Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/Documentation/userspace-api/spec_ctrl.rst 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) ===================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) Speculation Control
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3) ===================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) Quite some CPUs have speculation-related misfeatures which are in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) fact vulnerabilities causing data leaks in various forms even across
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) privilege domains.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) The kernel provides mitigation for such vulnerabilities in various
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) forms. Some of these mitigations are compile-time configurable and some
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) can be supplied on the kernel command line.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) There is also a class of mitigations which are very expensive, but they can
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) be restricted to a certain set of processes or tasks in controlled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) environments. The mechanism to control these mitigations is via
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) :manpage:`prctl(2)`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) There are two prctl options which are related to this:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  * PR_GET_SPECULATION_CTRL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22)  * PR_SET_SPECULATION_CTRL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) PR_GET_SPECULATION_CTRL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) -----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) PR_GET_SPECULATION_CTRL returns the state of the speculation misfeature
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) which is selected with arg2 of prctl(2). The return value uses bits 0-3 with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) the following meaning:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) ==== ====================== ==================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) Bit  Define                 Description
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) ==== ====================== ==================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 0    PR_SPEC_PRCTL          Mitigation can be controlled per task by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35)                             PR_SET_SPECULATION_CTRL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 1    PR_SPEC_ENABLE         The speculation feature is enabled, mitigation is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37)                             disabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 2    PR_SPEC_DISABLE        The speculation feature is disabled, mitigation is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39)                             enabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 3    PR_SPEC_FORCE_DISABLE  Same as PR_SPEC_DISABLE, but cannot be undone. A
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41)                             subsequent prctl(..., PR_SPEC_ENABLE) will fail.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 4    PR_SPEC_DISABLE_NOEXEC Same as PR_SPEC_DISABLE, but the state will be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43)                             cleared on :manpage:`execve(2)`.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) ==== ====================== ==================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) If all bits are 0 the CPU is not affected by the speculation misfeature.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) If PR_SPEC_PRCTL is set, then the per-task control of the mitigation is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) available. If not set, prctl(PR_SET_SPECULATION_CTRL) for the speculation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) misfeature will fail.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) .. _set_spec_ctrl:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) PR_SET_SPECULATION_CTRL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) -----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) PR_SET_SPECULATION_CTRL allows to control the speculation misfeature, which
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) is selected by arg2 of :manpage:`prctl(2)` per task. arg3 is used to hand
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) in the control value, i.e. either PR_SPEC_ENABLE or PR_SPEC_DISABLE or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) PR_SPEC_FORCE_DISABLE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) Common error codes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) ------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) Value   Meaning
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) EINVAL  The prctl is not implemented by the architecture or unused
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68)         prctl(2) arguments are not 0.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) ENODEV  arg2 is selecting a not supported speculation misfeature.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) PR_SET_SPECULATION_CTRL error codes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) -----------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) Value   Meaning
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 0       Success
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) ERANGE  arg3 is incorrect, i.e. it's neither PR_SPEC_ENABLE nor
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81)         PR_SPEC_DISABLE nor PR_SPEC_FORCE_DISABLE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) ENXIO   Control of the selected speculation misfeature is not possible.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84)         See PR_GET_SPECULATION_CTRL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) EPERM   Speculation was disabled with PR_SPEC_FORCE_DISABLE and caller
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87)         tried to enable it again.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) ======= =================================================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) Speculation misfeature controls
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) -------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) - PR_SPEC_STORE_BYPASS: Speculative Store Bypass
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94)   Invocations:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95)    * prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, 0, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_ENABLE, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_FORCE_DISABLE, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE_NOEXEC, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) - PR_SPEC_INDIR_BRANCH: Indirect Branch Speculation in User Processes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)                         (Mitigate Spectre V2 style attacks against user processes)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104)   Invocations:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)    * prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, 0, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_ENABLE, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_DISABLE, 0, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108)    * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_FORCE_DISABLE, 0, 0);
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.