]>
Commit | Line | Data |
---|---|---|
1 | From: Andrea Arcangeli <andrea@cpushare.com> | |
2 | Subject: [PATCH seccomp: make tsc disabling optional | |
3 | Patch-mainline: unknown | |
4 | References: 191123 | |
5 | ||
6 | Make the TSC disable purely paranoid feature optional, so by default seccomp | |
7 | returns absolutely zerocost. | |
8 | ||
9 | Ported from 2.6.19 to 2.6.24-rc7 by Jeff Mahoney. | |
10 | Addition of x86-64 by Jan Beulich. | |
11 | ||
12 | Signed-off-by: Andrea Arcangeli <andrea@cpushare.com> | |
13 | Acked-by: Jeff Mahoney <jeffm@suse.com> | |
14 | --- | |
15 | arch/x86/Kconfig | 12 ++++++++++++ | |
16 | arch/x86/kernel/process_32.c | 2 ++ | |
17 | arch/x86/kernel/process_64.c | 2 ++ | |
18 | 3 files changed, 16 insertions(+) | |
19 | ||
20 | --- a/arch/x86/Kconfig | |
21 | +++ b/arch/x86/Kconfig | |
22 | @@ -1228,6 +1228,18 @@ config SECCOMP | |
23 | ||
24 | If unsure, say Y. Only embedded should say N here. | |
25 | ||
26 | +config SECCOMP_DISABLE_TSC | |
27 | + bool "Disable the TSC for seccomp tasks" | |
28 | + depends on SECCOMP | |
29 | + default n | |
30 | + help | |
31 | + This feature mathematically prevents covert channels | |
32 | + for tasks running under SECCOMP. This can generate | |
33 | + a minuscule overhead in the scheduler. | |
34 | + | |
35 | + If you care most about performance say N. Say Y only if you're | |
36 | + paranoid about covert channels. | |
37 | + | |
38 | config CC_STACKPROTECTOR | |
39 | bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)" | |
40 | depends on X86_64 && EXPERIMENTAL && BROKEN | |
41 | --- a/arch/x86/kernel/process_32.c | |
42 | +++ b/arch/x86/kernel/process_32.c | |
43 | @@ -387,6 +387,7 @@ static void hard_disable_TSC(void) | |
44 | ||
45 | void disable_TSC(void) | |
46 | { | |
47 | +#ifdef CONFIG_SECCOMP_DISABLE_TSC | |
48 | preempt_disable(); | |
49 | if (!test_and_set_thread_flag(TIF_NOTSC)) | |
50 | /* | |
51 | @@ -395,6 +396,7 @@ void disable_TSC(void) | |
52 | */ | |
53 | hard_disable_TSC(); | |
54 | preempt_enable(); | |
55 | +#endif | |
56 | } | |
57 | ||
58 | static void hard_enable_TSC(void) | |
59 | --- a/arch/x86/kernel/process_64.c | |
60 | +++ b/arch/x86/kernel/process_64.c | |
61 | @@ -406,6 +406,7 @@ static void hard_disable_TSC(void) | |
62 | ||
63 | void disable_TSC(void) | |
64 | { | |
65 | +#ifdef CONFIG_SECCOMP_DISABLE_TSC | |
66 | preempt_disable(); | |
67 | if (!test_and_set_thread_flag(TIF_NOTSC)) | |
68 | /* | |
69 | @@ -414,6 +415,7 @@ void disable_TSC(void) | |
70 | */ | |
71 | hard_disable_TSC(); | |
72 | preempt_enable(); | |
73 | +#endif | |
74 | } | |
75 | ||
76 | static void hard_enable_TSC(void) |