^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) Spectre Side Channels
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) =====================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) Spectre is a class of side channel attacks that exploit branch prediction
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) and speculative execution on modern CPUs to read memory, possibly
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) bypassing access controls. Speculative execution side channel exploits
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) do not modify memory but attempt to infer privileged data in the memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) This document covers Spectre variant 1 and Spectre variant 2.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) Affected processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) -------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) Speculative execution side channel methods affect a wide range of modern
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) high performance processors, since most modern high speed processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) use branch prediction and speculative execution.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) The following CPUs are vulnerable:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) - Intel Core, Atom, Pentium, and Xeon processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) - AMD Phenom, EPYC, and Zen processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) - IBM POWER and zSeries processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) - Higher end ARM processors
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) - Apple CPUs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) - Higher end MIPS CPUs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) - Likely most other high performance CPUs. Contact your CPU vendor for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) Whether a processor is affected or not can be read out from the Spectre
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) vulnerability files in sysfs. See :ref:`spectre_sys_info`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) Related CVEs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) ------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) The following CVE entries describe Spectre variants:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) ============= ======================= ==========================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) CVE-2017-5753 Bounds check bypass Spectre variant 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) CVE-2017-5715 Branch target injection Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) CVE-2019-1125 Spectre v1 swapgs Spectre variant 1 (swapgs)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) ============= ======================= ==========================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) Problem
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) -------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) CPUs use speculative operations to improve performance. That may leave
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) traces of memory accesses or computations in the processor's caches,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) buffers, and branch predictors. Malicious software may be able to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) influence the speculative execution paths, and then use the side effects
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) of the speculative execution in the CPUs' caches and buffers to infer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) privileged data touched during the speculative execution.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) Spectre variant 1 attacks take advantage of speculative execution of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) conditional branches, while Spectre variant 2 attacks use speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) execution of indirect branches to leak privileged memory.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) See :ref:`[1] <spec_ref1>` :ref:`[5] <spec_ref5>` :ref:`[6] <spec_ref6>`
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) :ref:`[7] <spec_ref7>` :ref:`[10] <spec_ref10>` :ref:`[11] <spec_ref11>`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) Spectre variant 1 (Bounds Check Bypass)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) ---------------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) The bounds check bypass attack :ref:`[2] <spec_ref2>` takes advantage
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) of speculative execution that bypasses conditional branch instructions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) used for memory access bounds check (e.g. checking if the index of an
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) array results in memory access within a valid range). This results in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) memory accesses to invalid memory (with out-of-bound index) that are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) done speculatively before validation checks resolve. Such speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) memory accesses can leave side effects, creating side channels which
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) leak information to the attacker.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) There are some extensions of Spectre variant 1 attacks for reading data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) over the network, see :ref:`[12] <spec_ref12>`. However such attacks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) are difficult, low bandwidth, fragile, and are considered low risk.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) Note that, despite "Bounds Check Bypass" name, Spectre variant 1 is not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) only about user-controlled array bounds checks. It can affect any
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) conditional checks. The kernel entry code interrupt, exception, and NMI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) handlers all have conditional swapgs checks. Those may be problematic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) in the context of Spectre v1, as kernel code can speculatively run with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) a user GS.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) Spectre variant 2 (Branch Target Injection)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) -------------------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) The branch target injection attack takes advantage of speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) execution of indirect branches :ref:`[3] <spec_ref3>`. The indirect
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) branch predictors inside the processor used to guess the target of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) indirect branches can be influenced by an attacker, causing gadget code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) to be speculatively executed, thus exposing sensitive data touched by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) the victim. The side effects left in the CPU's caches during speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) execution can be measured to infer data values.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) .. _poison_btb:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) In Spectre variant 2 attacks, the attacker can steer speculative indirect
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) branches in the victim to gadget code by poisoning the branch target
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) buffer of a CPU used for predicting indirect branch addresses. Such
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) poisoning could be done by indirect branching into existing code,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) with the address offset of the indirect branch under the attacker's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) control. Since the branch prediction on impacted hardware does not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) fully disambiguate branch address and uses the offset for prediction,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) this could cause privileged code's indirect branch to jump to a gadget
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) code with the same offset.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) The most useful gadgets take an attacker-controlled input parameter (such
