/openbmc/linux/Documentation/admin-guide/hw-vuln/ |
H A D | spectre.rst | 69 The bounds check bypass attack :ref:`[2] <spec_ref2>` takes advantage 92 The branch target injection attack takes advantage of speculative 116 the attack revealing useful data. 118 One other variant 2 attack vector is for the attacker to poison the 123 return instructions. This attack can be mitigated by flushing the return 134 Yet another variant 2 attack vector is for the attacker to poison the 141 Previously the only known real-world BHB attack vector was via unprivileged 146 Attack scenarios 149 The following list of attack scenarios have been anticipated, but may 150 not cover all possible attack vectors. [all …]
|
H A D | l1tf.rst | 56 similar to the Meltdown attack. 59 allows to attack any physical memory address in the system and the attack 60 works across all protection domains. It allows an attack of SGX and also 65 Attack scenarios 73 application to attack the physical memory to which these PTEs resolve. 78 The Linux kernel contains a mitigation for this attack vector, PTE 92 PTE inversion mitigation for L1TF, to attack physical host memory. 98 only to attack data which is present in L1D, a malicious guest running 99 on one Hyperthread can attack the data which is brought into the L1D by 103 If the processor does not support Extended Page Tables, the attack is [all …]
|
H A D | srso.rst | 68 does address User->User and VM->VM attack vectors. 124 attack vectors, including the local User->Kernel one. 130 new attack vectors appear.
|
H A D | gather_data_sampling.rst | 17 attacks. GDS is a purely sampling-based attack. 27 Attack scenarios 44 attack, and re-enable it.
|
H A D | mds.rst | 55 allows in turn to infer the value via a cache side channel attack. 64 Attack scenarios 74 the TLBleed attack samples can be postprocessed successfully. 220 to use MWAIT in user space (Ring 3) which opens an potential attack vector
|
H A D | cross-thread-rsb.rst | 58 Attack scenarios 61 An attack can be mounted on affected processors by performing a series of CALL
|
/openbmc/linux/Documentation/security/ |
H A D | self-protection.rst | 9 and actively detecting attack attempts. Not all topics are explored in 20 attack surface. (Especially when they have the ability to load arbitrary 31 Attack Surface Reduction 114 bug to an attack. 127 unexpectedly extend the available attack surface. (The on-demand loading 146 to gain execution control during an attack, By far the most commonly 149 kind of attack exist, and protections exist to defend against them. 164 A less well understood attack is using a bug that triggers the 166 allocations. With this attack it is possible to write beyond the end of 200 defense, in that an attack must gather enough information about a [all …]
|
H A D | landlock.rst | 17 expose a minimal attack surface. 86 deputy attack).
|
/openbmc/openbmc/meta-security/recipes-security/aircrack-ng/ |
H A D | aircrack-ng_1.6.bb | 2 …ments the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW…
|
/openbmc/linux/Documentation/devicetree/bindings/sound/ |
H A D | maxim,max98504.yaml | 44 Brownout attenuation to the speaker gain applied during the "attack hold" 47 maxim,brownout-attack-hold-ms: 51 Brownout attack hold phase time in ms, VBATBROWN_ATTK_HOLD, register 0x0018.
