Re: Avoid speculative indirect calls in kernel

From: Thomas Gleixner
Date: Wed Jan 03 2018 - 19:13:02 EST


On Wed, 3 Jan 2018, Andi Kleen wrote:
> On Wed, Jan 03, 2018 at 03:51:35PM -0800, Linus Torvalds wrote:
> > On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <andi@xxxxxxxxxxxxxx> wrote:
> > > This is a fix for Variant 2 in
> > > https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
> > >
> > > Any speculative indirect calls in the kernel can be tricked
> > > to execute any kernel code, which may allow side channel
> > > attacks that can leak arbitrary kernel data.
> >
> > Why is this all done without any configuration options?
>
> I was thinking of a config option, but I was struggling with a name.
>
> CONFIG_INSECURE_KERNEL, CONFIG_LEAK_MEMORY?
>
> And should it be positive or negative?

It should be a CPU_BUG bit as we have for the other mess. And that can be
used for patching.

Thanks,

tglx