d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17edf152e5
freebsd-dev/sys
History
Konstantin Belousov 17edf152e5 Control for Special Register Buffer Data Sampling mitigation. 
New microcode update for Intel enables mitigation for SRBDS, which
slows down RDSEED and related instructions.  The update also provides
a control to limit the mitigation to SGX enclaves, which should
restore the speed of random generator by the cost of potential
cross-core bufer sampling.

See https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling

GIve the user control over it.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25221
2020-06-12 22:14:45 +00:00
..
amd64 Control for Special Register Buffer Data Sampling mitigation. 2020-06-12 22:14:45 +00:00
arm Fix grabbing of tegra uart. 2020-06-11 12:53:22 +00:00
arm64 Coresight replicator: 2020-06-12 17:31:38 +00:00
bsm bsm: add AUE_CLOSERANGE 2020-04-24 01:27:25 +00:00
cam Implement zero-copy iSCSI target transmission/read. 2020-06-08 20:53:57 +00:00
cddl fix up r362047: a call to zvol_*_minors() was not hidden from userland 2020-06-11 11:35:30 +00:00
compat Revert r362108, as it breaks compilation. 2020-06-12 17:48:12 +00:00
conf Coresight replicator: 2020-06-12 17:31:38 +00:00
contrib Document upgrade procedure in FREEBSD-upgrade 2020-06-04 20:48:57 +00:00
crypto Fix AES-CCM requests with an AAD size smaller than a single block. 2020-06-12 21:33:02 +00:00
ddb kernel: provide panicky version of __unreachable 2020-05-13 18:07:37 +00:00
dev Control for Special Register Buffer Data Sampling mitigation. 2020-06-12 22:14:45 +00:00
dts Remove licenses 2020-06-04 17:20:58 +00:00
fs tmpfs: Preserve alignment of struct fid fields 2020-06-03 09:38:51 +00:00
gdb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
geom Add a crypto capability flag for accelerated software drivers. 2020-06-09 22:26:07 +00:00
gnu dts: patch the am33xx dts for upcoming clock support 2020-06-05 20:14:54 +00:00
i386 FPU init: allocate initial state from UMA to ensure alignment 2020-06-12 21:17:56 +00:00
isa
kern Remove the FIRMWARE_MAX limit. 2020-06-10 23:52:29 +00:00
kgssapi Add support for optional separate output buffers to in-kernel crypto. 2020-05-25 22:12:04 +00:00
libkern libkern: Add arc4random_uniform 2020-05-23 17:51:06 +00:00
mips Various fixes to TLS for MIPS. 2020-06-12 21:21:18 +00:00
modules Hard-code the ice_ddp firmware version. 2020-06-11 00:36:35 +00:00
net Decode the "LACP Fast Timeout" LAGG option flag 2020-06-11 22:46:08 +00:00
net80211 [net80211] First part of A-MSDU offload handling - don't bump A-MPDU reordering seqno 2020-06-12 04:19:03 +00:00
netgraph Add LE events: 2020-06-10 04:54:02 +00:00
netinet So it turns out with the right window scaling you can get the code in all stacks to 2020-06-12 19:56:19 +00:00
netinet6 Retire SCTP_SO_LOCK_TESTING. 2020-06-07 14:39:20 +00:00
netipsec Consistently include opt_ipsec.h for consumers of <netipsec/ipsec.h>. 2020-05-29 19:22:40 +00:00
netpfil ipfw: unbreak matching with big table type flow. 2020-06-04 14:15:39 +00:00
netsmb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
nfs Use epoch(9) for rtentries to simplify control plane operations. 2020-05-23 10:21:02 +00:00
nfsclient
nfsserver
nlm Make nfslockd depend on xdr. 2020-04-23 09:37:22 +00:00
ofed Convert OFED rtable interactions to the new routing KPI. 2020-04-15 13:06:55 +00:00
opencrypto Adjust crypto_apply function callbacks for OCF. 2020-06-10 21:18:19 +00:00
powerpc powerpc/pmap: Fix pte_find_next() iterators for booke64 pmap 2020-06-10 23:03:35 +00:00
riscv riscv: Use SBI shutdown call to implement RB_POWEROFF 2020-06-08 17:57:21 +00:00
rpc Add the .h file that describes the operations for the rpctls_syscall. 2020-05-31 01:12:52 +00:00
security mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers 2020-06-12 21:51:20 +00:00
sys Fixup r361997 by balancing parens. Duh. 2020-06-10 03:36:17 +00:00
teken
tests Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
tools
ufs Clear the IN_SIZEMOD and IN_IBLKDATA flags only when doing a 2020-06-06 20:17:56 +00:00
vm Honor db_pager_quit in some vm_object ddb commands 2020-06-12 21:53:08 +00:00
x86 Control for Special Register Buffer Data Sampling mitigation. 2020-06-12 22:14:45 +00:00
xdr Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
xen Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (16 of many) 2020-02-25 19:04:39 +00:00
Makefile