From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Josh Poimboeuf <jpoimboe@kernel.org>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Ingo Molnar <mingo@kernel.org>, Amit Shah <amit.shah@amd.com>,
Nikolay Borisov <nik.borisov@suse.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Sean Christopherson <seanjc@google.com>,
David Woodhouse <dwmw2@infradead.org>,
Sasha Levin <sashal@kernel.org>,
tglx@linutronix.de, bp@alien8.de, peterz@infradead.org,
mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org
Subject: [PATCH AUTOSEL 6.1 12/17] x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline
Date: Mon, 14 Apr 2025 09:30:43 -0400 [thread overview]
Message-ID: <20250414133048.680608-12-sashal@kernel.org> (raw)
In-Reply-To: <20250414133048.680608-1-sashal@kernel.org>
From: Josh Poimboeuf <jpoimboe@kernel.org>
[ Upstream commit 18bae0dfec15b24ec14ca17dc18603372f5f254f ]
eIBRS protects against guest->host RSB underflow/poisoning attacks.
Adding retpoline to the mix doesn't change that. Retpoline has a
balanced CALL/RET anyway.
So the current full RSB filling on VMEXIT with eIBRS+retpoline is
overkill. Disable it or do the VMEXIT_LITE mitigation if needed.
Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Reviewed-by: Amit Shah <amit.shah@amd.com>
Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Link: https://lore.kernel.org/r/84a1226e5c9e2698eae1b5ade861f1b8bf3677dc.1744148254.git.jpoimboe@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/x86/kernel/cpu/bugs.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 7d73b53115514..f0f184afa44f3 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1579,20 +1579,20 @@ static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_
case SPECTRE_V2_NONE:
return;
- case SPECTRE_V2_EIBRS_LFENCE:
case SPECTRE_V2_EIBRS:
+ case SPECTRE_V2_EIBRS_LFENCE:
+ case SPECTRE_V2_EIBRS_RETPOLINE:
if (boot_cpu_has_bug(X86_BUG_EIBRS_PBRSB)) {
- setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT_LITE);
pr_info("Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT\n");
+ setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT_LITE);
}
return;
- case SPECTRE_V2_EIBRS_RETPOLINE:
case SPECTRE_V2_RETPOLINE:
case SPECTRE_V2_LFENCE:
case SPECTRE_V2_IBRS:
- setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT);
pr_info("Spectre v2 / SpectreRSB : Filling RSB on VMEXIT\n");
+ setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT);
return;
}
--
2.39.5
next prev parent reply other threads:[~2025-04-14 13:31 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-14 13:30 [PATCH AUTOSEL 6.1 01/17] KVM: s390: Don't use %pK through tracepoints Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 02/17] udmabuf: fix a buf size overflow issue during udmabuf creation Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 03/17] selftests: ublk: fix test_stripe_04 Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 04/17] xen: Change xen-acpi-processor dom0 dependency Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 05/17] nvme: requeue namespace scan on missed AENs Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 06/17] ACPI: EC: Set ec_no_wakeup for Lenovo Go S Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 07/17] ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 08/17] nvme: re-read ANA log page after ns scan completes Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 09/17] objtool: Stop UNRET validation on UD2 Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 10/17] selftests/mincore: Allow read-ahead pages to reach the end of the file Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 11/17] x86/bugs: Use SBPB in write_ibpb() if applicable Sasha Levin
2025-04-14 13:30 ` Sasha Levin [this message]
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 13/17] x86/bugs: Don't fill RSB on context switch with eIBRS Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 14/17] nvmet-fc: take tgtport reference only once Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 15/17] nvmet-fc: put ref when assoc->del_work is already scheduled Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 16/17] net_sched: sch_sfq: use a temporary work area for validating configuration Sasha Levin
2025-04-14 13:30 ` [PATCH AUTOSEL 6.1 17/17] ext4: make block validity check resistent to sb bh corruption Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250414133048.680608-12-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=amit.shah@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dwmw2@infradead.org \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=nik.borisov@suse.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.