Diffusion FreeBSD src repository 17edf152e556

Control for Special Register Buffer Data Sampling mitigation.
17edf152e556
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

Control for Special Register Buffer Data Sampling mitigation.

New microcode update for Intel enables mitigation for SRBDS, which
slows down RDSEED and related instructions. The update also provides
a control to limit the mitigation to SGX enclaves, which should
restore the speed of random generator by the cost of potential
cross-core bufer sampling.

See https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling

GIve the user control over it.

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D25221

Details

Provenance

kib	Authored on Jun 12 2020, 10:14 PM

Parents

rG958d257ed5e9: x86: add bits definitions for SRBDS mitigation control.

Branches

Unknown

Tags

Unknown

Event Timeline

zlei mentioned this in D42249: amd64: Fix two typos of loader tunables.Oct 17 2023, 8:42 AM

zlei mentioned this in rGafbb8041a063: amd64: Fix two typos of loader tunables.Oct 19 2023, 3:25 PM

zlei mentioned this in rG032a0b44541f: amd64: Fix two typos of loader tunables.Oct 21 2023, 2:43 PM

zlei mentioned this in rGa72ab19000bd: amd64: Fix two typos of loader tunables.Oct 21 2023, 2:47 PM

zlei mentioned this in rG5173f00ae2e6: amd64: Fix two typos of loader tunables.Oct 21 2023, 2:53 PM

Changes (6)

Path

Size

share/

man/

man7/

sys/

amd64/

amd64/

dev/

cpuctl/

x86/

include/

x86/

rG17edf152e556

share/man/man7/security.7

Loading...

sys/amd64/amd64/initcpu.c

Loading...

sys/amd64/amd64/machdep.c

Loading...

sys/dev/cpuctl/cpuctl.c

Loading...

sys/x86/include/x86_var.h

Loading...

sys/x86/x86/cpu_machdep.c

Loading...