NACK/Cmnt: [SRU][Mantic][PATCH 0/2] CVE-2024-2201

Mon Apr 15 08:19:45 UTC 2024

On 12.04.24 21:23, Yuxuan Luo wrote:
> [Impact]
> Native BHI attack, a Spectre v2 variant, allows local unprivileged attackers to
> obtain kernel memory information without the help of unprivileged eBPF, negating
> to the previous belief that unprivileged eBPF is the only real-world source of
> such an attack. Also, this vulnerability affects KVM as well.
> 
> [Backport]
> There is a conflict in reverse_cpuid.h due to lack of 80c883db87d9 (“KVM: x86:
> Use a switch statement and macros in __feature_translate()”) commit. This commit
> solves the conflict, but since this one is but a refactor and RRSBA_CTRL is not
> in the tree, ignore this commit and manually solve the conflict is doable as
> well.
> 
> [Test]
> Compiled only.
> 
> [Where things could go wrong]
> This patch is more about enabling CPU features and reducing branch history
> exposed, therefore, that the system is able to boot and run should denote that
> it is not introducing any regression.
> 
> For KVM, the most significant impact is the performance regression due to system
> call substitution since branch prediction probably won't perform as fast as the
> previous version for users who do not care about the mitigation.
> 
> Linus Torvalds (1):
>    Merge tag 'nativebhi' of
>      git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
> 
> Yuxuan Luo (1):
>    UBUNTU: [Config] updateconfigs for CONFIG_BHI_{AUTO|OFF|ON}
> 
>   Documentation/admin-guide/hw-vuln/spectre.rst |  48 ++++++-
>   .../admin-guide/kernel-parameters.txt         |  12 ++
>   arch/x86/Kconfig                              |  26 ++++
>   arch/x86/entry/common.c                       |  10 +-
>   arch/x86/entry/entry_64.S                     |  61 +++++++++
>   arch/x86/entry/entry_64_compat.S              |  16 +++
>   arch/x86/entry/syscall_32.c                   |  21 ++-
>   arch/x86/entry/syscall_64.c                   |  19 ++-
>   arch/x86/entry/syscall_x32.c                  |  10 +-
>   arch/x86/include/asm/cpufeatures.h            |  12 ++
>   arch/x86/include/asm/msr-index.h              |   9 +-
>   arch/x86/include/asm/nospec-branch.h          |  17 +++
>   arch/x86/include/asm/syscall.h                |  11 +-
>   arch/x86/kernel/cpu/bugs.c                    | 121 ++++++++++++++++--
>   arch/x86/kernel/cpu/common.c                  |  24 ++--
>   arch/x86/kernel/cpu/scattered.c               |   1 +
>   arch/x86/kvm/reverse_cpuid.h                  |   5 +
>   arch/x86/kvm/vmx/vmenter.S                    |   2 +
>   arch/x86/kvm/x86.c                            |   3 +-
>   debian.master/config/annotations              |   2 +
>   20 files changed, 383 insertions(+), 47 deletions(-)
> 

Rejected for the following reasons:
I don't think we can do this that way. It looses all history of the 
patches included.

-Stefan
-- 
- Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240415/405d8c8a/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240415/405d8c8a/attachment-0001.sig>