From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <smtp.intel.com@mtg-dev.jf.intel.com>
Received: from mail.linutronix.de (193.142.43.55:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 19 Feb
  2020 23:06:34 -0000
Received: from mga14.intel.com ([192.55.52.115])
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <smtp.intel.com@mtg-dev.jf.intel.com>)
	id 1j4YQL-0006qH-11
	for speck@linutronix.de; Thu, 20 Feb 2020 00:06:33 +0100
Received: from mtg-dev (mtg-dev.jf.intel.com [10.54.74.10])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.ostc.intel.com (Postfix) with ESMTPS id DCE0D6361
	for <speck@linutronix.de>; Wed, 19 Feb 2020 23:06:30 +0000 (UTC)
Received: from mgross by mtg-dev with local (Exim 4.90_1)
	(envelope-from <smtp.intel.com@mtg-dev.jf.intel.com>)
	id 1j4YQH-000FC9-7u
	for speck@linutronix.de; Wed, 19 Feb 2020 15:06:29 -0800
Message-Id: <cover.1582152322.git.mgross@linux.intel.com>
From: mark gross <mgross@linux.intel.com>
Date: Wed, 19 Feb 2020 14:45:22 -0800
Subject: [MODERATED] [PATCH 0/2] more sampling fun 0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

From: mark gross <mgross@linux.intel.com>
Subject: [PATCH 0/2] Special Register Buffer Data Sampling patch set 

Special Register Buffer Data Sampling is a sampling type of vulnerability that
leaks data across cores sharing the HW-RNG for vulnerable processors.

This leak is fixed by a microcode update and is enabled by default.

This new microcode serializes processor access during execution of RDRAND
or RDSEED. It ensures that the shared buffer is overwritten before it
is released for reuse.

The mitigation impacts the throughput of the RDRAND and RDSEED instructions
and latency of RT processing running on the socket while executing RDRAND or
RDSEED.  The micro bechmark of calling RDRAND many times shows a 10x slowdown.

This patch set enables kernel command line control of this mitigation and
exports vulnerability and mitigation status.

This patch set includes 2 patches:
The first patch updates cpu_vuln_whitelist with support for a 16 bit field for
enumerating based on stepping as well as vendor, family, model.

The second patch enables the command line control of the mitigation as well as
the sysfs export of vulnerability status.

The documentation patch is pending on the official white paper to be complete
such that I can make sure the in tree documentation is consistent with the
white paper.

The microcode defaults to enabling the mitigation.

mark gross (2):
  Add capability to specify a range of steppings in the vulnerability
    white list structure.
  WIP SRBDS mitigation enabling.

 arch/x86/include/asm/cpu_device_id.h | 12 ++++
 arch/x86/include/asm/cpufeatures.h   |  3 +
 arch/x86/include/asm/msr-index.h     |  4 ++
 arch/x86/kernel/cpu/bugs.c           | 84 ++++++++++++++++++++++++++++
 arch/x86/kernel/cpu/common.c         | 52 ++++++++++++-----
 arch/x86/kernel/cpu/cpu.h            | 10 ++++
 arch/x86/kernel/cpu/intel.c          |  2 +
 arch/x86/kernel/cpu/match.c          | 26 +++++++++
 drivers/base/cpu.c                   |  8 +++
 9 files changed, 187 insertions(+), 14 deletions(-)

-- 
2.17.1