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) as a register value) so that the memory read can be controlled. Gadgets
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) without input parameters might be possible, but the attacker would have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) very little control over what memory can be read, reducing the risk of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) the attack revealing useful data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) One other variant 2 attack vector is for the attacker to poison the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) return stack buffer (RSB) :ref:`[13] <spec_ref13>` to cause speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) subroutine return instruction execution to go to a gadget. An attacker's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) imbalanced subroutine call instructions might "poison" entries in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) return stack buffer which are later consumed by a victim's subroutine
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) return instructions. This attack can be mitigated by flushing the return
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) stack buffer on context switch, or virtual machine (VM) exit.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) On systems with simultaneous multi-threading (SMT), attacks are possible
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) from the sibling thread, as level 1 cache and branch target buffer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) (BTB) may be shared between hardware threads in a CPU core. A malicious
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) program running on the sibling thread may influence its peer's BTB to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) steer its indirect branch speculations to gadget code, and measure the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) speculative execution's side effects left in level 1 cache to infer the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) victim's data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) Yet another variant 2 attack vector is for the attacker to poison the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) Branch History Buffer (BHB) to speculatively steer an indirect branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) to a specific Branch Target Buffer (BTB) entry, even if the entry isn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) associated with the source address of the indirect branch. Specifically,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) the BHB might be shared across privilege levels even in the presence of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) Enhanced IBRS.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) Currently the only known real-world BHB attack vector is via
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) unprivileged eBPF. Therefore, it's highly recommended to not enable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) unprivileged eBPF, especially when eIBRS is used (without retpolines).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) For a full mitigation against BHB attacks, it's recommended to use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) retpolines (or eIBRS combined with retpolines).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) Attack scenarios
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) ----------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) The following list of attack scenarios have been anticipated, but may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) not cover all possible attack vectors.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 1. A user process attacking the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) Spectre variant 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) ~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) The attacker passes a parameter to the kernel via a register or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) via a known address in memory during a syscall. Such parameter may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) be used later by the kernel as an index to an array or to derive
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) a pointer for a Spectre variant 1 attack. The index or pointer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) is invalid, but bound checks are bypassed in the code branch taken
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) for speculative execution. This could cause privileged memory to be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) accessed and leaked.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) For kernel code that has been identified where data pointers could
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) potentially be influenced for Spectre attacks, new "nospec" accessor
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) macros are used to prevent speculative loading of data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) Spectre variant 1 (swapgs)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) ~~~~~~~~~~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) An attacker can train the branch predictor to speculatively skip the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) swapgs path for an interrupt or exception. If they initialize
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) the GS register to a user-space value, if the swapgs is speculatively
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) skipped, subsequent GS-related percpu accesses in the speculation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) window will be done with the attacker-controlled GS value. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) could cause privileged memory to be accessed and leaked.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) For example:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) if (coming from user space)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) swapgs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) mov %gs:<percpu_offset>, %reg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) mov (%reg), %reg1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) When coming from user space, the CPU can speculatively skip the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) swapgs, and then do a speculative percpu load using the user GS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) value. So the user can speculatively force a read of any kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) value. If a gadget exists which uses the percpu value as an address
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) in another load/store, then the contents of the kernel value may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) become visible via an L1 side channel attack.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) A similar attack exists when coming from kernel space. The CPU can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) speculatively do the swapgs, causing the user GS to get used for the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) rest of the speculative window.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) ~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) A spectre variant 2 attacker can :ref:`poison <poison_btb>` the branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) target buffer (BTB) before issuing syscall to launch an attack.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) After entering the kernel, the kernel could use the poisoned branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) target buffer on indirect jump and jump to gadget code in speculative
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) execution.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) If an attacker tries to control the memory addresses leaked during
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) speculative execution, he would also need to pass a parameter to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) gadget, either through a register or a known address in memory. After
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) the gadget has executed, he can measure the side effect.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) The kernel can protect itself against consuming poisoned branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) target buffer entries by using return trampolines (also known as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) "retpoline") :ref:`[3] <spec_ref3>` :ref:`[9] <spec_ref9>` for all