|
H A D | cs35l36.txt | 113 - cirrus,cirrus,vpbr-atk-rate : Attenuation attack step rate. Configures the 132 - cirrus,vpbr-mute-en : During the attack state, if the vpbr-max-attn value
|
/openbmc/linux/include/linux/mfd/ |
H A D | ac100.h | 96 #define AC100_ADC_DAP_L_A_T 0x8b /* Left Attack Time */ 98 #define AC100_ADC_DAP_R_A_T 0x8d /* Right Attack Time */ 118 #define AC100_DAC_DAP_H_G_A_T_C 0xa9 /* High Gain Attack Time Coef */ 119 #define AC100_DAC_DAP_L_G_A_T_C 0xaa /* Low Gain Attack Time Coef */
|
/openbmc/linux/Documentation/input/devices/ |
H A D | iforce-protocol.rst | 126 0a-0b Address of attack and fade parameters, or ffff if none. 139 Attack and fade 147 02-03 Duration of attack (little endian encoding, in ms) 148 04 Level at end of attack. Signed byte. 356 - attack and fade : 0e
|
/openbmc/linux/Documentation/staging/ |
H A D | tee.rst | 227 There are additional attack vectors/mitigations for the kernel that should be 232 * Attack vector: Replace the OP-TEE OS image in the rootfs to gain control of 241 * Attack vector: Using an alternate boot mode (i.e. recovery mode), the 250 * Attack vector: Code that is executed prior to issuing the SMC call to load 253 * Mitigation: The OP-TEE driver must be loaded before any potential attack 260 * Attack vector: Prevent the driver from being probed, so the SMC call to
|
/openbmc/linux/sound/soc/codecs/ |
H A D | cs42l73.h | 53 #define CS42L73_LIMARATEHL 0x26 /* Lmtr Attack Rate HP/Line. */ 56 #define CS42L73_LIMARATESPK 0x29 /* Lmtr Attack Rate Spkphone [A]. */ 59 #define CS42L73_LIMARATEESL 0x2C /* Lmtr Attack Rate */ 62 #define CS42L73_ALCARATE 0x2F /* ALC Enable, Attack Rate AB. */
|
H A D | max98373.c | 237 SOC_SINGLE_TLV("DHT Attack Step Volume", MAX98373_R20D2_DHT_ATTACK_CFG, 241 SOC_ENUM("DHT Attack Rate", max98373_dht_attack_rate_enum), 273 SOC_SINGLE("BDE Attack Rate", MAX98373_R2091_BDE_GAIN_ATK_REL_RATE, 4, 0xF, 0), 306 SOC_ENUM("Limiter Attack Rate", max98373_limiter_attack_rate_enum),
|
/openbmc/linux/arch/arm/mm/ |
H A D | copypage-v6.c | 28 * attack the kernel's existing mapping of these pages. 44 * attack the kernel's existing mapping of this page.
|
/openbmc/linux/include/uapi/sound/ |
H A D | asound_fm.h | 39 unsigned char attack; /* 4 bits: attack rate */ member
|
/openbmc/linux/drivers/firmware/efi/ |
H A D | Kconfig | 177 bool "Reset memory attack mitigation" 181 using the TCG Platform Reset Attack Mitigation specification. This 209 PCI devices from being able to attack the OS via DMA. However, since
|
/openbmc/qemu/hw/audio/ |
H A D | fmopl.h | 15 int32_t *AR; /* attack rate :&AR_TABLE[AR<<2] */ 75 int32_t AR_TABLE[76]; /* attack rate tables */
|
/openbmc/linux/net/ipv4/ |
H A D | Kconfig | 99 attack or a misconfigured system somewhere. The information is 271 Normal TCP/IP networking is open to an attack known as "SYN 272 flooding". This denial-of-service attack prevents legitimate remote 274 attack and requires very little work from the attacker, who can 277 SYN cookies provide protection against this type of attack. If you 280 continue to connect, even when your machine is under attack. There
|
/openbmc/linux/tools/testing/selftests/openat2/ |
H A D | rename_attack_test.c | 38 char dirname[] = "/tmp/ksft-openat2-rename-attack.XXXXXX"; in setup_testdir() 139 resultfn("rename attack with %s (%d runs, got %d escapes)\n", in test_rename_attack()
|
/openbmc/docs/security/ |
H A D | network-security-considerations.md | 105 Services which are not required should be disabled to limit the BMC's attack 110 firmware image. This gives the BMC the advantage of a smaller attack 238 described here: https://attack.mitre.org/techniques/T1046/
|
/openbmc/linux/sound/pci/asihpi/ |
H A D | hpifunc.c | 1886 u32 attack) in hpi_compander_set_attack_time_constant() argument 1888 return hpi_control_param_set(h_control, HPI_COMPANDER_ATTACK, attack, in hpi_compander_set_attack_time_constant() 1893 u32 *attack) in hpi_compander_get_attack_time_constant() argument 1896 index, attack, NULL); in hpi_compander_get_attack_time_constant() 2062 u16 hpi_meter_set_rms_ballistics(u32 h_control, u16 attack, u16 decay) in hpi_meter_set_rms_ballistics() argument 2065 attack, decay); in hpi_meter_set_rms_ballistics() 2070 u32 attack; in hpi_meter_get_rms_ballistics() local 2075 &attack, &decay); in hpi_meter_get_rms_ballistics() 2078 *pn_attack = (unsigned short)attack; in hpi_meter_get_rms_ballistics() 2085 u16 hpi_meter_set_peak_ballistics(u32 h_control, u16 attack, u16 decay) in hpi_meter_set_peak_ballistics() argument [all …]
|
/openbmc/qemu/docs/devel/ |
H A D | control-flow-integrity.rst | 23 CFI is best used on production binaries, to protect against unknown attack 27 terminate abruptly, to stop the possible attack.
|