git.ipfire.org Git - thirdparty/kernel/stable.git/commit

x86/speculation/mmio: Reuse SRBDS mitigation for SBDS

commit a992b8a4682f119ae035a01b40d4d0665c4a2875 upstream

The Shared Buffers Data Sampling (SBDS) variant of Processor MMIO Stale
Data vulnerabilities may expose RDRAND, RDSEED and SGX EGETKEY data.
Mitigation for this is added by a microcode update.

As some of the implications of SBDS are similar to SRBDS, SRBDS mitigation
infrastructure can be leveraged by SBDS. Set X86_BUG_SRBDS and use SRBDS
mitigation.

Mitigation is enabled by default; use srbds=off to opt-out. Mitigation
status can be checked from below file:

/sys/devices/system/cpu/vulnerabilities/srbds

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
[cascardo: adjust for processor model names]
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

author	Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
	Fri, 20 May 2022 03:34:14 +0000 (20:34 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 16 Jun 2022 11:01:55 +0000 (13:01 +0200)
commit	532c3a51316b6b1fdc6cb01926e2d139ef7e25da
tree	a305157aca1ce3105f861d57b40cd7811ffcfac5	tree
parent	ed4fa7697ca4039eed5142c983c5905e46039c36	commit \| diff