diff options
| author | Pawan Gupta <pawan.kumar.gupta@linux.intel.com> | 2024-06-21 21:17:21 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-05-18 08:24:59 +0200 |
| commit | 16a7d5b7a46ec0db7d30bb52d096a222fa0e22ed (patch) | |
| tree | 08fe3a6341502d3fed0c9f287fbb69cd41e5d90d /drivers/usb/cdns3/cdns3-debug.h | |
| parent | a6f2a436e9d6aa96013814cface08d8602638123 (diff) | |
x86/its: Add support for ITS-safe indirect thunk
commit 8754e67ad4ac692c67ff1f99c0d07156f04ae40c upstream.
Due to ITS, indirect branches in the lower half of a cacheline may be
vulnerable to branch target injection attack.
Introduce ITS-safe thunks to patch indirect branches in the lower half of
cacheline with the thunk. Also thunk any eBPF generated indirect branches
in emit_indirect_jump().
Below category of indirect branches are not mitigated:
- Indirect branches in the .init section are not mitigated because they are
discarded after boot.
- Indirect branches that are explicitly marked retpoline-safe.
Note that retpoline also mitigates the indirect branches against ITS. This
is because the retpoline sequence fills an RSB entry before RET, and it
does not suffer from RSB-underflow part of the ITS.
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Reviewed-by: Alexandre Chartre <alexandre.chartre@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/usb/cdns3/cdns3-debug.h')
0 files changed, 0 insertions, 0 deletions