Loading Documentation/networking/ip-sysctl.txt +3 −1 Original line number Diff line number Diff line Loading @@ -912,12 +912,14 @@ icmp_ratelimit - INTEGER icmp_msgs_per_sec - INTEGER Limit maximal number of ICMP packets sent per second from this host. Only messages whose type matches icmp_ratemask (see below) are controlled by this limit. controlled by this limit. For security reasons, the precise count of messages per second is randomized. Default: 1000 icmp_msgs_burst - INTEGER icmp_msgs_per_sec controls number of ICMP packets sent per second, while icmp_msgs_burst controls the burst size of these packets. For security reasons, the precise burst size is randomized. Default: 50 icmp_ratemask - INTEGER Loading arch/x86/kernel/cpu/bugs.c +50 −25 Original line number Diff line number Diff line Loading @@ -487,7 +487,9 @@ early_param("nospectre_v1", nospectre_v1_cmdline); static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = SPECTRE_V2_NONE; static enum spectre_v2_user_mitigation spectre_v2_user __ro_after_init = static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init = SPECTRE_V2_USER_NONE; static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init = SPECTRE_V2_USER_NONE; #ifdef RETPOLINE Loading Loading @@ -654,22 +656,35 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd) pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n", static_key_enabled(&switch_mm_always_ibpb) ? "always-on" : "conditional"); spectre_v2_user_ibpb = mode; } /* If enhanced IBRS is enabled no STIPB required */ if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) /* * If enhanced IBRS is enabled or SMT impossible, STIBP is not * required. */ if (!smt_possible || spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) return; /* * If SMT is not possible or STIBP is not available clear the STIPB * mode. * At this point, an STIBP mode other than "off" has been set. * If STIBP support is not being forced, check if STIBP always-on * is preferred. */ if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP)) if (mode != SPECTRE_V2_USER_STRICT && boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) mode = SPECTRE_V2_USER_STRICT_PREFERRED; /* * If STIBP is not available, clear the STIBP mode. */ if (!boot_cpu_has(X86_FEATURE_STIBP)) mode = SPECTRE_V2_USER_NONE; spectre_v2_user_stibp = mode; set_mode: spectre_v2_user = mode; /* Only print the STIBP mode when SMT possible */ if (smt_possible) pr_info("%s\n", spectre_v2_user_strings[mode]); } Loading Loading @@ -910,7 +925,7 @@ void arch_smt_update(void) { mutex_lock(&spec_ctrl_mutex); switch (spectre_v2_user) { switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: break; case SPECTRE_V2_USER_STRICT: Loading Loading @@ -1142,13 +1157,16 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) { switch (ctrl) { case PR_SPEC_ENABLE: if (spectre_v2_user == SPECTRE_V2_USER_NONE) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return 0; /* * Indirect branch speculation is always disabled in strict * mode. */ if (spectre_v2_user == SPECTRE_V2_USER_STRICT) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return -EPERM; task_clear_spec_ib_disable(task); task_update_spec_tif(task); Loading @@ -1159,9 +1177,12 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) * Indirect branch speculation is always allowed when * mitigation is force disabled. */ if (spectre_v2_user == SPECTRE_V2_USER_NONE) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return -EPERM; if (spectre_v2_user == SPECTRE_V2_USER_STRICT) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return 0; task_set_spec_ib_disable(task); if (ctrl == PR_SPEC_FORCE_DISABLE) Loading Loading @@ -1192,7 +1213,8 @@ void arch_seccomp_spec_mitigate(struct task_struct *task) { if (ssb_mode == SPEC_STORE_BYPASS_SECCOMP) ssb_prctl_set(task, PR_SPEC_FORCE_DISABLE); if (spectre_v2_user == SPECTRE_V2_USER_SECCOMP) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) ib_prctl_set(task, PR_SPEC_FORCE_DISABLE); } #endif Loading Loading @@ -1221,22 +1243,25 @@ static int ib_prctl_get(struct task_struct *task) if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) return PR_SPEC_NOT_AFFECTED; switch (spectre_v2_user) { case SPECTRE_V2_USER_NONE: if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return PR_SPEC_ENABLE; case SPECTRE_V2_USER_PRCTL: case SPECTRE_V2_USER_SECCOMP: else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return PR_SPEC_DISABLE; else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_PRCTL || spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || spectre_v2_user_stibp == SPECTRE_V2_USER_PRCTL || spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) { if (task_spec_ib_force_disable(task)) return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE; if (task_spec_ib_disable(task)) return PR_SPEC_PRCTL | PR_SPEC_DISABLE; return PR_SPEC_PRCTL | PR_SPEC_ENABLE; case SPECTRE_V2_USER_STRICT: return PR_SPEC_DISABLE; default: } else return PR_SPEC_NOT_AFFECTED; } } int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which) { Loading Loading @@ -1476,7 +1501,7 @@ static char *stibp_state(void) if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) return ""; switch (spectre_v2_user) { switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: return ", STIBP: disabled"; case SPECTRE_V2_USER_STRICT: Loading arch/x86/kernel/process.c +10 −18 Original line number Diff line number Diff line Loading @@ -324,28 +324,20 @@ static __always_inline void __speculation_ctrl_update(unsigned long tifp, u64 msr = x86_spec_ctrl_base; bool updmsr = false; /* * If TIF_SSBD is different, select the proper mitigation * method. Note that if SSBD mitigation is disabled or permanentely * enabled this branch can't be taken because nothing can set * TIF_SSBD. */ if (tif_diff & _TIF_SSBD) { /* Handle change of TIF_SSBD depending on the mitigation method. */ if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) { if (tif_diff & _TIF_SSBD) amd_set_ssb_virt_state(tifn); } else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) { if (tif_diff & _TIF_SSBD) amd_set_core_ssb_state(tifn); } else if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD) || static_cpu_has(X86_FEATURE_AMD_SSBD)) { updmsr |= !!(tif_diff & _TIF_SSBD); msr |= ssbd_tif_to_spec_ctrl(tifn); updmsr = true; } } /* * Only evaluate TIF_SPEC_IB if conditional STIBP is enabled, * otherwise avoid the MSR write. */ /* Only evaluate TIF_SPEC_IB if conditional STIBP is enabled. */ if (IS_ENABLED(CONFIG_SMP) && static_branch_unlikely(&switch_to_cond_stibp)) { updmsr |= !!(tif_diff & _TIF_SPEC_IB); Loading drivers/android/binder.c +10 −25 Original line number Diff line number Diff line Loading @@ -281,7 +281,7 @@ struct binder_device { struct binder_work { struct list_head entry; enum { enum binder_work_type { BINDER_WORK_TRANSACTION = 1, BINDER_WORK_TRANSACTION_COMPLETE, BINDER_WORK_RETURN_ERROR, Loading Loading @@ -938,27 +938,6 @@ static struct binder_work *binder_dequeue_work_head_ilocked( return w; } /** * binder_dequeue_work_head() - Dequeues the item at head of list * @proc: binder_proc associated with list * @list: list to dequeue head * * Removes the head of the list if there are items on the list * * Return: pointer dequeued binder_work, NULL if list was empty */ static struct binder_work *binder_dequeue_work_head( struct binder_proc *proc, struct list_head *list) { struct binder_work *w; binder_inner_proc_lock(proc); w = binder_dequeue_work_head_ilocked(list); binder_inner_proc_unlock(proc); return w; } static void binder_defer_work(struct binder_proc *proc, enum binder_deferred_state defer); static void binder_free_thread(struct binder_thread *thread); Loading Loading @@ -4584,13 +4563,17 @@ static void binder_release_work(struct binder_proc *proc, struct list_head *list) { struct binder_work *w; enum binder_work_type wtype; while (1) { w = binder_dequeue_work_head(proc, list); binder_inner_proc_lock(proc); w = binder_dequeue_work_head_ilocked(list); wtype = w ? w->type : 0; binder_inner_proc_unlock(proc); if (!w) return; switch (w->type) { switch (wtype) { case BINDER_WORK_TRANSACTION: { struct binder_transaction *t; Loading Loading @@ -4624,9 +4607,11 @@ static void binder_release_work(struct binder_proc *proc, kfree(death); binder_stats_deleted(BINDER_STAT_DEATH); } break; case BINDER_WORK_NODE: break; default: pr_err("unexpected work type, %d, not freed\n", w->type); wtype); break; } } Loading drivers/char/adsprpc.c +9 −7 Original line number Diff line number Diff line Loading @@ -2728,6 +2728,7 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl, mutex_unlock(&fl->fl_map_mutex); if (err) goto bail; if (map) { VERIFY(err, !fastrpc_munmap_on_dsp(fl, map->raddr, map->phys, map->size, map->flags)); if (err) Loading @@ -2735,6 +2736,7 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl, mutex_lock(&fl->fl_map_mutex); fastrpc_mmap_free(map, 0); mutex_unlock(&fl->fl_map_mutex); } bail: if (err && map) { mutex_lock(&fl->fl_map_mutex); Loading Loading
