c780195351
Renamed rh1566890_speculative_store_bypass_so_added_more_per_task_speculation_control_CVE_2018_3639 to rh1566890-CVE_2018_3639-speculative_store_bypass.patch Added dependent patch, rh1566890-CVE_2018_3639-speculative_store_bypass_toggle.patch
55 lines
1.6 KiB
Diff
55 lines
1.6 KiB
Diff
diff --git openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp openjdk/hotspot/src/os/linux/vm/os_linux.cpp
|
|
--- openjdk.orig/hotspot/src/os/linux/vm/os_linux.cpp
|
|
+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp
|
|
@@ -5001,26 +5001,43 @@
|
|
|
|
/* Per task speculation control */
|
|
#ifndef PR_GET_SPECULATION_CTRL
|
|
-#define PR_GET_SPECULATION_CTRL 52
|
|
+# define PR_GET_SPECULATION_CTRL 52
|
|
#endif
|
|
#ifndef PR_SET_SPECULATION_CTRL
|
|
-#define PR_SET_SPECULATION_CTRL 53
|
|
+# define PR_SET_SPECULATION_CTRL 53
|
|
#endif
|
|
/* Speculation control variants */
|
|
-# undef PR_SPEC_STORE_BYPASS
|
|
+#ifndef PR_SPEC_STORE_BYPASS
|
|
# define PR_SPEC_STORE_BYPASS 0
|
|
+#endif
|
|
/* Return and control values for PR_SET/GET_SPECULATION_CTRL */
|
|
-# undef PR_SPEC_NOT_AFFECTED
|
|
-# undef PR_SPEC_PRCTL
|
|
-# undef PR_SPEC_ENABLE
|
|
-# undef PR_SPEC_DISABLE
|
|
+
|
|
+#ifndef PR_SPEC_NOT_AFFECTED
|
|
# define PR_SPEC_NOT_AFFECTED 0
|
|
+#endif
|
|
+#ifndef PR_SPEC_PRCTL
|
|
# define PR_SPEC_PRCTL (1UL << 0)
|
|
+#endif
|
|
+#ifndef PR_SPEC_ENABLE
|
|
# define PR_SPEC_ENABLE (1UL << 1)
|
|
+#endif
|
|
+#ifndef PR_SPEC_DISABLE
|
|
# define PR_SPEC_DISABLE (1UL << 2)
|
|
+#endif
|
|
+#ifndef PR_SPEC_FORCE_DISABLE
|
|
+# define PR_SPEC_FORCE_DISABLE (1UL << 3)
|
|
+#endif
|
|
+#ifndef PR_SPEC_DISABLE_NOEXEC
|
|
+# define PR_SPEC_DISABLE_NOEXEC (1UL << 4)
|
|
+#endif
|
|
|
|
static void set_speculation() __attribute__((constructor));
|
|
static void set_speculation() {
|
|
+ if ( prctl(PR_SET_SPECULATION_CTRL,
|
|
+ PR_SPEC_STORE_BYPASS,
|
|
+ PR_SPEC_DISABLE_NOEXEC, 0, 0) == 0 ) {
|
|
+ return;
|
|
+ }
|
|
prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_DISABLE, 0, 0);
|
|
}
|
|
|