public inbox for cip-dev@lists.cip-project.org
 help / color / mirror / Atom feed
From: Pavel Machek <pavel@denx.de>
To: cip-dev@lists.cip-project.org
Cc: Ulrich Hecht <uli@fpond.eu>, Pavel Machek <pavel@denx.de>
Subject: Re: [cip-dev] 4.4 backports -- x86 speculation
Date: Tue, 14 Jun 2022 12:13:53 +0200	[thread overview]
Message-ID: <20220614101353.GA20387@duo.ucw.cz> (raw)
In-Reply-To: <16F8276E2E3F8D91.11238@lists.cip-project.org>

[-- Attachment #1: Type: text/plain, Size: 5109 bytes --]

Hi!

> > > > And possibly these?
> > > > 
> > > >     4.9.306: speculation fixes, mostly x86 + 7833a9b54
> > > > 
> > > > ** !M | 890fb470c 0cbb76 o  | x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC vari$
> > > > ** !M | 3dd518cb6 4cd24d o  | x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support...
> > > > ** !M | 376afe749 ef014a o  | x86/retpoline: Remove minimal retpoline support...
> > > > **   | e6291bd93 6e8855 .  | Documentation: Add section about CPU vulnerabilities for Spectre...
> > > > **   | 8e08ef80a 4c9205 .  | Documentation: Add swapgs description to the Spectre v1 documentation...
> > > > **   | cdba32608 82ca67 .+ | Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomi$
> > > > ** a | 71d79539a a5ce9f o  | x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
> > > > ** a | a90155024 f8a66d o  | x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
> > > > **   | a771511ca d45476 o  | x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE...
> > > > **   | d0ba50275 1e19da o  | x86/speculation: Add eIBRS + Retpoline options
> > > > **   | f9238d337 5ad3eb .  | Documentation/hw-vuln: Update spectre doc
> > > > **   | 6481835a9 44a391 o  | x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation rep$
> > > > **   | b6a1aec08 244d00 o  | x86/speculation: Use generic retpoline by default on AMD
> > > > **   | 0db1c4307 e9b601 .  | x86/speculation: Update link to AMD speculation whitepaper
> > > > **   | 8edabefdc eafd98 o  | x86/speculation: Warn about Spectre v2 LFENCE mitigation
> > > > **   | 075376018 0de05d o  | x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
> > > > ** !!a | 10b908aab 541625 o  | arm/arm64: Provide a wrapper for SMCCC 1.1 calls...
> > 
> > I have backported all of these; see the attached
> > tarball. Compile-tested only.
> 
> Thanks for the tarball.
> 
> 0001-ptrace-Check-PTRACE_O_SUSPEND_SECCOMP-permission-on-.patch
> 0002-xen-blkfront-don-t-use-gnttab_query_foreign_access-f.patch
> 0003-x86-modpost-Replace-last-remnants-of-RETPOLINE-with-.patch
> 
> I already had these from the last round.
> 
> 0004-arm-arm64-smccc-psci-add-arm_smccc_1_1_get_conduit.patch
> 
> I'll take this, but I'll need to recheck the context.
> 
> 0005-x86-speculation-Add-RETPOLINE_AMD-support-to-the-inl.patch
> 0006-x86-retpoline-Make-CONFIG_RETPOLINE-depend-on-compil.patch
> 0007-x86-retpoline-Remove-minimal-retpoline-support.patch
> 0008-Documentation-Add-section-about-CPU-vulnerabilities-.patch
> 0009-Documentation-Add-swapgs-description-to-the-Spectre-.patch
> 0010-Documentation-refer-to-config-RANDOMIZE_BASE-for-ker.patch
> 0011-x86-speculation-Rename-RETPOLINE_AMD-to-RETPOLINE_LF.patch
> 0012-x86-speculation-Add-eIBRS-Retpoline-options.patch
> 0013-Documentation-hw-vuln-Update-spectre-doc.patch
> 0014-x86-speculation-Include-unprivileged-eBPF-status-in-.patch
> 0015-x86-speculation-Use-generic-retpoline-by-default-on-.patch
> 0016-x86-speculation-Update-link-to-AMD-speculation-white.patch
> 0017-x86-speculation-Warn-about-Spectre-v2-LFENCE-mitigat.patch
> 0018-x86-speculation-Warn-about-eIBRS-LFENCE-Unprivileged.patch
> 
> Applied to -st-rc branch. Let me attempt to do some basic testing.

