arm64: Remove Spectre-related CONFIG_* options (6e5f0927) · Commits · 戴 / test

arch/arm64/Kconfig

+0 −26

Original line number	Diff line number	Diff line
		@@ -1165,32 +1165,6 @@ config UNMAP_KERNEL_AT_EL0

		If unsure, say Y.

		config HARDEN_BRANCH_PREDICTOR
		bool "Harden the branch predictor against aliasing attacks" if EXPERT
		default y
		help
		Speculation attacks against some high-performance processors rely on
		being able to manipulate the branch predictor for a victim context by
		executing aliasing branches in the attacker context. Such attacks
		can be partially mitigated against by clearing internal branch
		predictor state and limiting the prediction logic in some situations.

		This config option will take CPU-specific actions to harden the
		branch predictor against aliasing attacks and may rely on specific
		instruction sequences or control bits being set by the system
		firmware.

		If unsure, say Y.

		config ARM64_SSBD
		bool "Speculative Store Bypass Disable" if EXPERT
		default y
		help
		This enables mitigation of the bypassing of previous stores
		by speculative loads.

		If unsure, say Y.

		config RODATA_FULL_DEFAULT_ENABLED
		bool "Apply r/o permissions of VM areas also to their linear aliases"
		default y

+0 −4

Original line number	Diff line number	Diff line
		@@ -712,12 +712,8 @@ int get_spectre_v2_workaround_state(void);

		static inline int arm64_get_ssbd_state(void)
		{
		#ifdef CONFIG_ARM64_SSBD
		extern int ssbd_state;
		return ssbd_state;
		#else
		return ARM64_SSBD_UNKNOWN;
		#endif
		}

		void arm64_set_ssbd_mitigation(bool state);

+0 −7

Original line number	Diff line number	Diff line
		@@ -527,7 +527,6 @@ static inline int kvm_map_vectors(void)
		}
		#endif

		#ifdef CONFIG_ARM64_SSBD
		DECLARE_PER_CPU_READ_MOSTLY(u64, arm64_ssbd_callback_required);

		static inline int hyp_map_aux_data(void)
		@@ -544,12 +543,6 @@ static inline int hyp_map_aux_data(void)
		}
		return 0;
		}
		#else
		static inline int hyp_map_aux_data(void)
		{
		return 0;
		}
		#endif

		#define kvm_phys_to_vttbr(addr) phys_to_ttbr(addr)

+0 −9

Original line number	Diff line number	Diff line
		@@ -45,7 +45,6 @@ struct bp_hardening_data {
		bp_hardening_cb_t fn;
		};

		#ifdef CONFIG_HARDEN_BRANCH_PREDICTOR
		DECLARE_PER_CPU_READ_MOSTLY(struct bp_hardening_data, bp_hardening_data);

		static inline struct bp_hardening_data *arm64_get_bp_hardening_data(void)
		@@ -64,14 +63,6 @@ static inline void arm64_apply_bp_hardening(void)
		if (d->fn)
		d->fn();
		}
		#else
		static inline struct bp_hardening_data *arm64_get_bp_hardening_data(void)
		{
		return NULL;
		}

		static inline void arm64_apply_bp_hardening(void) { }
		#endif /* CONFIG_HARDEN_BRANCH_PREDICTOR */

		extern void arm64_memblock_init(void);
		extern void paging_init(void);

+1 −2

Original line number	Diff line number	Diff line
		@@ -19,7 +19,7 @@ obj-y := debug-monitors.o entry.o irq.o fpsimd.o \
		return_address.o cpuinfo.o cpu_errata.o \
		cpufeature.o alternative.o cacheinfo.o \
		smp.o smp_spin_table.o topology.o smccc-call.o \
		syscall.o
		ssbd.o syscall.o

		targets += efi-entry.o

		@@ -59,7 +59,6 @@ arm64-reloc-test-y := reloc_test_core.o reloc_test_syms.o
		obj-$(CONFIG_CRASH_DUMP) += crash_dump.o
		obj-$(CONFIG_CRASH_CORE) += crash_core.o
		obj-$(CONFIG_ARM_SDE_INTERFACE) += sdei.o
		obj-$(CONFIG_ARM64_SSBD) += ssbd.o
		obj-$(CONFIG_ARM64_PTR_AUTH) += pointer_auth.o
		obj-$(CONFIG_SHADOW_CALL_STACK) += scs.o