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) indirect branches. Return trampolines trap speculative execution paths
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) to prevent jumping to gadget code during speculative execution.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) x86 CPUs with Enhanced Indirect Branch Restricted Speculation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) (Enhanced IBRS) available in hardware should use the feature to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) mitigate Spectre variant 2 instead of retpoline. Enhanced IBRS is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) more efficient than retpoline.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) There may be gadget code in firmware which could be exploited with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) Spectre variant 2 attack by a rogue user process. To mitigate such
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) attacks on x86, Indirect Branch Restricted Speculation (IBRS) feature
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) is turned on before the kernel invokes any firmware code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 2. A user process attacking another user process
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) A malicious user process can try to attack another user process,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) either via a context switch on the same hardware thread, or from the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) sibling hyperthread sharing a physical processor core on simultaneous
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) multi-threading (SMT) system.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) Spectre variant 1 attacks generally require passing parameters
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) between the processes, which needs a data passing relationship, such
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) as remote procedure calls (RPC). Those parameters are used in gadget
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) code to derive invalid data pointers accessing privileged memory in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) the attacked process.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) Spectre variant 2 attacks can be launched from a rogue process by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) :ref:`poisoning <poison_btb>` the branch target buffer. This can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) influence the indirect branch targets for a victim process that either
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) runs later on the same hardware thread, or running concurrently on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) a sibling hardware thread sharing the same physical core.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) A user process can protect itself against Spectre variant 2 attacks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) by using the prctl() syscall to disable indirect branch speculation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) for itself. An administrator can also cordon off an unsafe process
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) from polluting the branch target buffer by disabling the process's
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) indirect branch speculation. This comes with a performance cost
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) from not using indirect branch speculation and clearing the branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) target buffer. When SMT is enabled on x86, for a process that has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) indirect branch speculation disabled, Single Threaded Indirect Branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) Predictors (STIBP) :ref:`[4] <spec_ref4>` are turned on to prevent the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) sibling thread from controlling branch target buffer. In addition,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) the Indirect Branch Prediction Barrier (IBPB) is issued to clear the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) branch target buffer when context switching to and from such process.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) On x86, the return stack buffer is stuffed on context switch.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) This prevents the branch target buffer from being used for branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) prediction when the return stack buffer underflows while switching to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) a deeper call stack. Any poisoned entries in the return stack buffer
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) left by the previous process will also be cleared.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) User programs should use address space randomization to make attacks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) more difficult (Set /proc/sys/kernel/randomize_va_space = 1 or 2).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 3. A virtualized guest attacking the host
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) The attack mechanism is similar to how user processes attack the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) kernel. The kernel is entered via hyper-calls or other virtualization
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) exit paths.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) For Spectre variant 1 attacks, rogue guests can pass parameters
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) (e.g. in registers) via hyper-calls to derive invalid pointers to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) speculate into privileged memory after entering the kernel. For places
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) where such kernel code has been identified, nospec accessor macros
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) are used to stop speculative memory access.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) For Spectre variant 2 attacks, rogue guests can :ref:`poison
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) <poison_btb>` the branch target buffer or return stack buffer, causing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) the kernel to jump to gadget code in the speculative execution paths.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) To mitigate variant 2, the host kernel can use return trampolines
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) for indirect branches to bypass the poisoned branch target buffer,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) and flushing the return stack buffer on VM exit. This prevents rogue
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) guests from affecting indirect branching in the host kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) To protect host processes from rogue guests, host processes can have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) indirect branch speculation disabled via prctl(). The branch target
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) buffer is cleared before context switching to such processes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 4. A virtualized guest attacking other guest
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) A rogue guest may attack another guest to get data accessible by the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) other guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) Spectre variant 1 attacks are possible if parameters can be passed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) between guests. This may be done via mechanisms such as shared memory
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) or message passing. Such parameters could be used to derive data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) pointers to privileged data in guest. The privileged data could be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) accessed by gadget code in the victim's speculation paths.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) Spectre variant 2 attacks can be launched from a rogue guest by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) :ref:`poisoning <poison_btb>` the branch target buffer or the return
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) stack buffer. Such poisoned entries could be used to influence
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) speculation execution paths in the victim guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) Linux kernel mitigates attacks to other guests running in the same
