | ||
| dev-needs.sh | ||
| diffconfig | ||
| documentation-file-ref-check | ||
| export_report.pl | ||
| extract-ikconfig | ||
| extract-module-sig.pl | ||
| extract-sys-certs.pl | ||
| extract-vmlinux | ||
| extract_xc3028.pl | ||
| faddr2line | ||
| file-size.sh | ||
| find-unused-docs.sh | ||
| gcc-x86_32-has-stack-protector.sh | ||
| gcc-x86_64-has-stack-protector.sh | ||
| gen-randstruct-seed.sh | ||
| gen_autoksyms.sh | ||
| gen_ksymdeps.sh | ||
| generate_initcall_order.pl | ||
| generate_rust_analyzer.py | ||
| generate_rust_target.rs | ||
| get_abi.pl | ||
| get_dvb_firmware | ||
| get_feat.pl | ||
| get_maintainer.pl | ||
| gfp-translate | ||
| head-object-list.txt | ||
| headerdep.pl | ||
| headers_install.sh | ||
| insert-sys-cert.c | ||
| install.sh | ||
| is_rust_module.sh | ||
| jobserver-exec | ||
| kallsyms.c | ||
| Kbuild.include | ||
| Kconfig.include | ||
| kernel-doc | ||
| ld-version.sh | ||
| leaking_addresses.pl | ||
| Lindent | ||
| link-vmlinux.sh | ||
| Makefile | ||
| Makefile.asm-generic | ||
| Makefile.build | ||
| Makefile.clang | ||
| Makefile.clean | ||
| Makefile.compiler | ||
| Makefile.debug | ||
| Makefile.dtbinst | ||
| Makefile.extrawarn | ||
| Makefile.gcc-plugins | ||
| Makefile.headersinst | ||
| Makefile.host | ||
| Makefile.kasan | ||
| Makefile.kcov | ||
| Makefile.kcsan | ||
| Makefile.kmsan | ||
| Makefile.lib | ||
| Makefile.modfinal | ||
| Makefile.modinst | ||
| Makefile.modpost | ||
| Makefile.package | ||
| Makefile.randstruct | ||
| Makefile.ubsan | ||
| Makefile.userprogs | ||
| Makefile.vmlinux | ||
| Makefile.vmlinux_o | ||
| makelst | ||
| markup_oops.pl | ||
| min-tool-version.sh | ||
| mkcompile_h | ||
| mksysmap | ||
| mkuboot.sh | ||
| module.lds.S | ||
| modules-check.sh | ||
| nsdeps | ||
| objdiff | ||
| objdump-func | ||
| pahole-flags.sh | ||
| pahole-version.sh | ||
| parse-maintainers.pl | ||
| patch-kernel | ||
| profile2linkerlist.pl | ||
| prune-kernel | ||
| recordmcount.c | ||
| recordmcount.h | ||
| recordmcount.pl | ||
| remove-stale-files | ||
| rust_is_available.sh | ||
| rust_is_available_bindgen_libclang.h | ||
| setlocalversion | ||
| show_delta | ||
| sign-file.c | ||
| sorttable.c | ||
| sorttable.h | ||
| spdxcheck-test.sh | ||
| spdxcheck.py | ||
| spdxexclude | ||
| spelling.txt | ||
| sphinx-pre-install | ||
| split-man.pl | ||
| stackdelta | ||
| stackusage | ||
| subarch.include | ||
| syscallhdr.sh | ||
| syscallnr.sh | ||
| syscalltbl.sh | ||
| tags.sh | ||
| test_fortify.sh | ||
| tools-support-relr.sh | ||
| unifdef.c | ||
| ver_linux | ||
| xen-hypercalls.sh | ||
| xz_wrap.sh | ||