[Jammy PULL] Spectre BHB updates
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed Mar 9 19:25:24 UTC 2022
The following changes since commit 33bd0bca423fccca31955fa334fc2d18270141e2:
UBUNTU: [Config] updateconfigs (2022-03-09 15:20:40 +0100)
are available in the Git repository at:
git+ssh://cascardo@git.launchpad.net/~cascardo/ubuntu/+source/linux/+git/jammy spectre-bhb
for you to fetch changes up to 47cfad34072d2a88cbc9df58e95355a06cbd929b:
ARM: fix build error when BPF_SYSCALL is disabled (2022-03-09 15:50:57 -0300)
These were picked from an upstream stable v5.15.28-rc1, with the
appropriate upstream commit IDs. They have been built tested on amd64,
arm64 and armhf.
They have also been compared to a previous backport attempt, and most
changes lie on ARM 32-bit code and some AMD changes. A few changes on
ARM64 were due to a couple of extra commits being applied, reducing some
of the conflicts.
----------------------------------------------------------------
Anshuman Khandual (1):
arm64: Add Cortex-X2 CPU part definition
Emmanuel Gil Peyrot (1):
ARM: fix build error when BPF_SYSCALL is disabled
James Morse (20):
arm64: entry.S: Add ventry overflow sanity checks
arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit
KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
arm64: entry: Make the trampoline cleanup optional
arm64: entry: Free up another register on kpti's tramp_exit path
arm64: entry: Move the trampoline data page before the text page
arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
arm64: entry: Don't assume tramp_vectors is the start of the vectors
arm64: entry: Move trampoline macros out of ifdef'd section
arm64: entry: Make the kpti trampoline's kpti sequence optional
arm64: entry: Allow the trampoline text to occupy multiple pages
arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
arm64: entry: Add vectors that have the bhb mitigation sequences
arm64: entry: Add macro for reading symbol addresses from the trampoline
arm64: Add percpu vectors for EL1
arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
arm64: Mitigate spectre style branch history side channels
KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
arm64: Use the clearbhb instruction in mitigations
arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting
Joey Gouly (3):
arm64: add ID_AA64ISAR2_EL1 sys register
arm64: cpufeature: add HWCAP for FEAT_AFP
arm64: cpufeature: add HWCAP for FEAT_RPRES
Josh Poimboeuf (3):
x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting
x86/speculation: Warn about Spectre v2 LFENCE mitigation
x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
Kim Phillips (2):
x86/speculation: Use generic retpoline by default on AMD
x86/speculation: Update link to AMD speculation whitepaper
Marc Zyngier (1):
arm64: Add HWCAP for self-synchronising virtual counter
Peter Zijlstra (3):
x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
x86/speculation: Add eIBRS + Retpoline options
Documentation/hw-vuln: Update spectre doc
Peter Zijlstra (Intel) (1):
x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
Russell King (Oracle) (5):
ARM: report Spectre v2 status through sysfs
ARM: early traps initialisation
ARM: use LOADADDR() to get load address of sections
ARM: Spectre-BHB workaround
ARM: include unprivileged BPF status in Spectre V2 reporting
Suzuki K Poulose (1):
arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
Documentation/admin-guide/hw-vuln/spectre.rst | 48 ++-
Documentation/admin-guide/kernel-parameters.txt | 8 +-
Documentation/arm64/cpu-feature-registers.rst | 29 +-
Documentation/arm64/elf_hwcaps.rst | 12 +
arch/arm/include/asm/assembler.h | 10 +
arch/arm/include/asm/spectre.h | 32 ++
arch/arm/include/asm/vmlinux.lds.h | 35 ++-
arch/arm/kernel/Makefile | 2 +
arch/arm/kernel/entry-armv.S | 79 ++++-
arch/arm/kernel/entry-common.S | 24 ++
arch/arm/kernel/spectre.c | 71 +++++
arch/arm/kernel/traps.c | 65 +++-
arch/arm/mm/Kconfig | 11 +
arch/arm/mm/proc-v7-bugs.c | 207 ++++++++++---
arch/arm64/Kconfig | 9 +
arch/arm64/include/asm/assembler.h | 53 ++++
arch/arm64/include/asm/cpu.h | 1 +
arch/arm64/include/asm/cpufeature.h | 29 ++
arch/arm64/include/asm/cputype.h | 14 +
arch/arm64/include/asm/fixmap.h | 6 +-
arch/arm64/include/asm/hwcap.h | 3 +
arch/arm64/include/asm/insn.h | 1 +
arch/arm64/include/asm/kvm_host.h | 5 +
arch/arm64/include/asm/sections.h | 5 +
arch/arm64/include/asm/spectre.h | 4 +
arch/arm64/include/asm/sysreg.h | 18 ++
arch/arm64/include/asm/vectors.h | 73 +++++
arch/arm64/include/uapi/asm/hwcap.h | 3 +
arch/arm64/include/uapi/asm/kvm.h | 5 +
arch/arm64/kernel/cpu_errata.c | 7 +
arch/arm64/kernel/cpufeature.c | 28 +-
arch/arm64/kernel/cpuinfo.c | 4 +
arch/arm64/kernel/entry.S | 214 +++++++++----
arch/arm64/kernel/image-vars.h | 4 +
arch/arm64/kernel/proton-pack.c | 391 +++++++++++++++++++++++-
arch/arm64/kernel/vmlinux.lds.S | 2 +-
arch/arm64/kvm/arm.c | 5 +-
arch/arm64/kvm/hyp/hyp-entry.S | 9 +
arch/arm64/kvm/hyp/nvhe/mm.c | 4 +-
arch/arm64/kvm/hyp/vhe/switch.c | 9 +-
arch/arm64/kvm/hypercalls.c | 12 +
arch/arm64/kvm/psci.c | 18 +-
arch/arm64/kvm/sys_regs.c | 2 +-
arch/arm64/mm/mmu.c | 12 +-
arch/arm64/tools/cpucaps | 1 +
arch/x86/include/asm/cpufeatures.h | 2 +-
arch/x86/include/asm/nospec-branch.h | 16 +-
arch/x86/kernel/cpu/bugs.c | 205 +++++++++----
arch/x86/lib/retpoline.S | 2 +-
include/linux/arm-smccc.h | 5 +
include/linux/bpf.h | 12 +
kernel/sysctl.c | 7 +
tools/arch/x86/include/asm/cpufeatures.h | 2 +-
53 files changed, 1620 insertions(+), 215 deletions(-)
create mode 100644 arch/arm/include/asm/spectre.h
create mode 100644 arch/arm/kernel/spectre.c
create mode 100644 arch/arm64/include/asm/vectors.h
More information about the kernel-team
mailing list