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) CPU hardware thread by flushing the return stack buffer on VM exit,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) and clearing the branch target buffer before switching to a new guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) If SMT is used, Spectre variant 2 attacks from an untrusted guest
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) in the sibling hyperthread can be mitigated by the administrator,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) by turning off the unsafe guest's indirect branch speculation via
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) prctl(). A guest can also protect itself by turning on microcode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) based mitigations (such as IBPB or STIBP on x86) within the guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) .. _spectre_sys_info:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) Spectre system information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) --------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) The Linux kernel provides a sysfs interface to enumerate the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) mitigation status of the system for Spectre: whether the system is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) vulnerable, and which mitigations are active.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) The sysfs file showing Spectre variant 1 mitigation status is:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) /sys/devices/system/cpu/vulnerabilities/spectre_v1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) The possible values in this file are:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) .. list-table::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) * - 'Not affected'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) - The processor is not vulnerable.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) * - 'Vulnerable: __user pointer sanitization and usercopy barriers only; no swapgs barriers'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) - The swapgs protections are disabled; otherwise it has
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) protection in the kernel on a case by case base with explicit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) pointer sanitation and usercopy LFENCE barriers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) * - 'Mitigation: usercopy/swapgs barriers and __user pointer sanitization'
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) - Protection in the kernel on a case by case base with explicit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) pointer sanitation, usercopy LFENCE barriers, and swapgs LFENCE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) barriers.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) However, the protections are put in place on a case by case basis,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) and there is no guarantee that all possible attack vectors for Spectre
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) variant 1 are covered.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) The spectre_v2 kernel file reports if the kernel has been compiled with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) retpoline mitigation or if the CPU has hardware mitigation, and if the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) CPU has support for additional process-specific mitigation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) This file also reports CPU features enabled by microcode to mitigate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) attack between user processes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) 1. Indirect Branch Prediction Barrier (IBPB) to add additional
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) isolation between processes of different users.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) 2. Single Thread Indirect Branch Predictors (STIBP) to add additional
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) isolation between CPU threads running on the same core.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) These CPU features may impact performance when used and can be enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) per process on a case-by-case base.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) The sysfs file showing Spectre variant 2 mitigation status is:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) /sys/devices/system/cpu/vulnerabilities/spectre_v2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) The possible values in this file are:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) - Kernel status:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) ======================================== =================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) 'Not affected' The processor is not vulnerable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) 'Mitigation: None' Vulnerable, no mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) 'Mitigation: Retpolines' Use Retpoline thunks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) 'Mitigation: LFENCE' Use LFENCE instructions
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) 'Mitigation: Enhanced IBRS' Hardware-focused mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) 'Mitigation: Enhanced IBRS + Retpolines' Hardware-focused + Retpolines
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) 'Mitigation: Enhanced IBRS + LFENCE' Hardware-focused + LFENCE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) ======================================== =================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) - Firmware status: Show if Indirect Branch Restricted Speculation (IBRS) is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) used to protect against Spectre variant 2 attacks when calling firmware (x86 only).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) ========== =============================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) 'IBRS_FW' Protection against user program attacks when calling firmware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) ========== =============================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) - Indirect branch prediction barrier (IBPB) status for protection between
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) processes of different users. This feature can be controlled through
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) prctl() per process, or through kernel command line options. This is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) an x86 only feature. For more details see below.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) =================== ========================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) 'IBPB: disabled' IBPB unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) 'IBPB: always-on' Use IBPB on all tasks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) 'IBPB: conditional' Use IBPB on SECCOMP or indirect branch restricted tasks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) =================== ========================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) - Single threaded indirect branch prediction (STIBP) status for protection
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) between different hyper threads. This feature can be controlled through
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) prctl per process, or through kernel command line options. This is x86
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) only feature. For more details see below.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) ==================== ========================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) 'STIBP: disabled' STIBP unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) 'STIBP: forced' Use STIBP on all tasks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) 'STIBP: conditional' Use STIBP on SECCOMP or indirect branch restricted tasks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) ==================== ========================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) - Return stack buffer (RSB) protection status:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) ============= ===========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) 'RSB filling' Protection of RSB on context switch enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) ============= ===========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) Full mitigation might require a microcode update from the CPU
