Lines Matching full:variant
11 This document covers Spectre variant 1 and Spectre variant 2.
45 CVE-2017-5753 Bounds check bypass Spectre variant 1
46 CVE-2017-5715 Branch target injection Spectre variant 2
47 CVE-2019-1125 Spectre v1 swapgs Spectre variant 1 (swapgs)
60 Spectre variant 1 attacks take advantage of speculative execution of
61 conditional branches, while Spectre variant 2 attacks use speculative
66 Spectre variant 1 (Bounds Check Bypass)
78 There are some extensions of Spectre variant 1 attacks for reading data
82 Note that, despite "Bounds Check Bypass" name, Spectre variant 1 is not
89 Spectre variant 2 (Branch Target Injection)
102 In Spectre variant 2 attacks, the attacker can steer speculative indirect
118 One other variant 2 attack vector is for the attacker to poison the
143 Spectre variant 1
149 a pointer for a Spectre variant 1 attack. The index or pointer
158 Spectre variant 1 (swapgs)
188 Spectre variant 2
191 A spectre variant 2 attacker can :ref:`poison <poison_btb>` the branch
209 mitigate Spectre variant 2 instead of retpoline. Enhanced IBRS is
213 Spectre variant 2 attack by a rogue user process. To mitigate such
225 Spectre variant 1 attacks generally require passing parameters
231 Spectre variant 2 attacks can be launched from a rogue process by
237 A user process can protect itself against Spectre variant 2 attacks
266 For Spectre variant 1 attacks, rogue guests can pass parameters
272 For Spectre variant 2 attacks, rogue guests can :ref:`poison
276 To mitigate variant 2, the host kernel can use return trampolines
291 Spectre variant 1 attacks are possible if parameters can be passed
297 Spectre variant 2 attacks can be launched from a rogue guest by
306 If SMT is used, Spectre variant 2 attacks from an untrusted guest
321 The sysfs file showing Spectre variant 1 mitigation status is:
342 variant 1 are covered.
359 The sysfs file showing Spectre variant 2 mitigation status is:
376 used to protect against Spectre variant 2 attacks when calling firmware (x86 only).
414 Turning on mitigation for Spectre variant 1 and Spectre variant 2
420 Spectre variant 1
423 For the Spectre variant 1, vulnerable kernel code (as determined
427 not cover all attack vectors for Spectre variant 1.
433 For the swapgs variant of Spectre variant 1, LFENCE barriers are
438 Spectre variant 2
441 For Spectre variant 2 mitigation, the compiler turns indirect calls or
459 On CPUs with hardware mitigation for Spectre variant 2 (e.g. Enhanced
468 before invoking any firmware code to prevent Spectre variant 2 exploits
478 User programs can mitigate Spectre variant 1 using LFENCE or "bounds
481 For Spectre variant 2 mitigation, individual user programs
492 also prevent the program from launching a variant 2 attack
508 Within the kernel, Spectre variant 1 attacks from rogue guests are
511 usable disclosure gadgets. However, this may not cover all variant
514 For Spectre variant 2 attacks from rogue guests to the kernel, the
539 Spectre variant 2 mitigation can be disabled or force enabled at the
544 [X86,PPC] Disable mitigations for Spectre Variant 1
550 [X86] Disable all mitigations for the Spectre variant 2
558 [X86] Control mitigation of Spectre variant 2
601 [X86] Control mitigation of Spectre variant 2
648 disable Spectre variant 2 mitigations, boot with
649 spectre_v2=off. Spectre variant 1 mitigations
666 keys), protection against Spectre variant 2 can be put in place by
685 All Spectre variant 2 mitigations can be forced on
693 against variant 2 attacks originating from programs running on