NACK: [SRU][Xenial][PATCH 0/3] Cleanups for CVE-2017-5715 (Spectre v2)

Juerg Haefliger juerg.haefliger at canonical.com
Tue Dec 4 08:36:05 UTC 2018


This needs more work.

...Juerg

On Wed, 21 Nov 2018 14:58:28 +0100
Juerg Haefliger <juerg.haefliger at canonical.com> wrote:

> This patchset cleans up the Ubuntu-specific IBRS and IBPB runtime controls.
> The runtime controls from the embargoed patches are messy and spread all
> over the place. These patches consolidate the modifications into the
> proper places (commandline options in arch/x86/kernel/cpu/bugs.c instead of
> kernel/smp.c, speculation macros in arch/x86/include/asm/nospec-branch.h
> instead of open-coded) and merge them with the additional spectre-related
> changes that went in recently.
> 
> In addtion, the 2nd patch adds an entry to
> /sys/devices/system/cpu/vulnerabilities/spectre_v2 when IBRS is enabled
> via procfs to return the full set of enabled mitigations.
> 
> Compile-tested all architectures. Ran release tests to verify no
> regression is introduced. Fiddled with the ibrs_enabled and ibpb_enabled
> procfs controls to verify proper behaviour.
> 
> Signed-off-by: Juerg Haefliger <juergh at canonical.com>
> 
> 
> Juerg Haefliger (3):
>   UBUNTU: SAUCE: x86/speculation: Cleanup IBPB runtime control handling
>   UBUNTU: SAUCE: x86/speculation: Cleanup IBRS runtime control handling
>   UBUNTU: SAUCE: x86/speculation: Move RSB_CTXSW hunk
> 
>  arch/x86/include/asm/mwait.h         |   6 +-
>  arch/x86/include/asm/nospec-branch.h |  28 +++-
>  arch/x86/include/asm/spec_ctrl.h     |  11 +-
>  arch/x86/kernel/cpu/amd.c            |   5 +-
>  arch/x86/kernel/cpu/bugs.c           |  87 +++++++-----
>  arch/x86/kernel/cpu/microcode/core.c |  23 ---
>  arch/x86/kernel/process.c            |  10 +-
>  arch/x86/kernel/smpboot.c            |   6 +-
>  arch/x86/kvm/svm.c                   |   6 +-
>  arch/x86/kvm/vmx.c                   |   3 +-
>  arch/x86/lib/delay.c                 |   8 +-
>  arch/x86/mm/tlb.c                    |   2 +-
>  include/linux/smp.h                  |  83 -----------
>  kernel/smp.c                         |  46 ------
>  kernel/sysctl.c                      | 201 ++++++++++++++++-----------
>  15 files changed, 223 insertions(+), 302 deletions(-)
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20181204/f8ebc06a/attachment.sig>


More information about the kernel-team mailing list