Documentation/networking/ip-sysctl.txt +3 −1 Original line number Diff line number Diff line Loading @@ -912,12 +912,14 @@ icmp_ratelimit - INTEGER icmp_msgs_per_sec - INTEGER Limit maximal number of ICMP packets sent per second from this host. Only messages whose type matches icmp_ratemask (see below) are controlled by this limit. controlled by this limit. For security reasons, the precise count of messages per second is randomized. Default: 1000 icmp_msgs_burst - INTEGER icmp_msgs_per_sec controls number of ICMP packets sent per second, while icmp_msgs_burst controls the burst size of these packets. For security reasons, the precise burst size is randomized. Default: 50 icmp_ratemask - INTEGER Loading
arch/x86/kernel/cpu/bugs.c +50 −25 Original line number Diff line number Diff line Loading @@ -487,7 +487,9 @@ early_param("nospectre_v1", nospectre_v1_cmdline); static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = SPECTRE_V2_NONE; static enum spectre_v2_user_mitigation spectre_v2_user __ro_after_init = static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init = SPECTRE_V2_USER_NONE; static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init = SPECTRE_V2_USER_NONE; #ifdef RETPOLINE Loading Loading @@ -654,22 +656,35 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd) pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n", static_key_enabled(&switch_mm_always_ibpb) ? "always-on" : "conditional"); spectre_v2_user_ibpb = mode; } /* If enhanced IBRS is enabled no STIPB required */ if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) /* * If enhanced IBRS is enabled or SMT impossible, STIBP is not * required. */ if (!smt_possible || spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) return; /* * If SMT is not possible or STIBP is not available clear the STIPB * mode. * At this point, an STIBP mode other than "off" has been set. * If STIBP support is not being forced, check if STIBP always-on * is preferred. */ if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP)) if (mode != SPECTRE_V2_USER_STRICT && boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) mode = SPECTRE_V2_USER_STRICT_PREFERRED; /* * If STIBP is not available, clear the STIBP mode. */ if (!boot_cpu_has(X86_FEATURE_STIBP)) mode = SPECTRE_V2_USER_NONE; spectre_v2_user_stibp = mode; set_mode: spectre_v2_user = mode; /* Only print the STIBP mode when SMT possible */ if (smt_possible) pr_info("%s\n", spectre_v2_user_strings[mode]); } Loading Loading @@ -910,7 +925,7 @@ void arch_smt_update(void) { mutex_lock(&spec_ctrl_mutex); switch (spectre_v2_user) { switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: break; case SPECTRE_V2_USER_STRICT: Loading Loading @@ -1142,13 +1157,16 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) { switch (ctrl) { case PR_SPEC_ENABLE: if (spectre_v2_user == SPECTRE_V2_USER_NONE) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return 0; /* * Indirect branch speculation is always disabled in strict * mode. */ if (spectre_v2_user == SPECTRE_V2_USER_STRICT) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return -EPERM; task_clear_spec_ib_disable(task); task_update_spec_tif(task); Loading @@ -1159,9 +1177,12 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) * Indirect branch speculation is always allowed when * mitigation is force disabled. */ if (spectre_v2_user == SPECTRE_V2_USER_NONE) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return -EPERM; if (spectre_v2_user == SPECTRE_V2_USER_STRICT) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return 0; task_set_spec_ib_disable(task); if (ctrl == PR_SPEC_FORCE_DISABLE) Loading Loading @@ -1192,7 +1213,8 @@ void arch_seccomp_spec_mitigate(struct task_struct *task) { if (ssb_mode == SPEC_STORE_BYPASS_SECCOMP) ssb_prctl_set(task, PR_SPEC_FORCE_DISABLE); if (spectre_v2_user == SPECTRE_V2_USER_SECCOMP) if (spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) ib_prctl_set(task, PR_SPEC_FORCE_DISABLE); } #endif Loading Loading @@ -1221,22 +1243,25 @@ static int ib_prctl_get(struct task_struct *task) if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) return PR_SPEC_NOT_AFFECTED; switch (spectre_v2_user) { case SPECTRE_V2_USER_NONE: if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) return PR_SPEC_ENABLE; case SPECTRE_V2_USER_PRCTL: case SPECTRE_V2_USER_SECCOMP: else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) return PR_SPEC_DISABLE; else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_PRCTL || spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || spectre_v2_user_stibp == SPECTRE_V2_USER_PRCTL || spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) { if (task_spec_ib_force_disable(task)) return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE; if (task_spec_ib_disable(task)) return PR_SPEC_PRCTL | PR_SPEC_DISABLE; return PR_SPEC_PRCTL | PR_SPEC_ENABLE; case SPECTRE_V2_USER_STRICT: return PR_SPEC_DISABLE; default: } else return PR_SPEC_NOT_AFFECTED; } } int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which) { Loading Loading @@ -1476,7 +1501,7 @@ static char *stibp_state(void) if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) return ""; switch (spectre_v2_user) { switch (spectre_v2_user_stibp) { case SPECTRE_V2_USER_NONE: return ", STIBP: disabled"; case SPECTRE_V2_USER_STRICT: Loading
arch/x86/kernel/process.c +10 −18 Original line number Diff line number Diff line Loading @@ -324,28 +324,20 @@ static __always_inline void __speculation_ctrl_update(unsigned long tifp, u64 msr = x86_spec_ctrl_base; bool updmsr = false; /* * If TIF_SSBD is different, select the proper mitigation * method. Note that if SSBD mitigation is disabled or permanentely * enabled this branch can't be taken because nothing can set * TIF_SSBD. */ if (tif_diff & _TIF_SSBD) { /* Handle change of TIF_SSBD depending on the mitigation method. */ if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) { if (tif_diff & _TIF_SSBD) amd_set_ssb_virt_state(tifn); } else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) { if (tif_diff & _TIF_SSBD) amd_set_core_ssb_state(tifn); } else if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD) || static_cpu_has(X86_FEATURE_AMD_SSBD)) { updmsr |= !!(tif_diff & _TIF_SSBD); msr |= ssbd_tif_to_spec_ctrl(tifn); updmsr = true; } } /* * Only evaluate TIF_SPEC_IB if conditional STIBP is enabled, * otherwise avoid the MSR write. */ /* Only evaluate TIF_SPEC_IB if conditional STIBP is enabled. */ if (IS_ENABLED(CONFIG_SMP) && static_branch_unlikely(&switch_to_cond_stibp)) { updmsr |= !!(tif_diff & _TIF_SPEC_IB); Loading
drivers/android/binder.c +10 −25 Original line number Diff line number Diff line Loading @@ -281,7 +281,7 @@ struct binder_device { struct binder_work { struct list_head entry; enum { enum binder_work_type { BINDER_WORK_TRANSACTION = 1, BINDER_WORK_TRANSACTION_COMPLETE, BINDER_WORK_RETURN_ERROR, Loading Loading @@ -938,27 +938,6 @@ static struct binder_work *binder_dequeue_work_head_ilocked( return w; } /** * binder_dequeue_work_head() - Dequeues the item at head of list * @proc: binder_proc associated with list * @list: list to dequeue head * * Removes the head of the list if there are items on the list * * Return: pointer dequeued binder_work, NULL if list was empty */ static struct binder_work *binder_dequeue_work_head( struct binder_proc *proc, struct list_head *list) { struct binder_work *w; binder_inner_proc_lock(proc); w = binder_dequeue_work_head_ilocked(list); binder_inner_proc_unlock(proc); return w; } static void binder_defer_work(struct binder_proc *proc, enum binder_deferred_state defer); static void binder_free_thread(struct binder_thread *thread); Loading Loading @@ -4584,13 +4563,17 @@ static void binder_release_work(struct binder_proc *proc, struct list_head *list) { struct binder_work *w; enum binder_work_type wtype; while (1) { w = binder_dequeue_work_head(proc, list); binder_inner_proc_lock(proc); w = binder_dequeue_work_head_ilocked(list); wtype = w ? w->type : 0; binder_inner_proc_unlock(proc); if (!w) return; switch (w->type) { switch (wtype) { case BINDER_WORK_TRANSACTION: { struct binder_transaction *t; Loading Loading @@ -4624,9 +4607,11 @@ static void binder_release_work(struct binder_proc *proc, kfree(death); binder_stats_deleted(BINDER_STAT_DEATH); } break; case BINDER_WORK_NODE: break; default: pr_err("unexpected work type, %d, not freed\n", w->type); wtype); break; } } Loading
drivers/char/adsprpc.c +9 −7 Original line number Diff line number Diff line Loading @@ -2728,6 +2728,7 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl, mutex_unlock(&fl->fl_map_mutex); if (err) goto bail; if (map) { VERIFY(err, !fastrpc_munmap_on_dsp(fl, map->raddr, map->phys, map->size, map->flags)); if (err) Loading @@ -2735,6 +2736,7 @@ static int fastrpc_internal_munmap(struct fastrpc_file *fl, mutex_lock(&fl->fl_map_mutex); fastrpc_mmap_free(map, 0); mutex_unlock(&fl->fl_map_mutex); } bail: if (err && map) { mutex_lock(&fl->fl_map_mutex); Loading