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) vendor. When the necessary microcode is not available, the kernel will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) report vulnerability.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) Turning on mitigation for Spectre variant 1 and Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) -----------------------------------------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) 1. Kernel mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) ^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) Spectre variant 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) ~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) For the Spectre variant 1, vulnerable kernel code (as determined
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) by code audit or scanning tools) is annotated on a case by case
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) basis to use nospec accessor macros for bounds clipping :ref:`[2]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) <spec_ref2>` to avoid any usable disclosure gadgets. However, it may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) not cover all attack vectors for Spectre variant 1.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) Copy-from-user code has an LFENCE barrier to prevent the access_ok()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) check from being mis-speculated. The barrier is done by the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) barrier_nospec() macro.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) For the swapgs variant of Spectre variant 1, LFENCE barriers are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) added to interrupt, exception and NMI entry where needed. These
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) barriers are done by the FENCE_SWAPGS_KERNEL_ENTRY and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) FENCE_SWAPGS_USER_ENTRY macros.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) ~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) For Spectre variant 2 mitigation, the compiler turns indirect calls or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) jumps in the kernel into equivalent return trampolines (retpolines)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) :ref:`[3] <spec_ref3>` :ref:`[9] <spec_ref9>` to go to the target
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) addresses. Speculative execution paths under retpolines are trapped
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) in an infinite loop to prevent any speculative execution jumping to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) a gadget.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) To turn on retpoline mitigation on a vulnerable CPU, the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) needs to be compiled with a gcc compiler that supports the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) -mindirect-branch=thunk-extern -mindirect-branch-register options.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) If the kernel is compiled with a Clang compiler, the compiler needs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) to support -mretpoline-external-thunk option. The kernel config
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) the latest updated microcode.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) On Intel Skylake-era systems the mitigation covers most, but not all,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) cases. See :ref:`[3] <spec_ref3>` for more details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) On CPUs with hardware mitigation for Spectre variant 2 (e.g. Enhanced
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) IBRS on x86), retpoline is automatically disabled at run time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) The retpoline mitigation is turned on by default on vulnerable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) CPUs. It can be forced on or off by the administrator
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) via the kernel command line and sysfs control files. See
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) :ref:`spectre_mitigation_control_command_line`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) On x86, indirect branch restricted speculation is turned on by default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) before invoking any firmware code to prevent Spectre variant 2 exploits
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) using the firmware.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) Using kernel address space randomization (CONFIG_RANDOMIZE_BASE=y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) and CONFIG_SLAB_FREELIST_RANDOM=y in the kernel configuration) makes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) attacks on the kernel generally more difficult.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) 2. User program mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) ^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) User programs can mitigate Spectre variant 1 using LFENCE or "bounds
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) clipping". For more details see :ref:`[2] <spec_ref2>`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) For Spectre variant 2 mitigation, individual user programs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) can be compiled with return trampolines for indirect branches.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) This protects them from consuming poisoned entries in the branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) target buffer left by malicious software. Alternatively, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) programs can disable their indirect branch speculation via prctl()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) (See :ref:`Documentation/userspace-api/spec_ctrl.rst <set_spec_ctrl>`).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) On x86, this will turn on STIBP to guard against attacks from the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) sibling thread when the user program is running, and use IBPB to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) flush the branch target buffer when switching to/from the program.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) Restricting indirect branch speculation on a user program will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) also prevent the program from launching a variant 2 attack
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) on x86. All sand-boxed SECCOMP programs have indirect branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) speculation restricted by default. Administrators can change
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) that behavior via the kernel command line and sysfs control files.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) See :ref:`spectre_mitigation_control_command_line`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) Programs that disable their indirect branch speculation will have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) more overhead and run slower.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) User programs should use address space randomization
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) (/proc/sys/kernel/randomize_va_space = 1 or 2) to make attacks more
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) difficult.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) 3. VM mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) ^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) Within the kernel, Spectre variant 1 attacks from rogue guests are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) mitigated on a case by case basis in VM exit paths. Vulnerable code
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) uses nospec accessor macros for "bounds clipping", to avoid any
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) usable disclosure gadgets. However, this may not cover all variant
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) 1 attack vectors.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) For Spectre variant 2 attacks from rogue guests to the kernel, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) Linux kernel uses retpoline or Enhanced IBRS to prevent consumption of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) poisoned entries in branch target buffer left by rogue guests. It also
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) flushes the return stack buffer on every VM exit to prevent a return
