/[packages]/cauldron/kernel/current/SOURCES/x86-fpu-xstate-Fix-PKRU-covert-channel.patch
ViewVC logotype

Contents of /cauldron/kernel/current/SOURCES/x86-fpu-xstate-Fix-PKRU-covert-channel.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1983391 - (show annotations) (download)
Fri Sep 1 17:24:37 2023 UTC (17 months, 1 week ago) by tmb
File size: 1387 byte(s)
- r8169: fix ASPM-related issues on a number of systems with NIC
   version from RTL8168h
- Revert "misc: rtsx: judge ASPM Mode to set PETXCFG Reg"
- x86/fpu/xstate: Fix PKRU covert channel
- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS


1 From 18032b47adf1db7b7f5fb2d1344e65aafe6417df Mon Sep 17 00:00:00 2001
2 From: Jim Mattson <jmattson@google.com>
3 Date: Wed, 30 Aug 2023 21:32:21 -0700
4 Subject: [PATCH] x86/fpu/xstate: Fix PKRU covert channel
5
6 When XCR0[9] is set, PKRU can be read and written from userspace with
7 XSAVE and XRSTOR, even when CR4.PKE is clear.
8
9 Clear XCR0[9] when protection keys are disabled.
10
11 Reported-by: Tavis Ormandy <taviso@google.com>
12 Signed-off-by: Jim Mattson <jmattson@google.com>
13 Signed-off-by: Ingo Molnar <mingo@kernel.org>
14 Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
15 Link: https://lore.kernel.org/r/20230831043228.1194256-1-jmattson@google.com
16 ---
17 arch/x86/kernel/fpu/xstate.c | 2 +-
18 1 file changed, 1 insertion(+), 1 deletion(-)
19
20 diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
21 index 1afbc4866b10..a27b4f7b9365 100644
22 --- a/arch/x86/kernel/fpu/xstate.c
23 +++ b/arch/x86/kernel/fpu/xstate.c
24 @@ -71,7 +71,7 @@ static unsigned short xsave_cpuid_features[] __initdata = {
25 [XFEATURE_ZMM_Hi256] = X86_FEATURE_AVX512F,
26 [XFEATURE_Hi16_ZMM] = X86_FEATURE_AVX512F,
27 [XFEATURE_PT_UNIMPLEMENTED_SO_FAR] = X86_FEATURE_INTEL_PT,
28 - [XFEATURE_PKRU] = X86_FEATURE_PKU,
29 + [XFEATURE_PKRU] = X86_FEATURE_OSPKE,
30 [XFEATURE_PASID] = X86_FEATURE_ENQCMD,
31 [XFEATURE_XTILE_CFG] = X86_FEATURE_AMX_TILE,
32 [XFEATURE_XTILE_DATA] = X86_FEATURE_AMX_TILE,
33 --
34 2.42.0
35

  ViewVC Help
Powered by ViewVC 1.1.30