From: Josh Poimboeuf <jpoimboe@kernel.org>
To: x86@kernel.org
Cc: linux-kernel@vger.kernel.org, Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Babu Moger <babu.moger@amd.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
David.Kaplan@amd.com, Andrew Cooper <andrew.cooper3@citrix.com>,
Nikolay Borisov <nik.borisov@suse.com>,
gregkh@linuxfoundation.org, Thomas Gleixner <tglx@linutronix.de>
Subject: [PATCH 00/22] SRSO fixes/cleanups
Date: Sun, 20 Aug 2023 18:18:57 -0700 [thread overview]
Message-ID: <cover.1692580085.git.jpoimboe@kernel.org> (raw)
Here are several SRSO fixes and cleanups, based on tip/x86/urgent.
One of the patches also adds KVM support, though a corresponding patch
is still needed in QEMU. I have a working QEMU patch which I can post
to qemu-devel.
Josh Poimboeuf (22):
x86/srso: Fix srso_show_state() side effect
x86/srso: Set CPUID feature bits independently of bug or mitigation
status
KVM: x86: Support IBPB_BRTYPE and SBPB
x86/srso: Fix SBPB enablement for spec_rstack_overflow=off
x86/srso: Fix SBPB enablement for mitigations=off
x86/srso: Print actual mitigation if requested mitigation isn't
possible
x86/srso: Remove default case in srso_select_mitigation()
x86/srso: Downgrade retbleed IBPB warning to informational message
x86/srso: Simplify exit paths
x86/srso: Print mitigation for retbleed IBPB case
x86/srso: Slight simplification
x86/srso: Remove redundant X86_FEATURE_ENTRY_IBPB check
x86/srso: Fix vulnerability reporting for missing microcode
x86/srso: Fix unret validation dependencies
x86/alternatives: Remove faulty optimization
x86/srso: Unexport untraining functions
x86/srso: Disentangle rethunk-dependent options
x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros
x86/srso: Improve i-cache locality for alias mitigation
x86/retpoline: Remove .text..__x86.return_thunk section
x86/nospec: Refactor UNTRAIN_RET[_*]
x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk()
Documentation/admin-guide/hw-vuln/srso.rst | 22 ++-
arch/x86/include/asm/nospec-branch.h | 69 ++++-----
arch/x86/include/asm/processor.h | 2 -
arch/x86/kernel/alternative.c | 8 -
arch/x86/kernel/cpu/amd.c | 28 ++--
arch/x86/kernel/cpu/bugs.c | 87 +++++------
arch/x86/kernel/vmlinux.lds.S | 10 +-
arch/x86/kvm/cpuid.c | 4 +
arch/x86/kvm/x86.c | 9 +-
arch/x86/lib/retpoline.S | 171 +++++++++++----------
include/linux/objtool.h | 3 +-
scripts/Makefile.vmlinux_o | 3 +-
12 files changed, 199 insertions(+), 217 deletions(-)
--
2.41.0
next reply other threads:[~2023-08-21 1:19 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-21 1:18 Josh Poimboeuf [this message]
2023-08-21 1:18 ` [PATCH 01/22] x86/srso: Fix srso_show_state() side effect Josh Poimboeuf
2023-08-21 5:42 ` Nikolay Borisov
2023-08-21 6:04 ` Borislav Petkov
2023-08-21 16:17 ` Josh Poimboeuf
2023-08-22 5:23 ` Borislav Petkov
2023-08-21 1:18 ` [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status Josh Poimboeuf
2023-08-21 5:42 ` Nikolay Borisov
2023-08-21 9:27 ` Andrew Cooper
2023-08-21 14:06 ` Borislav Petkov
2023-08-23 5:20 ` Borislav Petkov
2023-08-23 12:22 ` Andrew Cooper
2023-08-24 4:24 ` Borislav Petkov
2023-08-24 22:04 ` Josh Poimboeuf
2023-08-25 6:42 ` Borislav Petkov
2023-08-21 13:59 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 03/22] KVM: x86: Support IBPB_BRTYPE and SBPB Josh Poimboeuf
2023-08-21 9:34 ` Andrew Cooper
2023-08-21 16:23 ` Josh Poimboeuf
2023-08-21 16:35 ` Sean Christopherson
2023-08-21 16:46 ` Nikolay Borisov
2023-08-21 16:50 ` Sean Christopherson
2023-08-21 17:05 ` Josh Poimboeuf
2023-08-24 16:39 ` Sean Christopherson
2023-08-24 17:07 ` Josh Poimboeuf
2023-08-21 16:49 ` Sean Christopherson
2023-08-21 1:19 ` [PATCH 04/22] x86/srso: Fix SBPB enablement for spec_rstack_overflow=off Josh Poimboeuf
2023-08-21 14:16 ` Borislav Petkov
2023-08-21 16:36 ` Josh Poimboeuf
2023-08-22 5:54 ` Borislav Petkov
2023-08-22 6:07 ` Borislav Petkov
2023-08-22 21:59 ` Josh Poimboeuf
2023-08-23 1:27 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 05/22] x86/srso: Fix SBPB enablement for mitigations=off Josh Poimboeuf
2023-08-23 5:57 ` Borislav Petkov
2023-08-23 20:55 ` Josh Poimboeuf
2023-08-23 23:02 ` Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 06/22] x86/srso: Print actual mitigation if requested mitigation isn't possible Josh Poimboeuf
2023-08-23 6:06 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 07/22] x86/srso: Remove default case in srso_select_mitigation() Josh Poimboeuf
2023-08-23 6:18 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 08/22] x86/srso: Downgrade retbleed IBPB warning to informational message Josh Poimboeuf
2023-08-24 4:43 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 09/22] x86/srso: Simplify exit paths Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 10/22] x86/srso: Print mitigation for retbleed IBPB case Josh Poimboeuf
2023-08-24 4:48 ` Borislav Petkov
2023-08-24 21:40 ` Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 11/22] x86/srso: Slight simplification Josh Poimboeuf
2023-08-24 4:55 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 12/22] x86/srso: Remove redundant X86_FEATURE_ENTRY_IBPB check Josh Poimboeuf
2023-08-25 7:09 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 13/22] x86/srso: Fix vulnerability reporting for missing microcode Josh Poimboeuf
2023-08-25 7:25 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 14/22] x86/srso: Fix unret validation dependencies Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 15/22] x86/alternatives: Remove faulty optimization Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 16/22] x86/srso: Unexport untraining functions Josh Poimboeuf
2023-08-21 5:50 ` Nikolay Borisov
2023-08-21 1:19 ` [PATCH 17/22] x86/srso: Disentangle rethunk-dependent options Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 18/22] x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 19/22] x86/srso: Improve i-cache locality for alias mitigation Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 20/22] x86/retpoline: Remove .text..__x86.return_thunk section Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 21/22] x86/nospec: Refactor UNTRAIN_RET[_*] Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 22/22] x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1692580085.git.jpoimboe@kernel.org \
--to=jpoimboe@kernel.org \
--cc=David.Kaplan@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=babu.moger@amd.com \
--cc=bp@alien8.de \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.