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) stack buffer underflow so poisoned branch target buffer could be used,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) or attacker guests leaving poisoned entries in the return stack buffer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) To mitigate guest-to-guest attacks in the same CPU hardware thread,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) the branch target buffer is sanitized by flushing before switching
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) to a new guest on a CPU.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) The above mitigations are turned on by default on vulnerable CPUs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) To mitigate guest-to-guest attacks from sibling thread when SMT is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) in use, an untrusted guest running in the sibling thread can have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) its indirect branch speculation disabled by administrator via prctl().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) The kernel also allows guests to use any microcode based mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) they choose to use (such as IBPB or STIBP on x86) to protect themselves.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) .. _spectre_mitigation_control_command_line:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) Mitigation control on the kernel command line
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) ---------------------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) Spectre variant 2 mitigation can be disabled or force enabled at the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) kernel command line.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) nospectre_v1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) [X86,PPC] Disable mitigations for Spectre Variant 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) (bounds check bypass). With this option data leaks are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) possible in the system.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) nospectre_v2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) [X86] Disable all mitigations for the Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) (indirect branch prediction) vulnerability. System may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) allow data leaks with this option, which is equivalent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) to spectre_v2=off.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) spectre_v2=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) [X86] Control mitigation of Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) (indirect branch speculation) vulnerability.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) The default operation protects the kernel from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) user space attacks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) unconditionally enable, implies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) spectre_v2_user=on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) off
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) unconditionally disable, implies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) spectre_v2_user=off
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) auto
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) kernel detects whether your CPU model is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) vulnerable
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) Selecting 'on' will, and 'auto' may, choose a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) mitigation method at run time according to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) CPU, the available microcode, the setting of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) CONFIG_RETPOLINE configuration option, and the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) compiler with which the kernel was built.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) Selecting 'on' will also enable the mitigation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) against user space to user space task attacks.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) Selecting 'off' will disable both the kernel and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) the user space protections.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) Specific mitigations can also be selected manually:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) retpoline auto pick between generic,lfence
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) retpoline,generic Retpolines
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) retpoline,lfence LFENCE; indirect branch
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) retpoline,amd alias for retpoline,lfence
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) eibrs enhanced IBRS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) eibrs,retpoline enhanced IBRS + Retpolines
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) eibrs,lfence enhanced IBRS + LFENCE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) Not specifying this option is equivalent to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) spectre_v2=auto.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) For user space mitigation:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) spectre_v2_user=
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) [X86] Control mitigation of Spectre variant 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) (indirect branch speculation) vulnerability between
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) user space tasks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) Unconditionally enable mitigations. Is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) enforced by spectre_v2=on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) off
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) Unconditionally disable mitigations. Is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) enforced by spectre_v2=off
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) prctl
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) Indirect branch speculation is enabled,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) but mitigation can be enabled via prctl
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) per thread. The mitigation control state
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) is inherited on fork.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) prctl,ibpb
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) Like "prctl" above, but only STIBP is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) controlled per thread. IBPB is issued
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) always when switching between different user
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) space processes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) seccomp
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) Same as "prctl" above, but all seccomp
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) threads will enable the mitigation unless
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) they explicitly opt out.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) seccomp,ibpb
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) Like "seccomp" above, but only STIBP is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) controlled per thread. IBPB is issued
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) always when switching between different
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) user space processes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) auto
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) Kernel selects the mitigation depending on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) the available CPU features and vulnerability.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) Default mitigation:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) If CONFIG_SECCOMP=y then "seccomp", otherwise "prctl"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) Not specifying this option is equivalent to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) spectre_v2_user=auto.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) In general the kernel by default selects
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) reasonable mitigations for the current CPU. To
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) disable Spectre variant 2 mitigations, boot with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) spectre_v2=off. Spectre variant 1 mitigations
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) cannot be disabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) Mitigation selection guide
