5 Quite some CPUs have speculation-related misfeatures which are in
6 fact vulnerabilities causing data leaks in various forms even across
9 The kernel provides mitigation for such vulnerabilities in various
10 forms. Some of these mitigations are compile-time configurable and some
11 can be supplied on the kernel command line.
13 There is also a class of mitigations which are very expensive, but they can
14 be restricted to a certain set of processes or tasks in controlled
15 environments. The mechanism to control these mitigations is via
18 There are two prctl options which are related to this:
20 * PR_GET_SPECULATION_CTRL
22 * PR_SET_SPECULATION_CTRL
24 PR_GET_SPECULATION_CTRL
25 -----------------------
27 PR_GET_SPECULATION_CTRL returns the state of the speculation misfeature
28 which is selected with arg2 of prctl(2). The return value uses bits 0-3 with
29 the following meaning:
31 ==== ===================== ===================================================
32 Bit Define Description
33 ==== ===================== ===================================================
34 0 PR_SPEC_PRCTL Mitigation can be controlled per task by
35 PR_SET_SPECULATION_CTRL.
36 1 PR_SPEC_ENABLE The speculation feature is enabled, mitigation is
38 2 PR_SPEC_DISABLE The speculation feature is disabled, mitigation is
40 3 PR_SPEC_FORCE_DISABLE Same as PR_SPEC_DISABLE, but cannot be undone. A
41 subsequent prctl(..., PR_SPEC_ENABLE) will fail.
42 ==== ===================== ===================================================
44 If all bits are 0 the CPU is not affected by the speculation misfeature.
46 If PR_SPEC_PRCTL is set, then the per-task control of the mitigation is
47 available. If not set, prctl(PR_SET_SPECULATION_CTRL) for the speculation
52 PR_SET_SPECULATION_CTRL
53 -----------------------
55 PR_SET_SPECULATION_CTRL allows to control the speculation misfeature, which
56 is selected by arg2 of :manpage:`prctl(2)` per task. arg3 is used to hand
57 in the control value, i.e. either PR_SPEC_ENABLE or PR_SPEC_DISABLE or
58 PR_SPEC_FORCE_DISABLE.
62 ======= =================================================================
64 ======= =================================================================
65 EINVAL The prctl is not implemented by the architecture or unused
66 prctl(2) arguments are not 0.
68 ENODEV arg2 is selecting a not supported speculation misfeature.
69 ======= =================================================================
71 PR_SET_SPECULATION_CTRL error codes
72 -----------------------------------
73 ======= =================================================================
75 ======= =================================================================
78 ERANGE arg3 is incorrect, i.e. it's neither PR_SPEC_ENABLE nor
79 PR_SPEC_DISABLE nor PR_SPEC_FORCE_DISABLE.
81 ENXIO Control of the selected speculation misfeature is not possible.
82 See PR_GET_SPECULATION_CTRL.
84 EPERM Speculation was disabled with PR_SPEC_FORCE_DISABLE and caller
85 tried to enable it again.
86 ======= =================================================================
88 Speculation misfeature controls
89 -------------------------------
90 - PR_SPEC_STORE_BYPASS: Speculative Store Bypass
93 * prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, 0, 0, 0);
94 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_ENABLE, 0, 0);
95 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
96 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_FORCE_DISABLE, 0, 0);
98 - PR_SPEC_INDIR_BRANCH: Indirect Branch Speculation in User Processes
99 (Mitigate Spectre V2 style attacks against user processes)
102 * prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, 0, 0, 0);
103 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_ENABLE, 0, 0);
104 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_DISABLE, 0, 0);
105 * prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, PR_SPEC_FORCE_DISABLE, 0, 0);
projects / releases.git / blob