On 10/17/18 10:59 AM, Tim Chen wrote:
>
> Signed-off-by: Tim Chen <tim.c.c...@linux.intel.com>
> ---
> Documentation/admin-guide/kernel-parameters.txt | 5 +-
> Documentation/userspace-api/spec_ctrl.rst | 10 +++
> arch/x86/kernel/cpu/bugs.c | 85
> ++++++++++++++++++++++++-
> include/linux/sched.h | 11 ++++
> include/uapi/linux/prctl.h | 1 +
> tools/include/uapi/linux/prctl.h | 1 +
> 6 files changed, 111 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/admin-guide/kernel-parameters.txt
> b/Documentation/admin-guide/kernel-parameters.txt
> index 2feb6b2..9af11be 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -4196,7 +4196,10 @@
> lite - turn on mitigation for non-dumpable
> processes (i.e. protect daemons and other
> privileged processes that tend to be
> - non-dumpable).
> + non-dumpable), and processes that has indirect
have
> + branch speculation restricted via prctl's
> + PR_SET_SPECULATION_CTRL option
> +
> strict - protect against attacks for all user processes
> auto - let kernel decide lite or strict mode
>
--
~Randy
