diff options
| author | David Kaplan <david.kaplan@amd.com> | 2025-07-21 11:03:10 -0500 |
|---|---|---|
| committer | Borislav Petkov (AMD) <bp@alien8.de> | 2025-08-11 17:32:36 +0200 |
| commit | 4fa7d880aeb8cdbdaa4fb72be3e53ac1d6bcc088 (patch) | |
| tree | f5eba150c46c41f8bd0734cbc29232c01947b411 /Documentation/admin-guide/hw-vuln/attack_vector_controls.rst | |
| parent | 8f5ae30d69d7543eee0d70083daf4de8fe15d585 (diff) | |
x86/bugs: Select best SRSO mitigation
The SRSO bug can theoretically be used to conduct user->user or guest->guest
attacks and requires a mitigation (namely IBPB instead of SBPB on context
switch) for these. So mark SRSO as being applicable to the user->user and
guest->guest attack vectors.
Additionally, SRSO supports multiple mitigations which mitigate different
potential attack vectors. Some CPUs are also immune to SRSO from
certain attack vectors (like user->kernel).
Use the specific attack vectors requiring mitigation to select the best
SRSO mitigation to avoid unnecessary performance hits.
Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250721160310.1804203-1-david.kaplan@amd.com
Diffstat (limited to 'Documentation/admin-guide/hw-vuln/attack_vector_controls.rst')
| -rw-r--r-- | Documentation/admin-guide/hw-vuln/attack_vector_controls.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst index b4de16f5ec44..6dd0800146f6 100644 --- a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst +++ b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst @@ -214,7 +214,7 @@ Spectre_v1 X Spectre_v2 X X Spectre_v2_user X X * (Note 1) SRBDS X X X X -SRSO X X +SRSO X X X X SSB (Note 4) TAA X X X X * (Note 2) TSA X X X X |