| /openbmc/linux/Documentation/admin-guide/hw-vuln/ |
| H A D | spectre.rst | 69 The bounds check bypass attack :ref:`[2] <spec_ref2>` takes advantage
92 The branch target injection attack takes advantage of speculative
116 the attack revealing useful data.
118 One other variant 2 attack vector is for the attacker to poison the
123 return instructions. This attack can be mitigated by flushing the return
134 Yet another variant 2 attack vector is for the attacker to poison the
141 Previously the only known real-world BHB attack vector was via unprivileged
146 Attack scenarios
149 The following list of attack scenarios have been anticipated, but may
150 not cover all possible attack vectors.
[all …]
|
| H A D | l1tf.rst | 56 similar to the Meltdown attack.
59 allows to attack any physical memory address in the system and the attack
60 works across all protection domains. It allows an attack of SGX and also
65 Attack scenarios
73 application to attack the physical memory to which these PTEs resolve.
78 The Linux kernel contains a mitigation for this attack vector, PTE
92 PTE inversion mitigation for L1TF, to attack physical host memory.
98 only to attack data which is present in L1D, a malicious guest running
99 on one Hyperthread can attack the data which is brought into the L1D by
103 If the processor does not support Extended Page Tables, the attack is
[all …]
|
| H A D | srso.rst | 68 does address User->User and VM->VM attack vectors.
124 attack vectors, including the local User->Kernel one.
130 new attack vectors appear.
|
| H A D | gather_data_sampling.rst | 17 attacks. GDS is a purely sampling-based attack.
27 Attack scenarios
44 attack, and re-enable it.
|
| H A D | mds.rst | 55 allows in turn to infer the value via a cache side channel attack.
64 Attack scenarios
74 the TLBleed attack samples can be postprocessed successfully.
220 to use MWAIT in user space (Ring 3) which opens an potential attack vector
|
| H A D | cross-thread-rsb.rst | 58 Attack scenarios
61 An attack can be mounted on affected processors by performing a series of CALL
|
| /openbmc/linux/Documentation/security/ |
| H A D | self-protection.rst | 9 and actively detecting attack attempts. Not all topics are explored in
20 attack surface. (Especially when they have the ability to load arbitrary
31 Attack Surface Reduction
114 bug to an attack.
127 unexpectedly extend the available attack surface. (The on-demand loading
146 to gain execution control during an attack, By far the most commonly
149 kind of attack exist, and protections exist to defend against them.
164 A less well understood attack is using a bug that triggers the
166 allocations. With this attack it is possible to write beyond the end of
200 defense, in that an attack must gather enough information about a
[all …]
|
| H A D | landlock.rst | 17 expose a minimal attack surface.
86 deputy attack).
|
| /openbmc/openbmc/meta-security/recipes-security/aircrack-ng/ |
| H A D | aircrack-ng_1.6.bb | 2 …ments the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW…
|
| /openbmc/linux/Documentation/devicetree/bindings/sound/ |
| H A D | maxim,max98504.yaml | 44 Brownout attenuation to the speaker gain applied during the "attack hold"
47 maxim,brownout-attack-hold-ms:
51 Brownout attack hold phase time in ms, VBATBROWN_ATTK_HOLD, register 0x0018.
|
| H A D | cs35l36.txt | 113 - cirrus,cirrus,vpbr-atk-rate : Attenuation attack step rate. Configures the
132 - cirrus,vpbr-mute-en : During the attack state, if the vpbr-max-attn value
|
| /openbmc/linux/include/linux/mfd/ |
| H A D | ac100.h | 96 #define AC100_ADC_DAP_L_A_T 0x8b /* Left Attack Time */
98 #define AC100_ADC_DAP_R_A_T 0x8d /* Right Attack Time */
118 #define AC100_DAC_DAP_H_G_A_T_C 0xa9 /* High Gain Attack Time Coef */
119 #define AC100_DAC_DAP_L_G_A_T_C 0xaa /* Low Gain Attack Time Coef */
|
| /openbmc/linux/Documentation/input/devices/ |
| H A D | iforce-protocol.rst | 126 0a-0b Address of attack and fade parameters, or ffff if none.
139 Attack and fade
147 02-03 Duration of attack (little endian encoding, in ms)
148 04 Level at end of attack. Signed byte.
