[SRU][Mantic][PATCH 0/2] CVE-2024-2201

Yuxuan Luo yuxuan.luo at canonical.com
Fri Apr 12 19:23:25 UTC 2024 

[Impact]
Native BHI attack, a Spectre v2 variant, allows local unprivileged attackers to
obtain kernel memory information without the help of unprivileged eBPF, negating
to the previous belief that unprivileged eBPF is the only real-world source of
such an attack. Also, this vulnerability affects KVM as well.

[Backport]
There is a conflict in reverse_cpuid.h due to lack of 80c883db87d9 (“KVM: x86:
Use a switch statement and macros in __feature_translate()”) commit. This commit
solves the conflict, but since this one is but a refactor and RRSBA_CTRL is not
in the tree, ignore this commit and manually solve the conflict is doable as
well.

[Test]
Compiled only.

[Where things could go wrong]
This patch is more about enabling CPU features and reducing branch history
exposed, therefore, that the system is able to boot and run should denote that
it is not introducing any regression.

For KVM, the most significant impact is the performance regression due to system
call substitution since branch prediction probably won't perform as fast as the
previous version for users who do not care about the mitigation.

Linus Torvalds (1):
  Merge tag 'nativebhi' of
    git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Yuxuan Luo (1):
  UBUNTU: [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}

 Documentation/admin-guide/hw-vuln/spectre.rst |  48 ++++++-
 .../admin-guide/kernel-parameters.txt         |  12 ++
 arch/x86/Kconfig                              |  26 ++++
 arch/x86/entry/common.c                       |  10 +-
 arch/x86/entry/entry_64.S                     |  61 +++++++++
 arch/x86/entry/entry_64_compat.S              |  16 +++
 arch/x86/entry/syscall_32.c                   |  21 ++-
 arch/x86/entry/syscall_64.c                   |  19 ++-
 arch/x86/entry/syscall_x32.c                  |  10 +-
 arch/x86/include/asm/cpufeatures.h            |  12 ++
 arch/x86/include/asm/msr-index.h              |   9 +-
 arch/x86/include/asm/nospec-branch.h          |  17 +++
 arch/x86/include/asm/syscall.h                |  11 +-
 arch/x86/kernel/cpu/bugs.c                    | 121 ++++++++++++++++--
 arch/x86/kernel/cpu/common.c                  |  24 ++--
 arch/x86/kernel/cpu/scattered.c               |   1 +
 arch/x86/kvm/reverse_cpuid.h                  |   5 +
 arch/x86/kvm/vmx/vmenter.S                    |   2 +
 arch/x86/kvm/x86.c                            |   3 +-
 debian.master/config/annotations              |   2 +
 20 files changed, 383 insertions(+), 47 deletions(-)

-- 
2.34.1

More information about the kernel-team mailing list