ACK/Cmnt: [SRU Focal][Pull] Retbleed IBRS mitigation

Thu Oct 6 08:46:15 UTC 2022

On 05.10.22 20:43, Thadeu Lima de Souza Cascardo wrote:
> 
> This mitigates Retbleed on Intel parts that support IBRS. This has been
> submitted to upstream stable trees and has been boot and smoke tested on
> different AMD and Intel parts.
> 
> 
> The following changes since commit 616ded90414dbe3bf712ccc4d3fa4eb21d2bec37:
> 
>    ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (2022-10-05 16:29:09 +0200)
> 
> are available in the Git repository at:
> 
>    git://git.launchpad.net/~cascardo/ubuntu/+source/linux/+git/focal retbleed
> 
> for you to fetch changes up to cd16b9b58785af9492d00408a7078125e48ea75f:
> 
>    x86/speculation: Add RSB VM Exit protections (2022-10-05 15:13:06 -0300)
> 
> ----------------------------------------------------------------
> Alexandre Chartre (2):
>        x86/bugs: Report AMD retbleed vulnerability
>        x86/bugs: Add AMD retbleed= boot parameter
> 
> Andrew Cooper (1):
>        x86/cpu/amd: Enumerate BTC_NO
> 
> Daniel Sneddon (1):
>        x86/speculation: Add RSB VM Exit protections
> 
> Josh Poimboeuf (9):
>        x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
>        x86/speculation: Fix firmware entry SPEC_CTRL handling
>        x86/speculation: Fix SPEC_CTRL write on SMT state change
>        x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
>        x86/speculation: Remove x86_spec_ctrl_mask
>        KVM: VMX: Flatten __vmx_vcpu_run()
>        KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
>        KVM: VMX: Fix IBRS handling after vmexit
>        x86/speculation: Fill RSB on vmexit for IBRS
> 
> Mark Gross (1):
>        x86/cpu: Add a steppings field to struct x86_cpu_id
> 
> Nathan Chancellor (1):
>        x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
> 
> Pawan Gupta (4):
>        x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
>        x86/bugs: Add Cannon lake to RETBleed affected CPU list
>        x86/speculation: Disable RRSBA behavior
>        x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
> 
> Peter Zijlstra (11):
>        x86/kvm/vmx: Make noinstr clean
>        x86/cpufeatures: Move RETPOLINE flags to word 11
>        x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
>        x86/entry: Remove skip_r11rcx
>        x86/entry: Add kernel IBRS implementation
>        x86/bugs: Optimize SPEC_CTRL MSR writes
>        x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
>        x86/bugs: Report Intel retbleed vulnerability
>        intel_idle: Disable IBRS during long idle
>        x86/speculation: Change FILL_RETURN_BUFFER to work with objtool
>        x86/common: Stamp out the stepping madness
> 
> Thadeu Lima de Souza Cascardo (3):
>        Revert "x86/speculation: Add RSB VM Exit protections"
>        Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
>        KVM: VMX: Convert launched argument to flags
> 
> Thomas Gleixner (2):
>        x86/devicetable: Move x86 specific macro out of generic code
>        x86/cpu: Add consistent CPU match macros
> 
> Uros Bizjak (2):
>        KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
>        KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
> 
>   Documentation/admin-guide/kernel-parameters.txt |  13 +
>   arch/x86/entry/calling.h                        |  68 ++++-
>   arch/x86/entry/entry_32.S                       |   2 -
>   arch/x86/entry/entry_64.S                       |  34 ++-
>   arch/x86/entry/entry_64_compat.S                |  11 +-
>   arch/x86/include/asm/cpu_device_id.h            | 132 ++++++++-
>   arch/x86/include/asm/cpufeatures.h              |  13 +-
>   arch/x86/include/asm/intel-family.h             |   6 +
>   arch/x86/include/asm/msr-index.h                |  10 +
>   arch/x86/include/asm/nospec-branch.h            |  54 ++--
>   arch/x86/kernel/cpu/amd.c                       |  21 +-
>   arch/x86/kernel/cpu/bugs.c                      | 365 +++++++++++++++++++-----
>   arch/x86/kernel/cpu/common.c                    |  61 ++--
>   arch/x86/kernel/cpu/match.c                     |  13 +-
>   arch/x86/kernel/cpu/scattered.c                 |   1 +
>   arch/x86/kernel/process.c                       |   2 +-
>   arch/x86/kvm/svm.c                              |   1 +
>   arch/x86/kvm/vmx/nested.c                       |  32 +--
>   arch/x86/kvm/vmx/run_flags.h                    |   8 +
>   arch/x86/kvm/vmx/vmenter.S                      | 161 +++++------
>   arch/x86/kvm/vmx/vmx.c                          |  72 +++--
>   arch/x86/kvm/vmx/vmx.h                          |   5 +
>   arch/x86/kvm/x86.c                              |   4 +-
>   drivers/base/cpu.c                              |   8 +
>   drivers/cpufreq/acpi-cpufreq.c                  |   1 +
>   drivers/cpufreq/amd_freq_sensitivity.c          |   1 +
>   drivers/idle/intel_idle.c                       |  43 ++-
>   include/linux/cpu.h                             |   2 +
>   include/linux/kvm_host.h                        |   2 +-
>   include/linux/mod_devicetable.h                 |   4 +-
>   tools/arch/x86/include/asm/cpufeatures.h        |   2 +-
>   31 files changed, 840 insertions(+), 312 deletions(-)
>   create mode 100644 arch/x86/kvm/vmx/run_flags.h
> 
As those are important security changes and we know there is people waiting on 
this. Slightly worried about "only" smoke tests as its unclear whether this 
includes 32bit entry points (Steam, dosbox, other gaming might stress these).
But to get ahead and broader testing...

Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20221006/bbce0682/attachment.sig>