[SRU][Bionic][PULL v2] Update speculation side-channel mitigations
Tyler Hicks
tyhicks at canonical.com
Wed Mar 27 20:31:02 UTC 2019
This is a cleaned up (followup patches applied and ACKs gathered) and
ready-to-pull revision of this thread:
https://lists.ubuntu.com/archives/kernel-team/2019-March/099462.html
The following changes since commit 53f4f4b0576f627345fb3769fdd6d20b6249dd91:
UBUNTU: Ubuntu-4.15.0-47.50 (2019-03-13 04:37:50 +0000)
are available in the git repository at:
https://git.launchpad.net/~tyhicks/ubuntu/+source/linux/+git/bionic speculation-v2
for you to fetch changes up to d8ef5c02ffcf43739ce5eb0048cfd87ffde04aa6:
x86/speculation: Simplify the CPU bug detection logic (2019-03-27 19:58:24 +0000)
----------------------------------------------------------------
Andi Kleen (1):
x86/spectre: Add missing family 6 check to microcode check
Andy Lutomirski (1):
x86/nmi: Fix NMI uaccess race against CR3 switching
Arnaldo Carvalho de Melo (1):
tools headers: Synchronize prctl.h ABI header
Dominik Brodowski (1):
x86/speculation: Simplify the CPU bug detection logic
Jim Mattson (1):
kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
Jiri Kosina (3):
x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
x86/speculation: Propagate information about RSB filling mitigation to sysfs
Konrad Rzeszutek Wilk (3):
x86/bugs: Add AMD's variant of SSB_NO
x86/bugs: Add AMD's SPEC_CTRL MSR usage
x86/bugs: Switch the selection of mitigation from CPU vendor to CPU features
Martin Schwidefsky (1):
s390: remove closung punctuation from spectre messages
Peter Zijlstra (Intel) (1):
sched/smt: Make sched_smt_present track topology
Thomas Gleixner (22):
KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
x86/speculation: Rename SSBD update functions
x86/Kconfig: Select SCHED_SMT if SMP enabled
sched/smt: Expose sched_smt_present static key
x86/speculation: Rework SMT state change
x86/l1tf: Show actual SMT state
x86/speculation: Reorder the spec_v2 code
x86/speculation: Mark string arrays const correctly
x86/speculataion: Mark command line parser data __initdata
x86/speculation: Unify conditional spectre v2 print functions
x86/speculation: Add command line control for indirect branch speculation
x86/process: Consolidate and simplify switch_to_xtra() code
x86/speculation: Avoid __switch_to_xtra() calls
x86/speculation: Prepare for conditional IBPB in switch_mm()
ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
x86/speculation: Split out TIF update
x86/speculation: Prevent stale SPEC_CTRL msr content
x86/speculation: Prepare arch_smt_update() for PRCTL mode
x86/speculation: Add prctl() control for indirect branch speculation
x86/speculation: Enable prctl mode for spectre_v2_user
x86/speculation: Add seccomp Spectre v2 user space protection mode
x86/speculation: Provide IBPB always command line options
Thomas Lendacky (1):
x86/speculation: Add support for STIBP always-on preferred mode
Tim Chen (7):
x86/speculation: Update the TIF_SSBD comment
x86/speculation: Clean up spectre_v2_parse_cmdline()
x86/speculation: Remove unnecessary ret variable in cpu_show_common()
x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common()
x86/speculation: Disable STIBP when enhanced IBRS is in use
x86/speculation: Reorganize speculation control MSRs update
x86/speculation: Prepare for per task indirect branch speculation control
Tom Lendacky (2):
x86/bugs: Update when to check for the LS_CFG SSBD mitigation
x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
WANG Chao (1):
x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
Waiman Long (1):
x86/speculation: Change misspelled STIPB to STIBP
Zhenzhong Duan (3):
x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant
x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
x86/retpoline: Remove minimal retpoline support
Documentation/admin-guide/kernel-parameters.txt | 56 ++-
Documentation/userspace-api/spec_ctrl.rst | 9 +
arch/s390/kernel/nospec-branch.c | 4 +-
arch/x86/Kconfig | 12 +-
arch/x86/Makefile | 5 +-
arch/x86/events/core.c | 2 +-
arch/x86/include/asm/cpufeatures.h | 3 +
arch/x86/include/asm/msr-index.h | 5 +-
arch/x86/include/asm/nospec-branch.h | 44 +-
arch/x86/include/asm/spec-ctrl.h | 20 +-
arch/x86/include/asm/switch_to.h | 3 -
arch/x86/include/asm/thread_info.h | 20 +-
arch/x86/include/asm/tlbflush.h | 48 ++-
arch/x86/kernel/cpu/amd.c | 4 +-
arch/x86/kernel/cpu/bugs.c | 528 +++++++++++++++++++-----
arch/x86/kernel/cpu/common.c | 31 +-
arch/x86/kernel/cpu/intel.c | 3 +
arch/x86/kernel/process.c | 101 ++++-
arch/x86/kernel/process.h | 39 ++
arch/x86/kernel/process_32.c | 10 +-
arch/x86/kernel/process_64.c | 10 +-
arch/x86/kvm/cpuid.c | 10 +-
arch/x86/kvm/svm.c | 36 +-
arch/x86/lib/usercopy.c | 5 +
arch/x86/mm/tlb.c | 120 ++++--
include/linux/compiler-gcc.h | 2 +-
include/linux/module.h | 2 +-
include/linux/ptrace.h | 4 +-
include/linux/sched.h | 9 +
include/linux/sched/smt.h | 20 +
include/uapi/linux/prctl.h | 1 +
kernel/cpu.c | 14 +-
kernel/sched/core.c | 19 +-
kernel/sched/sched.h | 4 +-
scripts/Makefile.build | 2 -
scripts/mod/modpost.c | 2 +-
tools/include/uapi/linux/prctl.h | 13 +
37 files changed, 962 insertions(+), 258 deletions(-)
create mode 100644 arch/x86/kernel/process.h
create mode 100644 include/linux/sched/smt.h
More information about the kernel-team
mailing list