Attack Vector Controls Land In Linux 6.17 To Better Control CPU Security Mitigations
The Attack Vector Controls work is now in Linux 6.17 for those new tuning knobs worked on by AMD engineer David Kaplan to make it more straight-forward for Linux server administrators and power users to more easily select the CPU security mitigations relevant to their system(s) and intended workloads.
The x86/bugs merge request landed this week and with it comes an untangling of the Retbleed code from the ITS Training Solo mitigation on Intel CPUs, in order to allow enabling ITS stuffing separate from the Retbleed mitigation. The Speculative Return Stack Overflow (SRSO) mitigation code was also simplified. Most notable though was getting the rest of the Attack Vector Controls code merged.
Attack Vector Controls makes it easier for everyone from Linux power users to server fleet administrators to manage the increasingly confusing mess of different CPU security mitigations. Rather than needing to manage CPU security mitigations on an individual basis and keeping up with each new mitigation introduced moving forward, Attack Vector Controls classifies them into different categories that users can opt-in / opt-out of particular categories of mitigations. The hope is this will help users stay protected to mitigations relevant to them but otherwise restoring performance by disabling mitigations not relevant to their use.
The Attack Vector Controls are categorized currently into user-to-kernel, user-to-user, guest-to-host, guest-to-guest, and cross-thread vulnerabilities. From there with the mitigations= kernel boot parameter different combinations can be passed for no_user_kernel, no_user_user, no_guest_host, no_guest_guest, and no_cross_thread options for disabling the respective classes of mitigations. Multiple classes can be disabled via comma separation.
More details on the Attack Vector Controls tuning available with Linux 6.17 can be found via the kernel documentation.
The x86/bugs merge request landed this week and with it comes an untangling of the Retbleed code from the ITS Training Solo mitigation on Intel CPUs, in order to allow enabling ITS stuffing separate from the Retbleed mitigation. The Speculative Return Stack Overflow (SRSO) mitigation code was also simplified. Most notable though was getting the rest of the Attack Vector Controls code merged.
Attack Vector Controls makes it easier for everyone from Linux power users to server fleet administrators to manage the increasingly confusing mess of different CPU security mitigations. Rather than needing to manage CPU security mitigations on an individual basis and keeping up with each new mitigation introduced moving forward, Attack Vector Controls classifies them into different categories that users can opt-in / opt-out of particular categories of mitigations. The hope is this will help users stay protected to mitigations relevant to them but otherwise restoring performance by disabling mitigations not relevant to their use.
The Attack Vector Controls are categorized currently into user-to-kernel, user-to-user, guest-to-host, guest-to-guest, and cross-thread vulnerabilities. From there with the mitigations= kernel boot parameter different combinations can be passed for no_user_kernel, no_user_user, no_guest_host, no_guest_guest, and no_cross_thread options for disabling the respective classes of mitigations. Multiple classes can be disabled via comma separation.
More details on the Attack Vector Controls tuning available with Linux 6.17 can be found via the kernel documentation.