[SRU Bionic/Focal/Impish 0/5] Spectre-BHB followups

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Mon Apr 4 20:16:28 UTC 2022

The LFENCE mitigation was found out not to be sufficient on AMD systems. And
unprivileged eBPF was considered in the mitigation status for Spectre v2.

"x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation
reporting" need to be backported from close upstream stable branches.

[Potential regression]
Mitigations may not be applied correctly and changing unprivileged eBPF
setting may cause surprising effects. Mitigations may be reported incorrectly
or incompletely.
Josh Poimboeuf (3):
  x86/speculation: Include unprivileged eBPF status in Spectre v2
    mitigation reporting
  x86/speculation: Warn about Spectre v2 LFENCE mitigation
  x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT

Kim Phillips (2):
  x86/speculation: Use generic retpoline by default on AMD
  x86/speculation: Update link to AMD speculation whitepaper

 Documentation/admin-guide/hw-vuln/spectre.rst |  6 +-
 arch/x86/kernel/cpu/bugs.c                    | 71 +++++++++++++++----
 include/linux/bpf.h                           | 11 +++
 kernel/sysctl.c                               |  8 +++
 4 files changed, 79 insertions(+), 17 deletions(-)


More information about the kernel-team mailing list