diff options
| author | Linus Torvalds | 2018-06-06 22:49:25 +0200 |
|---|---|---|
| committer | Linus Torvalds | 2018-06-06 22:49:25 +0200 |
| commit | 311da4975894aab7a4bb94aa83f38f052d7ffda4 (patch) | |
| tree | 4de18b9cbeac4f21ed2aa7c8ec0ae515a56f368c /arch/arm/mm/Kconfig | |
| parent | Merge tag 'linux-kselftest-4.18-rc1' of git://git.kernel.org/pub/scm/linux/ke... (diff) | |
| parent | Merge branches 'fixes', 'misc' and 'spectre' into for-linus (diff) | |
| download | kernel-qcow2-linux-311da4975894aab7a4bb94aa83f38f052d7ffda4.tar.gz kernel-qcow2-linux-311da4975894aab7a4bb94aa83f38f052d7ffda4.tar.xz kernel-qcow2-linux-311da4975894aab7a4bb94aa83f38f052d7ffda4.zip | |
Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm
Pull ARM updates from Russell King:
- Initial round of Spectre variant 1 and variant 2 fixes for 32-bit ARM
- Clang support improvements
- nommu updates for v8 MPU
- enable ARM_MODULE_PLTS by default to avoid problems loading modules
with larger kernels
- vmlinux.lds and dma-mapping cleanups
* 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: (31 commits)
ARM: spectre-v1: fix syscall entry
ARM: spectre-v1: add array_index_mask_nospec() implementation
ARM: spectre-v1: add speculation barrier (csdb) macros
ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1
ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling
ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15
ARM: KVM: invalidate icache on guest exit for Cortex-A15
ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17
ARM: spectre-v2: warn about incorrect context switching functions
ARM: spectre-v2: add firmware based hardening
ARM: spectre-v2: harden user aborts in kernel space
ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit
ARM: spectre-v2: harden branch predictor on context switches
ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre
ARM: bugs: add support for per-processor bug checking
ARM: bugs: hook processor bug checking into SMP and suspend paths
ARM: bugs: prepare processor bug infrastructure
ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs
ARM: 8774/1: remove no-op macro VMLINUX_SYMBOL()
ARM: 8773/1: amba: Export amba_bustype
...
Diffstat (limited to 'arch/arm/mm/Kconfig')
| -rw-r--r-- | arch/arm/mm/Kconfig | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig index 5a016bc80e26..96a7b6cf459b 100644 --- a/arch/arm/mm/Kconfig +++ b/arch/arm/mm/Kconfig @@ -415,6 +415,7 @@ config CPU_V7 select CPU_CP15_MPU if !MMU select CPU_HAS_ASID if MMU select CPU_PABRT_V7 + select CPU_SPECTRE if MMU select CPU_THUMB_CAPABLE select CPU_TLB_V7 if MMU @@ -821,6 +822,28 @@ config CPU_BPREDICT_DISABLE help Say Y here to disable branch prediction. If unsure, say N. +config CPU_SPECTRE + bool + +config HARDEN_BRANCH_PREDICTOR + bool "Harden the branch predictor against aliasing attacks" if EXPERT + depends on CPU_SPECTRE + default y + help + Speculation attacks against some high-performance processors rely + on being able to manipulate the branch predictor for a victim + context by executing aliasing branches in the attacker context. + Such attacks can be partially mitigated against by clearing + internal branch predictor state and limiting the prediction + logic in some situations. + + This config option will take CPU-specific actions to harden + the branch predictor against aliasing attacks and may rely on + specific instruction sequences or control bits being set by + the system firmware. + + If unsure, say Y. + config TLS_REG_EMUL bool select NEED_KUSER_HELPERS |