[SRU OEM-5.17 00/11] MMIO Stale Data mitigations

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Wed Jun 15 12:13:25 UTC 2022


[Impact]
MMIO operations may lead to stale data to be present in processor buffers,
which may be used for information disclosure.

[Mitigation]
Flush processor buffers before VMENTER for guests that have a device assigned.

Josh Poimboeuf (1):
  x86/speculation/mmio: Print SMT warning

Pawan Gupta (10):
  Documentation: Add documentation for Processor MMIO Stale Data
  x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
  x86/speculation: Add a common function for MD_CLEAR mitigation update
  x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
  x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
  x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
  x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale
    Data
  x86/speculation/srbds: Update SRBDS mitigation selection
  x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
  KVM: x86/speculation: Disable Fill buffer clear within guests

 .../ABI/testing/sysfs-devices-system-cpu      |   1 +
 Documentation/admin-guide/hw-vuln/index.rst   |   1 +
 .../hw-vuln/processor_mmio_stale_data.rst     | 246 ++++++++++++++++++
 .../admin-guide/kernel-parameters.txt         |  36 +++
 arch/x86/include/asm/cpufeatures.h            |   1 +
 arch/x86/include/asm/msr-index.h              |  25 ++
 arch/x86/include/asm/nospec-branch.h          |   2 +
 arch/x86/kernel/cpu/bugs.c                    | 235 ++++++++++++++---
 arch/x86/kernel/cpu/common.c                  |  52 +++-
 arch/x86/kvm/vmx/vmx.c                        |  72 +++++
 arch/x86/kvm/vmx/vmx.h                        |   2 +
 arch/x86/kvm/x86.c                            |   3 +
 drivers/base/cpu.c                            |   8 +
 include/linux/cpu.h                           |   3 +
 tools/arch/x86/include/asm/cpufeatures.h      |   1 +
 tools/arch/x86/include/asm/msr-index.h        |  25 ++
 16 files changed, 674 insertions(+), 39 deletions(-)
 create mode 100644 Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst

-- 
2.34.1




More information about the kernel-team mailing list