diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-05 15:50:34 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-05 15:50:34 -0500 |
| commit | edaed168e135f8ec87b27b567a367cbb041f2243 (patch) | |
| tree | dc56708c4a2c6ace03c8a7211e941c8911a17092 /arch/x86/kernel/cpu/bugs.c | |
| parent | 78f860135433a8bba406352fbdcea8e8980583bf (diff) | |
| parent | 71368af9027f18fe5d1c6f372cfdff7e4bde8b48 (diff) | |
Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86/pti update from Thomas Gleixner:
"Just a single change from the anti-performance departement:
- Add a new PR_SPEC_DISABLE_NOEXEC option which allows to apply the
speculation protections on a process without inheriting the state
on exec.
This remedies a situation where a Java-launcher has speculation
protections enabled because that's the default for JVMs which
causes the launched regular harmless processes to inherit the
protection state which results in unintended performance
degradation"
* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/speculation: Add PR_SPEC_DISABLE_NOEXEC
Diffstat (limited to 'arch/x86/kernel/cpu/bugs.c')
| -rw-r--r-- | arch/x86/kernel/cpu/bugs.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 01874d54f4fd..2da82eff0eb4 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c | |||
| @@ -798,15 +798,25 @@ static int ssb_prctl_set(struct task_struct *task, unsigned long ctrl) | |||
| 798 | if (task_spec_ssb_force_disable(task)) | 798 | if (task_spec_ssb_force_disable(task)) |
| 799 | return -EPERM; | 799 | return -EPERM; |
| 800 | task_clear_spec_ssb_disable(task); | 800 | task_clear_spec_ssb_disable(task); |
| 801 | task_clear_spec_ssb_noexec(task); | ||
| 801 | task_update_spec_tif(task); | 802 | task_update_spec_tif(task); |
| 802 | break; | 803 | break; |
| 803 | case PR_SPEC_DISABLE: | 804 | case PR_SPEC_DISABLE: |
| 804 | task_set_spec_ssb_disable(task); | 805 | task_set_spec_ssb_disable(task); |
| 806 | task_clear_spec_ssb_noexec(task); | ||
| 805 | task_update_spec_tif(task); | 807 | task_update_spec_tif(task); |
| 806 | break; | 808 | break; |
| 807 | case PR_SPEC_FORCE_DISABLE: | 809 | case PR_SPEC_FORCE_DISABLE: |
| 808 | task_set_spec_ssb_disable(task); | 810 | task_set_spec_ssb_disable(task); |
| 809 | task_set_spec_ssb_force_disable(task); | 811 | task_set_spec_ssb_force_disable(task); |
| 812 | task_clear_spec_ssb_noexec(task); | ||
| 813 | task_update_spec_tif(task); | ||
| 814 | break; | ||
| 815 | case PR_SPEC_DISABLE_NOEXEC: | ||
| 816 | if (task_spec_ssb_force_disable(task)) | ||
| 817 | return -EPERM; | ||
| 818 | task_set_spec_ssb_disable(task); | ||
| 819 | task_set_spec_ssb_noexec(task); | ||
| 810 | task_update_spec_tif(task); | 820 | task_update_spec_tif(task); |
| 811 | break; | 821 | break; |
| 812 | default: | 822 | default: |
| @@ -885,6 +895,8 @@ static int ssb_prctl_get(struct task_struct *task) | |||
| 885 | case SPEC_STORE_BYPASS_PRCTL: | 895 | case SPEC_STORE_BYPASS_PRCTL: |
| 886 | if (task_spec_ssb_force_disable(task)) | 896 | if (task_spec_ssb_force_disable(task)) |
| 887 | return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE; | 897 | return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE; |
| 898 | if (task_spec_ssb_noexec(task)) | ||
| 899 | return PR_SPEC_PRCTL | PR_SPEC_DISABLE_NOEXEC; | ||
| 888 | if (task_spec_ssb_disable(task)) | 900 | if (task_spec_ssb_disable(task)) |
| 889 | return PR_SPEC_PRCTL | PR_SPEC_DISABLE; | 901 | return PR_SPEC_PRCTL | PR_SPEC_DISABLE; |
| 890 | return PR_SPEC_PRCTL | PR_SPEC_ENABLE; | 902 | return PR_SPEC_PRCTL | PR_SPEC_ENABLE; |