Page MenuHomeFreeBSD

Implement the SSBD (CVE-2018-3639) workaround on arm64
ClosedPublic

Authored by andrew on Jun 15 2018, 10:08 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 18, 2:50 PM
Unknown Object (File)
Sun, Dec 15, 4:27 PM
Unknown Object (File)
Nov 19 2024, 2:13 AM
Unknown Object (File)
Nov 11 2024, 5:41 AM
Unknown Object (File)
Oct 21 2024, 10:41 AM
Unknown Object (File)
Oct 11 2024, 6:24 AM
Unknown Object (File)
Sep 12 2024, 1:47 PM
Unknown Object (File)
Aug 30 2024, 1:53 PM

Details

Summary

This calls into the Arm Trusted Firmware to enable and disable the workaround
for the Speculative Store Bypass Disable (SSBD) issue, also known as Spectre
Variant 4.

As this may have a large performance overhead, and how exploitable SSBD is
is unknown we follow the Linux lead of allowing the administrator to select
between always on, always off, or only enabled in the kernel, with the latter
being the default.

PR: 228955

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Fix the SMCCC_ARCH_WORKAROUND_2 function ID

delphij added reviewers: kib, emaste.
delphij added a subscriber: delphij.

Adding kib@ and emaste@. (I think secteam@ do want to pay attention on this one but is probably more of a "FYI" or "Cc" role rather than a reviewer but thanks for the heads up).

This revision was not accepted when it landed; it landed in state Needs Review.Jul 31 2018, 12:53 PM
This revision was automatically updated to reflect the committed changes.