]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1cea8a2) | patch
x86/bugs: Clarify that syscall hardening isn't a BHI mitigation
authorJosh Poimboeuf <jpoimboe@kernel.org>
Thu, 11 Apr 2024 05:40:48 +0000 (22:40 -0700)
committerIngo Molnar <mingo@kernel.org>
Thu, 11 Apr 2024 08:30:33 +0000 (10:30 +0200)
commit5f882f3b0a8bf0788d5a0ee44b1191de5319bb8a
treee81864ff7a59b1a389fd57280ddbcc0ddf2f3c84tree | snapshot
parent1cea8a280dfd1016148a3820676f2f03e3f5b898commit | diff
x86/bugs: Clarify that syscall hardening isn't a BHI mitigation

While syscall hardening helps prevent some BHI attacks, there's still
other low-hanging fruit remaining.  Don't classify it as a mitigation
and make it clear that the system may still be vulnerable if it doesn't
have a HW or SW mitigation enabled.

Fixes: ec9404e40e8f ("x86/bhi: Add BHI mitigation knob")
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/b5951dae3fdee7f1520d5136a27be3bdfe95f88b.1712813475.git.jpoimboe@kernel.org
Documentation/admin-guide/hw-vuln/spectre.rst diff | blob | blame | history
Documentation/admin-guide/kernel-parameters.txt diff | blob | blame | history
arch/x86/kernel/cpu/bugs.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git