With all the patches applied, I get this:

https://gitlab.com/cip-project/cip-kernel/linux-cip/-/jobs/2581576742

  LD      arch/x86/platform/intel-mid/built-in.o
1704  CC      arch/x86/platform/efi/efi.o
1705  CC      kernel/cpu.o
1706  CC      mm/mempool.o
1707In file included from ./arch/x86/include/asm/bitops.h:16,
1708                 from include/linux/bitops.h:18,
1709                 from include/linux/kernel.h:10,
1710                 from include/linux/list.h:8,
1711                 from include/linux/module.h:9,
1712                 from arch/x86/kernel/irq_32.c:11:
1713arch/x86/kernel/irq_32.c: In function 'call_on_stack':
1714./arch/x86/include/asm/nospec-branch.h:154:9: error: expected ':' or ')' before 'ANNOTATE_RETPOLINE_SAFE'
1715  154 |         ANNOTATE_RETPOLINE_SAFE                                 \
1716      |         ^~~~~~~~~~~~~~~~~~~~~~~
1717./arch/x86/include/asm/alternative.h:119:20: note: in definition of macro 'OLDINSTR_2'
1718  119 |         "661:\n\t" oldinstr "\n662:\n"                                                          \
1719      |                    ^~~~~~~~
1720./arch/x86/include/asm/nospec-branch.h:153:9: note: in expansion of macro 'ALTERNATIVE_2'
1721  153 |         ALTERNATIVE_2(                                          \
1722      |         ^~~~~~~~~~~~~
1723arch/x86/kernel/irq_32.c:59:22: note: in expansion of macro 'CALL_NOSPEC'
1724   59 |                      CALL_NOSPEC
1725      |                      ^~~~~~~~~~~
1726

Let me try to reorder patches and see which one introduces it.

Best regards,
								Pavel
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

  parent reply	other threads:[~2022-06-14 10:14 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20220328091116.GA26815@amd>
     [not found] ` <1346806064.1124697.1649068981110@webmail.strato.com>
     [not found]   ` <20220404112733.GA9863@duo.ucw.cz>
     [not found]     ` <971433328.1146259.1649072970767@webmail.strato.com>
     [not found]       ` <86774150.3004766.1651578900027@webmail.strato.com>
     [not found]         ` <20220503130137.GA12566@duo.ucw.cz>
     [not found]           ` <1032096920.483689.1652714463015@webmail.strato.com>
     [not found]             ` <20220517091848.GA29900@duo.ucw.cz>
     [not found]               ` <1414117524.1401631.1654239722410@webmail.strato.com>
     [not found]                 ` <1772872442.3583605.1654764609414@webmail.strato.com>
2022-06-13 10:30                   ` 4.4 backports -- x86 speculation Pavel Machek
     [not found]                   ` <16F8276E2E3F8D91.11238@lists.cip-project.org>
2022-06-14 10:13                     ` Pavel Machek [this message]
     [not found]                     ` <16F8751F2AB1EA42.18003@lists.cip-project.org>
2022-06-14 10:58                       ` [cip-dev] " Pavel Machek
     [not found]                       ` <16F8778C49247DE6.18003@lists.cip-project.org>
2022-06-14 11:10                         ` Pavel Machek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220614101353.GA20387@duo.ucw.cz \
    --to=pavel@denx.de \
    --cc=cip-dev@lists.cip-project.org \
    --cc=uli@fpond.eu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox