| Message ID | 20180522174254.27551-12-julien.grall@arm.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | xen/arm: SSBD (aka Spectre-v4) mitigation (XSA-263) | expand |
On Tue, 22 May 2018, Julien Grall wrote: > At the moment, HARDEN_BRANCH_PREDICTOR is not in any section making > impossible for the user to unselect it. > > Also, it looks like we require to use 'expert = "y"' for showing the > option in expert mode. > > Signed-off-by: Julien Grall <julien.grall@arm.com> Very useful, thank you! Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> > --- > xen/arch/arm/Kconfig | 34 +++++++++++++++++----------------- > 1 file changed, 17 insertions(+), 17 deletions(-) > > diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig > index 0e2d027060..4212c58171 100644 > --- a/xen/arch/arm/Kconfig > +++ b/xen/arch/arm/Kconfig > @@ -83,6 +83,23 @@ config ARM_SSBD > > If unsure, say Y. > > +config HARDEN_BRANCH_PREDICTOR > + bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y" > + default y > + help > + Speculation attacks against some high-performance processors rely on > + being able to manipulate the branch predictor for a victim context by > + executing aliasing branches in the attacker context. Such attacks > + can be partially mitigated against by clearing internal branch > + predictor state and limiting the prediction logic in some situations. > + > + This config option will take CPU-specific actions to harden the > + branch predictor against aliasing attacks and may rely on specific > + instruction sequences or control bits being set by the system > + firmware. > + > + If unsure, say Y. > + > endmenu > > menu "ARM errata workaround via the alternative framework" > @@ -197,23 +214,6 @@ config ARM64_ERRATUM_834220 > > endmenu > > -config HARDEN_BRANCH_PREDICTOR > - bool "Harden the branch predictor against aliasing attacks" if EXPERT > - default y > - help > - Speculation attacks against some high-performance processors rely on > - being able to manipulate the branch predictor for a victim context by > - executing aliasing branches in the attacker context. Such attacks > - can be partially mitigated against by clearing internal branch > - predictor state and limiting the prediction logic in some situations. > - > - This config option will take CPU-specific actions to harden the > - branch predictor against aliasing attacks and may rely on specific > - instruction sequences or control bits being set by the system > - firmware. > - > - If unsure, say Y. > - > config ARM64_HARDEN_BRANCH_PREDICTOR > def_bool y if ARM_64 && HARDEN_BRANCH_PREDICTOR > > -- > 2.11.0 >
diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 0e2d027060..4212c58171 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -83,6 +83,23 @@ config ARM_SSBD If unsure, say Y. +config HARDEN_BRANCH_PREDICTOR + bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y" + default y + help + Speculation attacks against some high-performance processors rely on + being able to manipulate the branch predictor for a victim context by + executing aliasing branches in the attacker context. Such attacks + can be partially mitigated against by clearing internal branch + predictor state and limiting the prediction logic in some situations. + + This config option will take CPU-specific actions to harden the + branch predictor against aliasing attacks and may rely on specific + instruction sequences or control bits being set by the system + firmware. + + If unsure, say Y. + endmenu menu "ARM errata workaround via the alternative framework" @@ -197,23 +214,6 @@ config ARM64_ERRATUM_834220 endmenu -config HARDEN_BRANCH_PREDICTOR - bool "Harden the branch predictor against aliasing attacks" if EXPERT - default y - help - Speculation attacks against some high-performance processors rely on - being able to manipulate the branch predictor for a victim context by - executing aliasing branches in the attacker context. Such attacks - can be partially mitigated against by clearing internal branch - predictor state and limiting the prediction logic in some situations. - - This config option will take CPU-specific actions to harden the - branch predictor against aliasing attacks and may rely on specific - instruction sequences or control bits being set by the system - firmware. - - If unsure, say Y. - config ARM64_HARDEN_BRANCH_PREDICTOR def_bool y if ARM_64 && HARDEN_BRANCH_PREDICTOR
At the moment, HARDEN_BRANCH_PREDICTOR is not in any section making impossible for the user to unselect it. Also, it looks like we require to use 'expert = "y"' for showing the option in expert mode. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/Kconfig | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-)