* [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
@ 2025-07-22 12:28 Michael Zhivich
2025-07-22 14:22 ` Borislav Petkov
0 siblings, 1 reply; 12+ messages in thread
From: Michael Zhivich @ 2025-07-22 12:28 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v2:
- Rework patch per feedback
- Add Cc: stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index efd42ee9d1cc..289ff197b1b3 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -378,6 +378,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (cpu_has(c, X86_FEATURE_ZEN3) ||
cpu_has(c, X86_FEATURE_ZEN4)) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 12:28 [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode() Michael Zhivich
@ 2025-07-22 14:22 ` Borislav Petkov
2025-07-22 16:56 ` Greg Kroah-Hartman
0 siblings, 1 reply; 12+ messages in thread
From: Borislav Petkov @ 2025-07-22 14:22 UTC (permalink / raw)
To: Michael Zhivich, Greg Kroah-Hartman
Cc: stable, tglx, mingo, dave.hansen, x86, linux-kernel
On Tue, Jul 22, 2025 at 08:28:44AM -0400, Michael Zhivich wrote:
> For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
> field in zen_patch_rev union on the stack may be garbage. If so, it will
> prevent correct microcode check when consulting p.ucode_rev, resulting in
> incorrect mitigation selection.
"This is a stable-only fix." so that the AI is happy. :-P
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
> Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
That commit in Fixes: is the 6.12 stable one.
The 6.6 one is:
Fixes: 90293047df18 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
The 6.1 is:
Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
The 5.15 one:
Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
and the 5.10 one is
Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
and since all stable kernels above have INIT_STACK_NONE, that same
one-liner should be applied to all of them.
Greg, I'm thinking this one-liner should apply to all of the above with
some fuzz. Can you simply add it to each stable version with a different
Fixes: tag each?
Or do you prefer separate submissions?
Thx.
> arch/x86/kernel/cpu/amd.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
> index efd42ee9d1cc..289ff197b1b3 100644
> --- a/arch/x86/kernel/cpu/amd.c
> +++ b/arch/x86/kernel/cpu/amd.c
> @@ -378,6 +378,8 @@ static bool amd_check_tsa_microcode(void)
> p.model = c->x86_model;
> p.ext_model = c->x86_model >> 4;
> p.stepping = c->x86_stepping;
> + /* reserved bits are expected to be 0 in test below */
> + p.__reserved = 0;
>
> if (cpu_has(c, X86_FEATURE_ZEN3) ||
> cpu_has(c, X86_FEATURE_ZEN4)) {
> --
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 14:22 ` Borislav Petkov
@ 2025-07-22 16:56 ` Greg Kroah-Hartman
2025-07-23 13:40 ` [PATCH v3 6.12] " Michael Zhivich
` (8 more replies)
0 siblings, 9 replies; 12+ messages in thread
From: Greg Kroah-Hartman @ 2025-07-22 16:56 UTC (permalink / raw)
To: Borislav Petkov
Cc: Michael Zhivich, stable, tglx, mingo, dave.hansen, x86,
linux-kernel
On Tue, Jul 22, 2025 at 04:22:54PM +0200, Borislav Petkov wrote:
> On Tue, Jul 22, 2025 at 08:28:44AM -0400, Michael Zhivich wrote:
> > For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
> > field in zen_patch_rev union on the stack may be garbage. If so, it will
> > prevent correct microcode check when consulting p.ucode_rev, resulting in
> > incorrect mitigation selection.
>
> "This is a stable-only fix." so that the AI is happy. :-P
>
> > Cc: <stable@vger.kernel.org>
> > Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
>
> Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
>
> > Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
>
> That commit in Fixes: is the 6.12 stable one.
>
> The 6.6 one is:
>
> Fixes: 90293047df18 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
>
> The 6.1 is:
>
> Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
>
> The 5.15 one:
>
> Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
>
> and the 5.10 one is
>
> Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
>
> and since all stable kernels above have INIT_STACK_NONE, that same
> one-liner should be applied to all of them.
>
> Greg, I'm thinking this one-liner should apply to all of the above with
> some fuzz. Can you simply add it to each stable version with a different
> Fixes: tag each?
>
> Or do you prefer separate submissions?
Ideally, separate submissions, otherwise I have to do this all by hand
:(
thanks
greg k-h
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH v3 6.12] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
@ 2025-07-23 13:40 ` Michael Zhivich
2025-07-23 13:41 ` [PATCH v3 6.6] " Michael Zhivich
` (7 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:40 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index efd42ee9d1cc..289ff197b1b3 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -378,6 +378,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (cpu_has(c, X86_FEATURE_ZEN3) ||
cpu_has(c, X86_FEATURE_ZEN4)) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 6.6] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
2025-07-23 13:40 ` [PATCH v3 6.12] " Michael Zhivich
@ 2025-07-23 13:41 ` Michael Zhivich
2025-07-23 13:41 ` Michael Zhivich
` (6 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:41 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: 90293047df18 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 5fcdfbb792bd..b5a234eef471 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -549,6 +549,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (cpu_has(c, X86_FEATURE_ZEN3) ||
cpu_has(c, X86_FEATURE_ZEN4)) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 6.6] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
2025-07-23 13:40 ` [PATCH v3 6.12] " Michael Zhivich
2025-07-23 13:41 ` [PATCH v3 6.6] " Michael Zhivich
@ 2025-07-23 13:41 ` Michael Zhivich
2025-07-23 13:42 ` Michael Zhivich
` (5 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:41 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 4785d41558d6..2d71c329b347 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -563,6 +563,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 6.6] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
` (2 preceding siblings ...)
