From: Pavel Machek <pavel@denx.de>
To: Ulrich Hecht <uli@fpond.eu>, cip-dev@lists.cip-project.org
Cc: Pavel Machek <pavel@denx.de>
Subject: 4.4 backports -- x86 speculation
Date: Mon, 13 Jun 2022 12:30:10 +0200 [thread overview]
Message-ID: <20220613103010.GA30821@duo.ucw.cz> (raw)
In-Reply-To: <1772872442.3583605.1654764609414@webmail.strato.com>
[-- Attachment #1: Type: text/plain, Size: 3458 bytes --]
Hi!
(I put mailing list in the cc).
> > > And possibly these?
> > >
> > > 4.9.306: speculation fixes, mostly x86 + 7833a9b54
> > >
> > > ** !M | 890fb470c 0cbb76 o | x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC vari$
> > > ** !M | 3dd518cb6 4cd24d o | x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support...
> > > ** !M | 376afe749 ef014a o | x86/retpoline: Remove minimal retpoline support...
> > > ** | e6291bd93 6e8855 . | Documentation: Add section about CPU vulnerabilities for Spectre...
> > > ** | 8e08ef80a 4c9205 . | Documentation: Add swapgs description to the Spectre v1 documentation...
> > > ** | cdba32608 82ca67 .+ | Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomi$
> > > ** a | 71d79539a a5ce9f o | x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
> > > ** a | a90155024 f8a66d o | x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
> > > ** | a771511ca d45476 o | x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE...
> > > ** | d0ba50275 1e19da o | x86/speculation: Add eIBRS + Retpoline options
> > > ** | f9238d337 5ad3eb . | Documentation/hw-vuln: Update spectre doc
> > > ** | 6481835a9 44a391 o | x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation rep$
> > > ** | b6a1aec08 244d00 o | x86/speculation: Use generic retpoline by default on AMD
> > > ** | 0db1c4307 e9b601 . | x86/speculation: Update link to AMD speculation whitepaper
> > > ** | 8edabefdc eafd98 o | x86/speculation: Warn about Spectre v2 LFENCE mitigation
> > > ** | 075376018 0de05d o | x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
> > > ** !!a | 10b908aab 541625 o | arm/arm64: Provide a wrapper for SMCCC 1.1 calls...
>
> I have backported all of these; see the attached
> tarball. Compile-tested only.
Thanks for the tarball.
0001-ptrace-Check-PTRACE_O_SUSPEND_SECCOMP-permission-on-.patch
0002-xen-blkfront-don-t-use-gnttab_query_foreign_access-f.patch
0003-x86-modpost-Replace-last-remnants-of-RETPOLINE-with-.patch
I already had these from the last round.
0004-arm-arm64-smccc-psci-add-arm_smccc_1_1_get_conduit.patch
I'll take this, but I'll need to recheck the context.
0005-x86-speculation-Add-RETPOLINE_AMD-support-to-the-inl.patch
0006-x86-retpoline-Make-CONFIG_RETPOLINE-depend-on-compil.patch
0007-x86-retpoline-Remove-minimal-retpoline-support.patch
0008-Documentation-Add-section-about-CPU-vulnerabilities-.patch
0009-Documentation-Add-swapgs-description-to-the-Spectre-.patch
0010-Documentation-refer-to-config-RANDOMIZE_BASE-for-ker.patch
0011-x86-speculation-Rename-RETPOLINE_AMD-to-RETPOLINE_LF.patch
0012-x86-speculation-Add-eIBRS-Retpoline-options.patch
0013-Documentation-hw-vuln-Update-spectre-doc.patch
0014-x86-speculation-Include-unprivileged-eBPF-status-in-.patch
0015-x86-speculation-Use-generic-retpoline-by-default-on-.patch
0016-x86-speculation-Update-link-to-AMD-speculation-white.patch
0017-x86-speculation-Warn-about-Spectre-v2-LFENCE-mitigat.patch
0018-x86-speculation-Warn-about-eIBRS-LFENCE-Unprivileged.patch
Applied to -st-rc branch. Let me attempt to do some basic testing.
Thanks and best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
next parent reply other threads:[~2022-06-13 10:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220328091116.GA26815@amd>
[not found] ` <1346806064.1124697.1649068981110@webmail.strato.com>
[not found] ` <20220404112733.GA9863@duo.ucw.cz>
[not found] ` <971433328.1146259.1649072970767@webmail.strato.com>
[not found] ` <86774150.3004766.1651578900027@webmail.strato.com>
[not found] ` <20220503130137.GA12566@duo.ucw.cz>
[not found] ` <1032096920.483689.1652714463015@webmail.strato.com>
[not found] ` <20220517091848.GA29900@duo.ucw.cz>
[not found] ` <1414117524.1401631.1654239722410@webmail.strato.com>
[not found] ` <1772872442.3583605.1654764609414@webmail.strato.com>
2022-06-13 10:30 ` Pavel Machek [this message]
[not found] ` <16F8276E2E3F8D91.11238@lists.cip-project.org>
2022-06-14 10:13 ` [cip-dev] 4.4 backports -- x86 speculation Pavel Machek
[not found] ` <16F8751F2AB1EA42.18003@lists.cip-project.org>
2022-06-14 10:58 ` Pavel Machek
[not found] ` <16F8778C49247DE6.18003@lists.cip-project.org>
2022-06-14 11:10 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220613103010.GA30821@duo.ucw.cz \
--to=pavel@denx.de \
--cc=cip-dev@lists.cip-project.org \
--cc=uli@fpond.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox