58 lines
1.5 KiB
Plaintext
58 lines
1.5 KiB
Plaintext
|
From: Andrea Arcangeli <andrea@cpushare.com>
|
||
|
Subject: [PATCH seccomp: make tsc disabling optional
|
||
|
Patch-mainline: unknown
|
||
|
References: 191123
|
||
|
|
||
|
Make the TSC disable purely paranoid feature optional, so by default seccomp
|
||
|
returns absolutely zerocost.
|
||
|
|
||
|
Ported from 2.6.19 to 2.6.24-rc7 by Jeff Mahoney.
|
||
|
Addition of x86-64 by Jan Beulich.
|
||
|
|
||
|
Signed-off-by: Andrea Arcangeli <andrea@cpushare.com>
|
||
|
Acked-by: Jeff Mahoney <jeffm@suse.com>
|
||
|
---
|
||
|
arch/x86/Kconfig | 12 ++++++++++++
|
||
|
arch/x86/kernel/process.c | 2 ++
|
||
|
2 files changed, 14 insertions(+)
|
||
|
|
||
|
--- a/arch/x86/Kconfig
|
||
|
+++ b/arch/x86/Kconfig
|
||
|
@@ -1485,6 +1485,18 @@ config SECCOMP
|
||
|
|
||
|
If unsure, say Y. Only embedded should say N here.
|
||
|
|
||
|
+config SECCOMP_DISABLE_TSC
|
||
|
+ bool "Disable the TSC for seccomp tasks"
|
||
|
+ depends on SECCOMP
|
||
|
+ default n
|
||
|
+ help
|
||
|
+ This feature mathematically prevents covert channels
|
||
|
+ for tasks running under SECCOMP. This can generate
|
||
|
+ a minuscule overhead in the scheduler.
|
||
|
+
|
||
|
+ If you care most about performance say N. Say Y only if you're
|
||
|
+ paranoid about covert channels.
|
||
|
+
|
||
|
config CC_STACKPROTECTOR
|
||
|
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
|
||
|
---help---
|
||
|
--- a/arch/x86/kernel/process.c
|
||
|
+++ b/arch/x86/kernel/process.c
|
||
|
@@ -139,6 +139,7 @@ static void hard_disable_TSC(void)
|
||
|
|
||
|
void disable_TSC(void)
|
||
|
{
|
||
|
+#ifdef CONFIG_SECCOMP_DISABLE_TSC
|
||
|
preempt_disable();
|
||
|
if (!test_and_set_thread_flag(TIF_NOTSC))
|
||
|
/*
|
||
|
@@ -147,6 +148,7 @@ void disable_TSC(void)
|
||
|
*/
|
||
|
hard_disable_TSC();
|
||
|
preempt_enable();
|
||
|
+#endif
|
||
|
}
|
||
|
|
||
|
static void hard_enable_TSC(void)
|