[SRU][Trusty][PULL] Update to upstream's implementation of Spectre v1 mitigation (LP: #1774181)

Juerg Haefliger juerg.haefliger at canonical.com
Mon Jul 23 14:06:17 UTC 2018 

ping.

On 06/28/2018 04:40 PM, Juerg Haefliger wrote:
> BugLink: https://bugs.launchpad.net/bugs/1774181
> 
> Xenial/Trusty/Precise are currently lacking full support of upstream's Spectre
> v1 mitigation. Add the missing patches and merge them with Ubuntu's current
> implementation.
> 
> == SRU Justification ==
> Ubuntu's Spectre v1 mitigation is based on the original embargoed patchset
> which introduced a barrier macro to prevent speculation beyond array boundaries
> for user controlled indices. What eventually landed in upstream is slightly
> different and uses a barrier macro in combination with a masking solution (plus
> syscall table and user pointer sanitation). During the updates to newer stable
> upstream versions, all those patches were skipped. After reviewing them, we
> want to bring them back and merge them with the current implementation which
> brings us back in sync with upstream stable.
> 
> == Fix ==
> Add all the missing Spectre v1 patches from upstream stable 4.4.118 to 4.4.131.
> Where appropriate, replace Ubuntu's additional barriers with the masking macro.
> 
> == Regression Potential ==
> Low. The patches have been in upstream for quite a while now and we keep the
> speculation barriers that are currently in Ubuntu but not in upstream.
> 
> == Test Case ==
> TBD.
> 
> Compile-tested all supported architectures.
> 
> Signed-off-by: Juerg Haefliger <juergh at canonical.com>
> ---
> 
> The following changes since commit ae41eb7e6e1f4431c8a6d98578588d15b7240bf8:
> 
>   fscache: Fix hanging wait on page discarded by writeback (2018-06-18 17:44:37 +0200)
> 
> are available in the Git repository at:
> 
>   git://git.launchpad.net/~juergh/+git/trusty-linux lp1774181
> 
> for you to fetch changes up to 182dabb3ee807633a0a11e8bbac93a64d111fdd3:
> 
>   UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb() (2018-06-28 16:08:50 +0200)
> 
> ----------------------------------------------------------------
> Ben Hutchings (1):
>       x86/syscall: Sanitize syscall table de-references under speculation
> 
> Dan Williams (9):
>       array_index_nospec: Sanitize speculative array de-references
>       x86: Implement array_index_mask_nospec
>       x86: Introduce barrier_nospec
>       x86/get_user: Use pointer masking to limit speculation
>       vfs, fdtable: Prevent bounds-check bypass via speculative execution
>       nl80211: Sanitize array index in parse_txq_params
>       x86/spectre: Report get_user mitigation for spectre_v1
>       x86/kvm: Update spectre-v1 mitigation
>       nospec: Kill array_index_nospec_mask_check()
> 
> Juerg Haefliger (3):
>       UBUNTU: SAUCE: Replace osb() calls with array_index_nospec()
>       UBUNTU: SAUCE: Rename osb() to barrier_nospec()
>       UBUNTU: SAUCE: filter: Use barrier_nospec() instead of osb()
> 
> Mark Rutland (1):
>       Documentation: Document array_index_nospec
> 
> Rasmus Villemoes (1):
>       nospec: Allow index argument to have const-qualified type
> 
> Will Deacon (1):
>       nospec: Move array_index_nospec() parameter checking into separate macro
> 
>  Documentation/speculation.txt            | 90 ++++++++++++++++++++++++++++++++
>  arch/arm/include/asm/barrier.h           |  3 --
>  arch/arm64/include/asm/barrier.h         |  3 --
>  arch/powerpc/include/asm/barrier.h       |  3 +-
>  arch/s390/include/asm/barrier.h          | 13 +++--
>  arch/x86/ia32/ia32entry.S                | 36 ++++++++-----
>  arch/x86/include/asm/barrier.h           | 32 ++++++++++--
>  arch/x86/kernel/cpu/bugs.c               | 10 +---
>  arch/x86/kernel/entry_32.S               |  4 ++
>  arch/x86/kernel/entry_64.S               | 16 +++---
>  arch/x86/kvm/vmx.c                       | 15 ++++--
>  arch/x86/lib/getuser.S                   | 10 ++++
>  drivers/media/usb/uvc/uvc_v4l2.c         |  5 +-
>  drivers/net/wireless/ath/carl9170/main.c |  3 +-
>  drivers/scsi/qla2xxx/qla_mr.c            |  5 +-
>  fs/udf/misc.c                            | 13 ++---
>  include/asm-generic/barrier.h            | 11 ----
>  include/linux/fdtable.h                  |  3 +-
>  include/linux/nospec.h                   | 53 +++++++++++++++++++
>  kernel/user_namespace.c                  |  3 +-
>  net/core/filter.c                        |  5 +-
>  net/wireless/nl80211.c                   |  9 ++--
>  22 files changed, 268 insertions(+), 77 deletions(-)
>  create mode 100644 Documentation/speculation.txt
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180723/8045ce1c/attachment.sig>

More information about the kernel-team mailing list