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) --------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) 1. Trusted userspace
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) ^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) If all userspace applications are from trusted sources and do not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) execute externally supplied untrusted code, then the mitigations can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) be disabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) 2. Protect sensitive programs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) For security-sensitive programs that have secrets (e.g. crypto
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) keys), protection against Spectre variant 2 can be put in place by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) disabling indirect branch speculation when the program is running
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) (See :ref:`Documentation/userspace-api/spec_ctrl.rst <set_spec_ctrl>`).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) 3. Sandbox untrusted programs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) Untrusted programs that could be a source of attacks can be cordoned
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) off by disabling their indirect branch speculation when they are run
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) (See :ref:`Documentation/userspace-api/spec_ctrl.rst <set_spec_ctrl>`).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) This prevents untrusted programs from polluting the branch target
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) buffer. All programs running in SECCOMP sandboxes have indirect
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) branch speculation restricted by default. This behavior can be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) changed via the kernel command line and sysfs control files. See
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) :ref:`spectre_mitigation_control_command_line`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) 3. High security mode
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) ^^^^^^^^^^^^^^^^^^^^^
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) All Spectre variant 2 mitigations can be forced on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) at boot time for all programs (See the "on" option in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) :ref:`spectre_mitigation_control_command_line`). This will add
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) overhead as indirect branch speculations for all programs will be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) restricted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) On x86, branch target buffer will be flushed with IBPB when switching
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) to a new program. STIBP is left on all the time to protect programs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) against variant 2 attacks originating from programs running on
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) sibling threads.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712) Alternatively, STIBP can be used only when running programs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) whose indirect branch speculation is explicitly disabled,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) while IBPB is still used all the time when switching to a new
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) program to clear the branch target buffer (See "ibpb" option in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) :ref:`spectre_mitigation_control_command_line`). This "ibpb" option
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) has less performance cost than the "on" option, which leaves STIBP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) on all the time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) References on Spectre
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) ---------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) Intel white papers:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) .. _spec_ref1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) [1] `Intel analysis of speculative execution side channels <https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) .. _spec_ref2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) [2] `Bounds check bypass <https://software.intel.com/security-software-guidance/software-guidance/bounds-check-bypass>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) .. _spec_ref3:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) [3] `Deep dive: Retpoline: A branch target injection mitigation <https://software.intel.com/security-software-guidance/insights/deep-dive-retpoline-branch-target-injection-mitigation>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) .. _spec_ref4:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) [4] `Deep Dive: Single Thread Indirect Branch Predictors <https://software.intel.com/security-software-guidance/insights/deep-dive-single-thread-indirect-branch-predictors>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) AMD white papers:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) .. _spec_ref5:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) [5] `AMD64 technology indirect branch control extension <https://developer.amd.com/wp-content/resources/Architecture_Guidelines_Update_Indirect_Branch_Control.pdf>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) .. _spec_ref6:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749) [6] `Software techniques for managing speculation on AMD processors <https://developer.amd.com/wp-content/resources/Managing-Speculation-on-AMD-Processors.pdf>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) ARM white papers:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 753) .. _spec_ref7:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 754)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 755) [7] `Cache speculation side-channels <https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/download-the-whitepaper>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 756)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 757) .. _spec_ref8:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 758)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 759) [8] `Cache speculation issues update <https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/latest-updates/cache-speculation-issues-update>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 760)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 761) Google white paper:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 762)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 763) .. _spec_ref9:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 764)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 765) [9] `Retpoline: a software construct for preventing branch-target-injection <https://support.google.com/faqs/answer/7625886>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 766)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 767) MIPS white paper:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 768)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 769) .. _spec_ref10:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 770)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 771) [10] `MIPS: response on speculative execution and side channel vulnerabilities <https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 772)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 773) Academic papers:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 774)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 775) .. _spec_ref11:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 776)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 777) [11] `Spectre Attacks: Exploiting Speculative Execution <https://spectreattack.com/spectre.pdf>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 778)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 779) .. _spec_ref12:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 780)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 781) [12] `NetSpectre: Read Arbitrary Memory over Network <https://arxiv.org/abs/1807.10535>`_.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 782)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 783) .. _spec_ref13:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 784)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 785) [13] `Spectre Returns! Speculation Attacks using the Return Stack Buffer <https://www.usenix.org/system/files/conference/woot18/woot18-paper-koruyeh.pdf>`_.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags