| /linux/tools/testing/selftests/powerpc/security/ |
| A D | mitigation-patching.sh | 9 local mitigation="$1"
14 orig=$(cat "$mitigation")
21 echo 0 > "$mitigation"
22 echo 1 > "$mitigation"
27 echo "$orig" > "$mitigation"
|
| A D | Makefile | 4 TEST_PROGS := mitigation-patching.sh
|
| /linux/Documentation/admin-guide/hw-vuln/ |
| A D | mds.rst | 26 Not all processors are affected by all variants of MDS, but the mitigation
103 - The processor is vulnerable, but no mitigation enabled
124 Best effort mitigation mode
129 effort mitigation mode. This mode invokes the mitigation instructions
147 enables the mitigation by default. The mitigation can be controlled at boot
168 Virtualization mitigation
180 If the L1D flush mitigation is disabled then the MDS mitigation is
181 invoked explicit when the host MDS mitigation is enabled.
189 mitigation is enabled.
262 CPUs. This is the complete mitigation.
[all …]
|
| A D | special-register-buffer-data-sampling.rst | 87 the mitigation for RDRAND and RDSEED instructions executed outside of Intel
89 disable the mitigation using this opt-out mechanism, RDRAND and RDSEED do not
97 Along with the mitigation for this issue, Intel added a new thread-scope
103 disables the mitigation for RDRAND and RDSEED executed outside of an Intel SGX
104 enclave on that logical processor. Opting out of the mitigation for a
113 The kernel command line allows control over the SRBDS mitigation at boot time
131 Vulnerable Processor vulnerable and mitigation disabled
133 mitigation
134 Mitigation: Microcode Processor is vulnerable and mitigation is in
145 SRBDS Default mitigation
[all …]
|
| A D | tsx_async_abort.rst | 111 Best effort mitigation mode
115 mitigation mechanism is not advertised via CPUID the kernel selects a best
116 effort mitigation mode. This mode invokes the mitigation instructions
133 enables the mitigation by default.
139 Virtualization mitigation
159 off This option disables the TAA mitigation on affected platforms.
165 systems which are MDS-affected and deploy MDS mitigation,
178 effect as the same mitigation is used for both vulnerabilities.
254 untrusted code which is supplied externally, then the mitigation can be
267 explicitly enable the mitigation.
[all …]
|
| A D | spectre.rst | 321 The sysfs file showing Spectre variant 1 mitigation status is:
345 retpoline mitigation or if the CPU has hardware mitigation, and if the
346 CPU has support for additional process-specific mitigation.
410 Full mitigation might require a microcode update from the CPU
417 1. Kernel mitigation
475 2. User program mitigation
481 For Spectre variant 2 mitigation, individual user programs
504 3. VM mitigation
557 [X86] Control mitigation of Spectre variant 2
573 mitigation method at run time according to the
[all …]
|
| A D | l1tf.rst | 78 The Linux kernel contains a mitigation for this attack vector, PTE
92 PTE inversion mitigation for L1TF, to attack physical host memory.
158 Host mitigation mechanism
165 Guest mitigation mechanisms
386 mitigation, i.e. conditional L1D flushing
421 The KVM hypervisor mitigation mechanism, flushing the L1D cache when
435 never Disables the mitigation
502 is only potent in combination with other mitigation methods.
535 above mitigation methods.
546 not depending on any of the above mitigation methods. SMT can stay
[all …]
|
| A D | multihit.rst | 88 - The processor is vulnerable, but no mitigation enabled
125 The KVM hypervisor mitigation mechanism for marking huge pages as
133 force Mitigation is enabled. In this case, the mitigation implements
141 auto Enable mitigation only if the platform is affected and the kernel
166 to apply iTLB multihit mitigation via the kernel command line or kvm
|
| A D | l1d_flush.rst | 39 mechanism is used, software fallback for the mitigation, is not supported.
63 cores or by disabling SMT. See the relevant chapter in the L1TF mitigation
|
| /linux/Documentation/x86/ |
| A D | tsx_async_abort.rst | 3 TSX Async Abort (TAA) mitigation
33 Kernel internal mitigation modes
54 not provided then the kernel selects an appropriate mitigation depending on the
58 TAA mitigation, VERW behavior and TSX feature for various combinations of
66 …A_NO MDS_NO TSX_CTRL_MSR TSX state VERW can clear TAA mitigation TAA mitigation
81 …A_NO MDS_NO TSX_CTRL_MSR TSX state VERW can clear TAA mitigation TAA mitigation
96 …A_NO MDS_NO TSX_CTRL_MSR TSX state VERW can clear TAA mitigation TAA mitigation
|
| A D | mds.rst | 1 Microarchitectural Data Sampling (MDS) mitigation
73 All variants have the same mitigation strategy at least for the single CPU
82 command. The latter is issued when L1TF mitigation is enabled so the extra
98 The mitigation is invoked on kernel/userspace, hypervisor/guest and C-state
112 Kernel internal mitigation modes
130 line then the kernel selects the appropriate mitigation mode depending on
140 on affected CPUs when the mitigation is not disabled on the kernel
144 The mitigation is invoked in prepare_exit_to_usermode() which covers
173 switched depending on the chosen mitigation mode and the SMT state of
187 The mitigation is hooked into all variants of halt()/mwait(), but does
|
| A D | buslock.rst | 98 that mitigation is not needed.
119 This is an effective mitigation in cases where a minimal impact can be
|
| /linux/Documentation/userspace-api/ |
| A D | spec_ctrl.rst | 9 The kernel provides mitigation for such vulnerabilities in various
36 1 PR_SPEC_ENABLE The speculation feature is enabled, mitigation is
38 2 PR_SPEC_DISABLE The speculation feature is disabled, mitigation is
48 If PR_SPEC_PRCTL is set, then the per-task control of the mitigation is
|
| /linux/Documentation/driver-api/thermal/ |
| A D | cpu-idle-cooling.rst | 90 the duty cycle percentage. When no mitigation is happening the cooling
93 When the mitigation begins, depending on the governor's policy, a
133 mitigation begins. It is platform dependent and will depend on the
138 for thermal mitigation, otherwise we end up consuming more energy.
194 potentially invert the mitigation effect
|
| /linux/Documentation/virt/kvm/arm/ |
| A D | psci.rst | 47 firmware support for the workaround. The mitigation status for the
51 available to the guest and required for the mitigation.
|
| /linux/drivers/thermal/qcom/ |
| A D | Kconfig | 40 hardware(LMh). LMh allows for hardware-enforced mitigation for cpus based on
|
| /linux/Documentation/networking/ |
| A D | driver.rst | 74 mitigation scheme to let TX packets "hang out" in the TX
|
| /linux/Documentation/admin-guide/ |
| A D | kernel-parameters.txt | 2446 never: Disables the mitigation
2498 hypervisor mitigation, i.e. conditional
2511 hypervisor mitigation.
5324 but mitigation can be enabled via prctl
5348 Default mitigation: "prctl"
5452 (SRBDS) mitigation.
5467 off: Disable mitigation and remove
5492 firmware based mitigation, this parameter
5499 kernel: Always enable mitigation in the
5913 and deploy MDS mitigation, TAA mitigation is not
[all …]
|
| /linux/Documentation/infiniband/ |
| A D | ipoib.rst | 74 use ethtool to set interrupt mitigation parameters and thus reduce
|
| /linux/kernel/ |
| A D | Kconfig.preempt | 128 - mitigation of some (not all) SMT side channels;
|
| /linux/drivers/net/ethernet/dec/tulip/ |
| A D | Kconfig | 97 reduces RX interrupts by itself. Interrupt mitigation reduces RX
|
| /linux/Documentation/process/ |
| A D | embargoed-hardware-issues.rst | 143 response team, but is not necessarily involved in the mitigation
159 participate in the mitigation development.
|
| /linux/Documentation/PCI/ |
| A D | boot-interrupts.rst | 23 PCH and mitigation within BIOS and the OS.
|
| /linux/Documentation/devicetree/bindings/thermal/ |
| A D | thermal-zones.yaml | 48 platform-data regarding temperature thresholds and the mitigation actions
|
| /linux/Documentation/dev-tools/ |
| A D | kasan.rst | 19 mitigation.
192 intended for use in production as a security mitigation. Therefore, it supports
|