ACK: [SRU Mantic][PATCH 0/9] CVE-2024-2201 (v2)

Mon Apr 15 10:19:27 UTC 2024

On 15/04/2024 11:48, Stefan Bader wrote:
> [Impact]
> Native BHI attack, a Spectre v2 variant, allows local unprivileged attackers to
> obtain kernel memory information without the help of unprivileged eBPF, negating
> to the previous belief that unprivileged eBPF is the only real-world source of
> such an attack. Also, this vulnerability affects KVM as well.
>
> [Backport]
> There is a conflict in reverse_cpuid.h due to lack of 80c883db87d9 (“KVM: x86:
> Use a switch statement and macros in __feature_translate()”) commit.
> There are also some context conflict in cpufeature.h. This v2 takes the
> changes from the merge commit and integrates them into the individual
> changes from linux-6.6.y.
> Also updated in v2 is the annotations change to set the auto mode by
> default.
>
> [Test]
> Compiled only (doing this again in parallel to submission)
>
> [Where things could go wrong]
> This patch is more about enabling CPU features and reducing branch history
> exposed, therefore, that the system is able to boot and run should denote that
> it is not introducing any regression.
>
> For KVM, the most significant impact is the performance regression due to system
> call substitution since branch prediction probably won't perform as fast as the
> previous version for users who do not care about the mitigation.
>
> Daniel Sneddon (2):
>    x86/bhi: Define SPEC_CTRL_BHI_DIS_S
>    KVM: x86: Add BHI_NO
>
> Josh Poimboeuf (1):
>    x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
>
> Linus Torvalds (1):
>    x86/syscall: Don't force use of indirect calls for system calls
>
> Pawan Gupta (4):
>    x86/bhi: Add support for clearing branch history at syscall entry
>    x86/bhi: Enumerate Branch History Injection (BHI) bug
>    x86/bhi: Add BHI mitigation knob
>    x86/bhi: Mitigate KVM by default
>
> Yuxuan Luo (1):
>    UBUNTU: [Config] Set CONFIG_BHI to enabled
>
>   Documentation/admin-guide/hw-vuln/spectre.rst |  48 ++++++-
>   .../admin-guide/kernel-parameters.txt         |  12 ++
>   arch/x86/Kconfig                              |  25 ++++
>   arch/x86/entry/common.c                       |  10 +-
>   arch/x86/entry/entry_64.S                     |  61 +++++++++
>   arch/x86/entry/entry_64_compat.S              |  16 +++
>   arch/x86/entry/syscall_32.c                   |  21 ++-
>   arch/x86/entry/syscall_64.c                   |  19 ++-
>   arch/x86/entry/syscall_x32.c                  |  10 +-
>   arch/x86/include/asm/cpufeatures.h            |  11 ++
>   arch/x86/include/asm/msr-index.h              |   9 +-
>   arch/x86/include/asm/nospec-branch.h          |  17 +++
>   arch/x86/include/asm/syscall.h                |  11 +-
>   arch/x86/kernel/cpu/bugs.c                    | 121 ++++++++++++++++--
>   arch/x86/kernel/cpu/common.c                  |  24 ++--
>   arch/x86/kernel/cpu/scattered.c               |   1 +
>   arch/x86/kvm/reverse_cpuid.h                  |   5 +
>   arch/x86/kvm/vmx/vmenter.S                    |   2 +
>   arch/x86/kvm/x86.c                            |   3 +-
>   debian.master/config/annotations              |   3 +
>   20 files changed, 382 insertions(+), 47 deletions(-)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu at canonical.com>