microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)
1 053 602 коммитов 10 Ветки 3 162 Теги 3,2 GiB
C 97.7%
Assembly 1.2%
Shell 0.4%
Makefile 0.3%
Python 0.2%
Разное 0.1%
Перейти к файлу
Peter Zijlstra fd17a42549 x86/bugs: Add retbleed=ibpb 
commit 3ebc170068 upstream.

jmp2ret mitigates the easy-to-attack case at relatively low overhead.
It mitigates the long speculation windows after a mispredicted RET, but
it does not mitigate the short speculation window from arbitrary
instruction boundaries.

On Zen2, there is a chicken bit which needs setting, which mitigates
"arbitrary instruction boundaries" down to just "basic block boundaries".

But there is no fix for the short speculation window on basic block
boundaries, other than to flush the entire BTB to evict all attacker
predictions.

On the spectrum of "fast & blurry" -> "safe", there is (on top of STIBP
or no-SMT):

  1) Nothing		System wide open
  2) jmp2ret		May stop a script kiddy
  3) jmp2ret+chickenbit  Raises the bar rather further
  4) IBPB		Only thing which can count as "safe".

Tentative numbers put IBPB-on-entry at a 2.5x hit on Zen2, and a 10x hit
on Zen1 according to lmbench.

  [ bp: Fixup feature bit comments, document option, 32-bit build fix. ]

Suggested-by: Andrew Cooper <Andrew.Cooper3@citrix.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2022-07-23 12:54:05 +02:00
Documentation x86/bugs: Add retbleed=ibpb 2022-07-23 12:54:05 +02:00
LICENSES LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes" 2021-07-15 06:31:24 -06:00
arch x86/bugs: Add retbleed=ibpb 2022-07-23 12:54:05 +02:00
block block: fix rq-qos breakage from skipping rq_qos_done_bio() 2022-07-12 16:34:57 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:22:01 +02:00
crypto crypto: memneq - move into lib/ 2022-06-22 14:22:03 +02:00
drivers intel_idle: Disable IBRS during long idle 2022-07-23 12:54:04 +02:00
fs ksmbd: use SOCK_NONBLOCK type for kernel_accept() 2022-07-21 21:24:32 +02:00
include x86/bugs: Report AMD retbleed vulnerability 2022-07-23 12:54:02 +02:00
init Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug 2022-06-09 10:23:26 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:23:10 +02:00
kernel signal handling: don't use BUG_ON() for debugging 2022-07-21 21:24:42 +02:00
lib ida: don't use BUG_ON() for debugging 2022-07-12 16:35:18 +02:00
mm mm: split huge PUD on wp_huge_pud fallback 2022-07-21 21:24:11 +02:00
net net: tipc: fix possible refcount leak in tipc_sk_create() 2022-07-21 21:24:35 +02:00
samples samples/landlock: Format with clang-format 2022-06-09 10:23:23 +02:00
scripts stddef: Introduce DECLARE_FLEX_ARRAY() helper 2022-07-12 16:35:03 +02:00
security ima: Fix potential memory leak in ima_init_crypto() 2022-07-21 21:24:29 +02:00
sound ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0) 2022-07-21 21:24:41 +02:00
tools objtool: Update Retpoline validation 2022-07-23 12:54:04 +02:00
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage 2022-02-01 17:27:15 +01:00
virt KVM: Initialize debugfs_dentry when a VM is created to avoid NULL deref 2022-07-12 16:35:05 +02:00
.clang-format clang-format: Update with the latest for_each macro list 2021-05-12 23:32:39 +02:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap mailmap: add Andrej Shadura 2021-10-18 20:22:03 -10:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Daniel Drake to credits 2021-09-21 08:34:58 +03:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Input: goodix - add a goodix.h header file 2022-07-12 16:34:51 +02:00
Makefile x86/retpoline: Use -mfunction-return 2022-07-23 12:53:58 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.