From: Greg KH <gregkh@linuxfoundation.org>
To: Kim Phillips <kim.phillips@amd.com>
Cc: mingo@kernel.org, andrew.cooper3@citrix.com, bp@alien8.de,
bp@suse.de, bpf@vger.kernel.org, jpoimboe@redhat.com,
linux-kernel@vger.kernel.org, peterz@infradead.org,
thomas.lendacky@amd.com, x86@kernel.org
Subject: Re: [PATCH v3] x86/bugs: Enable STIBP for IBPB mitigated RetBleed
Date: Mon, 8 Aug 2022 16:23:04 +0200 [thread overview]
Message-ID: <YvEcSGxAh9qbOxPH@kroah.com> (raw)
In-Reply-To: <20220808141702.10439-1-kim.phillips@amd.com>
On Mon, Aug 08, 2022 at 09:17:02AM -0500, Kim Phillips wrote:
> AMD's "Technical Guidance for Mitigating Branch Type Confusion,
> Rev. 1.0 2022-07-12" whitepaper, under section 6.1.2 "IBPB On
> Privileged Mode Entry / SMT Safety" says:
>
> "Similar to the Jmp2Ret mitigation, if the code on the sibling thread
> cannot be trusted, software should set STIBP to 1 or disable SMT to
> ensure SMT safety when using this mitigation."
>
> So, like already being done for retbleed=unret, the also for
> retbleed=ibpb, force STIBP on machines that have it, and report
> its SMT vulnerability status accordingly.
>
> Link: https://bugzilla.kernel.org/show_bug.cgi?id=206537
> Fixes: 3ebc17006888 ("x86/bugs: Add retbleed=ibpb")
> Signed-off-by: Kim Phillips <kim.phillips@amd.com>
> ---
> v3: "unret and ibpb mitigations" -> "UNRET and IBPB mitigations" (Mingo)
> v2: Justify and explain STIBP's role with IBPB (Boris)
>
> .../admin-guide/kernel-parameters.txt | 20 ++++++++++++++-----
> arch/x86/kernel/cpu/bugs.c | 10 ++++++----
> 2 files changed, 21 insertions(+), 9 deletions(-)
Any specific reason you don't want this also backported to the stable
kernel branches that have the other retbleed fixes in them?
thanks,
greg k-h
next prev parent reply other threads:[~2022-08-08 14:23 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-04 19:22 [PATCH] x86/bugs: Enable STIBP for IBPB mitigated RetBleed Kim Phillips
2022-08-05 14:42 ` Borislav Petkov
2022-08-05 17:04 ` Kim Phillips
2022-08-05 17:55 ` Borislav Petkov
2022-08-05 21:50 ` [PATCH v2] " Kim Phillips
2022-08-06 19:00 ` Ingo Molnar
2022-08-08 14:17 ` [PATCH v3] " Kim Phillips
2022-08-08 14:23 ` Greg KH [this message]
2022-08-08 14:32 ` [PATCH v4] " Kim Phillips
2022-08-08 18:10 ` [tip: x86/urgent] x86/bugs: Enable STIBP for IBPB mitigated RETBleed tip-bot2 for Kim Phillips
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YvEcSGxAh9qbOxPH@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=bp@suse.de \
--cc=bpf@vger.kernel.org \
--cc=jpoimboe@redhat.com \
--cc=kim.phillips@amd.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.