OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/Documentation
History
Nicholas Piggin 09495b5f7a powerpc/64s: flush L1D after user accesses 
commit 9a32a7e78b upstream.

IBM Power9 processors can speculatively operate on data in the L1 cache
before it has been completely validated, via a way-prediction mechanism. It
is not possible for an attacker to determine the contents of impermissible
memory using this method, since these systems implement a combination of
hardware and software security measures to prevent scenarios where
protected data could be leaked.

However these measures don't address the scenario where an attacker induces
the operating system to speculatively execute instructions using data that
the attacker controls. This can be used for example to speculatively bypass
"kernel user access prevention" techniques, as discovered by Anthony
Steinhauser of Google's Safeside Project. This is not an attack by itself,
but there is a possibility it could be used in conjunction with
side-channels or other weaknesses in the privileged code to construct an
attack.

This issue can be mitigated by flushing the L1 cache between privilege
boundaries of concern. This patch flushes the L1 cache after user accesses.

This is part of the fix for CVE-2020-4788.

Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-11-22 10:14:10 +01:00
..
ABI iio: improve IIO_CONCENTRATION channel type description 2020-08-19 08:16:07 +02:00
EDID
PCI
RCU
accounting
admin-guide powerpc/64s: flush L1D after user accesses 2020-11-22 10:14:10 +01:00
arm
arm64 arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 2020-04-29 16:32:56 +02:00
block
bpf
cdrom
core-api
cpu-freq
crypto
dev-tools
devicetree gpio/aspeed-sgpio: enable access to all 80 input & output sgpios 2020-10-07 08:01:28 +02:00
doc-guide
driver-api ata: make qc_prep return ata_completion_errors 2020-10-01 13:18:26 +02:00
fault-injection
fb fbdev: fix numbering of fbcon options 2020-02-24 08:36:42 +01:00
features
filesystems affs: fix basic permission bits to actually work 2020-09-09 19:12:34 +02:00
firmware-guide
firmware_class
fpga
gpu
hid
hwmon
i2c
ia64
ide
iio
infiniband
input
ioctl
isdn
kbuild kbuild: support LLVM=1 to switch the default tools to Clang/LLVM 2020-08-26 10:40:47 +02:00
kernel-hacking
leds
livepatch
locking
m68k
maintainer
media media: videodev2.h: RGB BT2020 and HSV are always full range 2020-11-05 11:43:15 +01:00
mic
mips
misc-devices
netlabel
networking can: j1939: swap addr and pgn in the send example 2020-11-18 19:20:19 +01:00
nios2
openrisc
parisc
pcmcia
power
powerpc
process
riscv
s390
scheduler
scsi
security
sh
sound ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups 2020-04-17 10:50:08 +02:00
sparc
sphinx
sphinx-static
spi
target
timers
trace
translations
usb
userspace-api
virt x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit 2020-06-22 09:30:57 +02:00
virtual
vm
w1
watchdog
x86
xtensa
.gitignore
COPYING-logo
Changes
CodingStyle
DMA-API-HOWTO.txt
DMA-API.txt
DMA-ISA-LPC.txt
DMA-attributes.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
Kconfig
Makefile
SubmittingPatches
asm-annotations.rst linkage: Introduce new macros for assembler symbols 2020-11-10 12:37:24 +01:00
atomic_bitops.txt
atomic_t.txt
bus-virt-phys-mapping.txt
conf.py
crc32.txt
debugging-modules.txt
debugging-via-ohci1394.txt
digsig.txt
docutils.conf
dontdiff
futex-requeue-pi.txt
hwspinlock.txt
index.rst linkage: Introduce new macros for assembler symbols 2020-11-10 12:37:24 +01:00
io-mapping.txt
io_ordering.txt
irqflags-tracing.txt
kobject.txt
kprobes.txt
kref.txt
logo.gif
lzo.txt lib/lzo: fix ambiguous encoding bug in lzo-rle 2020-06-17 16:40:28 +02:00
mailbox.txt
memory-barriers.txt
nommu-mmap.txt
padata.txt
percpu-rw-semaphore.txt
pi-futex.txt
preempt-locking.txt
rbtree.txt
remoteproc.txt
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
speculation.txt
static-keys.txt
tee.txt
this_cpu_ops.txt
unaligned-memory-access.txt
xz.txt