x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
Contemporary high performance processors use a common industry-wide optimization known as "Speculative Store Bypass" in which loads from addresses to which a recent store has occurred may (speculatively) see an older value. Intel refers to this feature as "Memory Disambiguation" which is part of their "Smart Memory Access" capability. Memory Disambiguation can expose a cache side-channel attack against such speculatively read values. An attacker can create exploit code that allows them to read memory outside of a sandbox environment (for example, malicious JavaScript in a web page), or to perform more complex attacks against code running within the same privilege level, e.g. via the stack. As a first step to mitigate against such attacks, provide two boot command line control knobs: nospec_store_bypass_disable spec_store_bypass_disable=[off,auto,on] By default affected x86 processors will power on with Speculative Store B...
Showing
- Documentation/admin-guide/kernel-parameters.txt 33 additions, 0 deletionsDocumentation/admin-guide/kernel-parameters.txt
- arch/x86/include/asm/cpufeatures.h 1 addition, 0 deletionsarch/x86/include/asm/cpufeatures.h
- arch/x86/include/asm/nospec-branch.h 6 additions, 0 deletionsarch/x86/include/asm/nospec-branch.h
- arch/x86/kernel/cpu/bugs.c 103 additions, 0 deletionsarch/x86/kernel/cpu/bugs.c
Please register or sign in to comment