Loading Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst +14 −0 Original line number Diff line number Diff line Loading @@ -230,6 +230,20 @@ The possible values in this file are: * - 'Mitigation: Clear CPU buffers' - The processor is vulnerable and the CPU buffer clearing mitigation is enabled. * - 'Unknown: No mitigations' - The processor vulnerability status is unknown because it is out of Servicing period. Mitigation is not attempted. Definitions: ------------ Servicing period: The process of providing functional and security updates to Intel processors or platforms, utilizing the Intel Platform Update (IPU) process or other similar mechanisms. End of Servicing Updates (ESU): ESU is the date at which Intel will no longer provide Servicing, such as through IPU or other similar update processes. ESU dates will typically be aligned to end of quarter. If the processor is vulnerable then the following information is appended to the above information: Loading Documentation/admin-guide/kernel-parameters.txt +13 −0 Original line number Diff line number Diff line Loading @@ -4313,6 +4313,18 @@ retain_initrd [RAM] Keep initrd memory after extraction retbleed= [X86] Control mitigation of RETBleed (Arbitrary Speculative Code Execution with Return Instructions) vulnerability. off - unconditionally disable auto - automatically select a migitation Selecting 'auto' will choose a mitigation method at run time according to the CPU. Not specifying this option is equivalent to retbleed=auto. rfkill.default_state= 0 "airplane mode". All wifi, bluetooth, wimax, gps, fm, etc. communication is blocked by default. Loading Loading @@ -4556,6 +4568,7 @@ eibrs - enhanced IBRS eibrs,retpoline - enhanced IBRS + Retpolines eibrs,lfence - enhanced IBRS + LFENCE ibrs - use IBRS to protect kernel Not specifying this option is equivalent to spectre_v2=auto. Loading Documentation/admin-guide/pm/cpuidle.rst +9 −6 Original line number Diff line number Diff line Loading @@ -676,8 +676,8 @@ the ``menu`` governor to be used on the systems that use the ``ladder`` governor by default this way, for example. The other kernel command line parameters controlling CPU idle time management described below are only relevant for the *x86* architecture and some of them affect Intel processors only. described below are only relevant for the *x86* architecture and references to ``intel_idle`` affect Intel processors only. The *x86* architecture support code recognizes three kernel command line options related to CPU idle time management: ``idle=poll``, ``idle=halt``, Loading @@ -699,10 +699,13 @@ idle, so it very well may hurt single-thread computations performance as well as energy-efficiency. Thus using it for performance reasons may not be a good idea at all.] The ``idle=nomwait`` option disables the ``intel_idle`` driver and causes ``acpi_idle`` to be used (as long as all of the information needed by it is there in the system's ACPI tables), but it is not allowed to use the ``MWAIT`` instruction of the CPUs to ask the hardware to enter idle states. The ``idle=nomwait`` option prevents the use of ``MWAIT`` instruction of the CPU to enter idle states. When this option is used, the ``acpi_idle`` driver will use the ``HLT`` instruction instead of ``MWAIT``. On systems running Intel processors, this option disables the ``intel_idle`` driver and forces the use of the ``acpi_idle`` driver instead. Note that in either case, ``acpi_idle`` driver will function only if all the information needed by it is in the system's ACPI tables. In addition to the architecture-level kernel command line options affecting CPU idle time management, there are parameters affecting individual ``CPUIdle`` Loading Documentation/atomic_bitops.txt +1 −1 Original line number Diff line number Diff line Loading @@ -59,7 +59,7 @@ Like with atomic_t, the rule of thumb is: - RMW operations that have a return value are fully ordered. - RMW operations that are conditional are unordered on FAILURE, otherwise the above rules apply. In the case of test_and_{}_bit() operations, otherwise the above rules apply. In the case of test_and_set_bit_lock(), if the bit in memory is unchanged by the operation then it is deemed to have failed. Loading Documentation/filesystems/fscrypt.rst +3 −3 Original line number Diff line number Diff line Loading @@ -1158,7 +1158,7 @@ setxattr() because of the special semantics of the encryption xattr. were to be added to or removed from anything other than an empty directory.) These structs are defined as follows:: #define FS_KEY_DERIVATION_NONCE_SIZE 16 #define FSCRYPT_FILE_NONCE_SIZE 16 #define FSCRYPT_KEY_DESCRIPTOR_SIZE 8 struct fscrypt_context_v1 { Loading @@ -1167,7 +1167,7 @@ directory.) These structs are defined as follows:: u8 filenames_encryption_mode; u8 flags; u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE]; u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; }; #define FSCRYPT_KEY_IDENTIFIER_SIZE 16 Loading @@ -1178,7 +1178,7 @@ directory.) These structs are defined as follows:: u8 flags; u8 __reserved[4]; u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE]; u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; }; The context structs contain the same information as the corresponding Loading Loading
Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst +14 −0 Original line number Diff line number Diff line Loading @@ -230,6 +230,20 @@ The possible values in this file are: * - 'Mitigation: Clear CPU buffers' - The processor is vulnerable and the CPU buffer clearing mitigation is enabled. * - 'Unknown: No mitigations' - The processor vulnerability status is unknown because it is out of Servicing period. Mitigation is not attempted. Definitions: ------------ Servicing period: The process of providing functional and security updates to Intel processors or platforms, utilizing the Intel Platform Update (IPU) process or other similar mechanisms. End of Servicing Updates (ESU): ESU is the date at which Intel will no longer provide Servicing, such as through IPU or other similar update processes. ESU dates will typically be aligned to end of quarter. If the processor is vulnerable then the following information is appended to the above information: Loading
Documentation/admin-guide/kernel-parameters.txt +13 −0 Original line number Diff line number Diff line Loading @@ -4313,6 +4313,18 @@ retain_initrd [RAM] Keep initrd memory after extraction retbleed= [X86] Control mitigation of RETBleed (Arbitrary Speculative Code Execution with Return Instructions) vulnerability. off - unconditionally disable auto - automatically select a migitation Selecting 'auto' will choose a mitigation method at run time according to the CPU. Not specifying this option is equivalent to retbleed=auto. rfkill.default_state= 0 "airplane mode". All wifi, bluetooth, wimax, gps, fm, etc. communication is blocked by default. Loading Loading @@ -4556,6 +4568,7 @@ eibrs - enhanced IBRS eibrs,retpoline - enhanced IBRS + Retpolines eibrs,lfence - enhanced IBRS + LFENCE ibrs - use IBRS to protect kernel Not specifying this option is equivalent to spectre_v2=auto. Loading
Documentation/admin-guide/pm/cpuidle.rst +9 −6 Original line number Diff line number Diff line Loading @@ -676,8 +676,8 @@ the ``menu`` governor to be used on the systems that use the ``ladder`` governor by default this way, for example. The other kernel command line parameters controlling CPU idle time management described below are only relevant for the *x86* architecture and some of them affect Intel processors only. described below are only relevant for the *x86* architecture and references to ``intel_idle`` affect Intel processors only. The *x86* architecture support code recognizes three kernel command line options related to CPU idle time management: ``idle=poll``, ``idle=halt``, Loading @@ -699,10 +699,13 @@ idle, so it very well may hurt single-thread computations performance as well as energy-efficiency. Thus using it for performance reasons may not be a good idea at all.] The ``idle=nomwait`` option disables the ``intel_idle`` driver and causes ``acpi_idle`` to be used (as long as all of the information needed by it is there in the system's ACPI tables), but it is not allowed to use the ``MWAIT`` instruction of the CPUs to ask the hardware to enter idle states. The ``idle=nomwait`` option prevents the use of ``MWAIT`` instruction of the CPU to enter idle states. When this option is used, the ``acpi_idle`` driver will use the ``HLT`` instruction instead of ``MWAIT``. On systems running Intel processors, this option disables the ``intel_idle`` driver and forces the use of the ``acpi_idle`` driver instead. Note that in either case, ``acpi_idle`` driver will function only if all the information needed by it is in the system's ACPI tables. In addition to the architecture-level kernel command line options affecting CPU idle time management, there are parameters affecting individual ``CPUIdle`` Loading
Documentation/atomic_bitops.txt +1 −1 Original line number Diff line number Diff line Loading @@ -59,7 +59,7 @@ Like with atomic_t, the rule of thumb is: - RMW operations that have a return value are fully ordered. - RMW operations that are conditional are unordered on FAILURE, otherwise the above rules apply. In the case of test_and_{}_bit() operations, otherwise the above rules apply. In the case of test_and_set_bit_lock(), if the bit in memory is unchanged by the operation then it is deemed to have failed. Loading
Documentation/filesystems/fscrypt.rst +3 −3 Original line number Diff line number Diff line Loading @@ -1158,7 +1158,7 @@ setxattr() because of the special semantics of the encryption xattr. were to be added to or removed from anything other than an empty directory.) These structs are defined as follows:: #define FS_KEY_DERIVATION_NONCE_SIZE 16 #define FSCRYPT_FILE_NONCE_SIZE 16 #define FSCRYPT_KEY_DESCRIPTOR_SIZE 8 struct fscrypt_context_v1 { Loading @@ -1167,7 +1167,7 @@ directory.) These structs are defined as follows:: u8 filenames_encryption_mode; u8 flags; u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE]; u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; }; #define FSCRYPT_KEY_IDENTIFIER_SIZE 16 Loading @@ -1178,7 +1178,7 @@ directory.) These structs are defined as follows:: u8 flags; u8 __reserved[4]; u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE]; u8 nonce[FS_KEY_DERIVATION_NONCE_SIZE]; u8 nonce[FSCRYPT_FILE_NONCE_SIZE]; }; The context structs contain the same information as the corresponding Loading
