]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6449f5b) | patch
x86/vmscape: Warn when STIBP is disabled with SMT
authorPawan Gupta <pawan.kumar.gupta@linux.intel.com>
Thu, 14 Aug 2025 17:20:43 +0000 (10:20 -0700)
committerDave Hansen <dave.hansen@linux.intel.com>
Thu, 14 Aug 2025 17:38:18 +0000 (10:38 -0700)
commitb7cc9887231526ca4fa89f3fa4119e47c2dc7b1e
tree515fb05671f3c725228463ae988c790aa43e1982tree | snapshot
parent6449f5baf9c78a7a442d64f4a61378a21c5db113commit | diff
x86/vmscape: Warn when STIBP is disabled with SMT

Cross-thread attacks are generally harder as they require the victim to be
co-located on a core. However, with VMSCAPE the adversary targets belong to
the same guest execution, that are more likely to get co-located. In
particular, a thread that is currently executing userspace hypervisor
(after the IBPB) may still be targeted by a guest execution from a sibling
thread.

Issue a warning about the potential risk, except when:

- SMT is disabled
- STIBP is enabled system-wide
- Intel eIBRS is enabled (which implies STIBP protection)

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
arch/x86/kernel/cpu/bugs.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git