356 - attack and fade : 0e
|
| /openbmc/linux/Documentation/staging/ |
| H A D | tee.rst | 227 There are additional attack vectors/mitigations for the kernel that should be
232 * Attack vector: Replace the OP-TEE OS image in the rootfs to gain control of
241 * Attack vector: Using an alternate boot mode (i.e. recovery mode), the
250 * Attack vector: Code that is executed prior to issuing the SMC call to load
253 * Mitigation: The OP-TEE driver must be loaded before any potential attack
260 * Attack vector: Prevent the driver from being probed, so the SMC call to
|
| /openbmc/linux/sound/soc/codecs/ |
| H A D | cs42l73.h | 53 #define CS42L73_LIMARATEHL 0x26 /* Lmtr Attack Rate HP/Line. */
56 #define CS42L73_LIMARATESPK 0x29 /* Lmtr Attack Rate Spkphone [A]. */
59 #define CS42L73_LIMARATEESL 0x2C /* Lmtr Attack Rate */
62 #define CS42L73_ALCARATE 0x2F /* ALC Enable, Attack Rate AB. */
|
| H A D | max98373.c | 237 SOC_SINGLE_TLV("DHT Attack Step Volume", MAX98373_R20D2_DHT_ATTACK_CFG,
241 SOC_ENUM("DHT Attack Rate", max98373_dht_attack_rate_enum),
273 SOC_SINGLE("BDE Attack Rate", MAX98373_R2091_BDE_GAIN_ATK_REL_RATE, 4, 0xF, 0),
306 SOC_ENUM("Limiter Attack Rate", max98373_limiter_attack_rate_enum),
|
| /openbmc/linux/arch/arm/mm/ |
| H A D | copypage-v6.c | 28 * attack the kernel's existing mapping of these pages.
44 * attack the kernel's existing mapping of this page.
|
| /openbmc/linux/include/uapi/sound/ |
| H A D | asound_fm.h | 39 unsigned char attack; /* 4 bits: attack rate */ member
|
| /openbmc/linux/drivers/firmware/efi/ |
| H A D | Kconfig | 177 bool "Reset memory attack mitigation"
181 using the TCG Platform Reset Attack Mitigation specification. This
209 PCI devices from being able to attack the OS via DMA. However, since
|
| /openbmc/qemu/hw/audio/ |
| H A D | fmopl.h | 15 int32_t *AR; /* attack rate :&AR_TABLE[AR<<2] */
75 int32_t AR_TABLE[76]; /* attack rate tables */
|
| /openbmc/linux/net/ipv4/ |
| H A D | Kconfig | 99 attack or a misconfigured system somewhere. The information is
271 Normal TCP/IP networking is open to an attack known as "SYN
272 flooding". This denial-of-service attack prevents legitimate remote
274 attack and requires very little work from the attacker, who can
277 SYN cookies provide protection against this type of attack. If you
280 continue to connect, even when your machine is under attack. There
|
| /openbmc/linux/tools/testing/selftests/openat2/ |
| H A D | rename_attack_test.c | 38 char dirname[] = "/tmp/ksft-openat2-rename-attack.XXXXXX"; in setup_testdir()
139 resultfn("rename attack with %s (%d runs, got %d escapes)\n", in test_rename_attack()
|
| /openbmc/docs/security/ |
| H A D | network-security-considerations.md | 105 Services which are not required should be disabled to limit the BMC's attack
110 firmware image. This gives the BMC the advantage of a smaller attack
238 described here: https://attack.mitre.org/techniques/T1046/
|
| /openbmc/linux/sound/pci/asihpi/ |
| H A D | hpifunc.c | 1886 u32 attack) in hpi_compander_set_attack_time_constant() argument
1888 return hpi_control_param_set(h_control, HPI_COMPANDER_ATTACK, attack, in hpi_compander_set_attack_time_constant()
1893 u32 *attack) in hpi_compander_get_attack_time_constant() argument
1896 index, attack, NULL); in hpi_compander_get_attack_time_constant()
2062 u16 hpi_meter_set_rms_ballistics(u32 h_control, u16 attack, u16 decay) in hpi_meter_set_rms_ballistics() argument
2065 attack, decay); in hpi_meter_set_rms_ballistics()
2070 u32 attack; in hpi_meter_get_rms_ballistics() local
2075 &attack, &decay); in hpi_meter_get_rms_ballistics()
2078 *pn_attack = (unsigned short)attack; in hpi_meter_get_rms_ballistics()
2085 u16 hpi_meter_set_peak_ballistics(u32 h_control, u16 attack, u16 decay) in hpi_meter_set_peak_ballistics() argument
[all …]
|
| /openbmc/qemu/docs/devel/ |
| H A D | control-flow-integrity.rst | 23 CFI is best used on production binaries, to protect against unknown attack
27 terminate abruptly, to stop the possible attack.
|