2025-07-23 13:41 ` Michael Zhivich
@ 2025-07-23 13:42 ` Michael Zhivich
2025-07-23 13:42 ` Michael Zhivich
` (4 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:42 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 04ac18ff022f..3c7d64c454b3 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -592,6 +592,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 6.6] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
` (3 preceding siblings ...)
2025-07-23 13:42 ` Michael Zhivich
@ 2025-07-23 13:42 ` Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 5.10] " Michael Zhivich
` (3 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:42 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index e67d7603449b..bf07b2c5418a 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -599,6 +599,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 5.10] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
` (4 preceding siblings ...)
2025-07-23 13:42 ` Michael Zhivich
@ 2025-07-23 13:45 ` Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 5.15] " Michael Zhivich
` (2 subsequent siblings)
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:45 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index e67d7603449b..bf07b2c5418a 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -599,6 +599,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 5.15] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
` (5 preceding siblings ...)
2025-07-23 13:45 ` [PATCH v3 5.10] " Michael Zhivich
@ 2025-07-23 13:45 ` Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 6.1] " Michael Zhivich
[not found] ` <PH0PR17MB4639467A94DEC056F2F46519B95FA@PH0PR17MB4639.namprd17.prod.outlook.com>
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:45 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 04ac18ff022f..3c7d64c454b3 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -592,6 +592,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH v3 6.1] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
2025-07-22 16:56 ` Greg Kroah-Hartman
` (6 preceding siblings ...)
2025-07-23 13:45 ` [PATCH v3 5.15] " Michael Zhivich
@ 2025-07-23 13:45 ` Michael Zhivich
[not found] ` <PH0PR17MB4639467A94DEC056F2F46519B95FA@PH0PR17MB4639.namprd17.prod.outlook.com>
8 siblings, 0 replies; 12+ messages in thread
From: Michael Zhivich @ 2025-07-23 13:45 UTC (permalink / raw)
To: stable, bp; +Cc: tglx, mingo, dave.hansen, x86, linux-kernel, Michael Zhivich
For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
field in zen_patch_rev union on the stack may be garbage. If so, it will
prevent correct microcode check when consulting p.ucode_rev, resulting in
incorrect mitigation selection.
This is a stable-only fix.
Cc: <stable@vger.kernel.org>
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
---
Changes in v3:
- separate "fixes" tag for each stable
arch/x86/kernel/cpu/amd.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 4785d41558d6..2d71c329b347 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -563,6 +563,8 @@ static bool amd_check_tsa_microcode(void)
p.model = c->x86_model;
p.ext_model = c->x86_model >> 4;
p.stepping = c->x86_stepping;
+ /* reserved bits are expected to be 0 in test below */
+ p.__reserved = 0;
if (c->x86 == 0x19) {
switch (p.ucode_rev >> 8) {
--
2.34.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode()
[not found] ` <PH0PR17MB4639467A94DEC056F2F46519B95FA@PH0PR17MB4639.namprd17.prod.outlook.com>
@ 2025-07-29 14:38 ` Greg Kroah-Hartman
0 siblings, 0 replies; 12+ messages in thread
From: Greg Kroah-Hartman @ 2025-07-29 14:38 UTC (permalink / raw)
To: Zhivich, Michael
Cc: Borislav Petkov, stable@vger.kernel.org, tglx@linutronix.de,
mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org,
linux-kernel@vger.kernel.org
On Wed, Jul 23, 2025 at 01:47:58PM +0000, Zhivich, Michael wrote:
>
> On 7/22/25, 12:56, "Greg Kroah-Hartman" <gregkh@linuxfoundation.org> wrote:
>
> !-------------------------------------------------------------------|
> This Message Is From an External Sender
> This message came from outside your organization.
> |-------------------------------------------------------------------!
>
> On Tue, Jul 22, 2025 at 04:22:54PM +0200, Borislav Petkov wrote:
> > On Tue, Jul 22, 2025 at 08:28:44AM -0400, Michael Zhivich wrote:
> > > For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
> > > field in zen_patch_rev union on the stack may be garbage. If so, it will
> > > prevent correct microcode check when consulting p.ucode_rev, resulting in
> > > incorrect mitigation selection.
> >
> > "This is a stable-only fix." so that the AI is happy. :-P
> >
> > > Cc: <stable@vger.kernel.org>
> > > Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
> >
> > Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
> >
> > > Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> >
> > That commit in Fixes: is the 6.12 stable one.
> >
> > The 6.6 one is:
> >
> > Fixes: 90293047df18 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> >
> > The 6.1 is:
> >
> > Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> >
> > The 5.15 one:
> >
> > Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> >
> > and the 5.10 one is
> >
> > Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> >
> > and since all stable kernels above have INIT_STACK_NONE, that same
> > one-liner should be applied to all of them.
> >
> > Greg, I'm thinking this one-liner should apply to all of the above with
> > some fuzz. Can you simply add it to each stable version with a different
> > Fixes: tag each?
> >
> > Or do you prefer separate submissions?
>
> Ideally, separate submissions, otherwise I have to do this all by hand
> :(
>
> thanks
>
> greg k-h
>
> Apologies for the barrage of e-mails; I managed to mess up the subject line on a couple, so I’ve resent them with correct subject lines.
> There’s now a submission per stable branch with appropriate patch and fixes tags.
Ok, I think I got them all figured out, thanks!
greg k-h
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2025-07-29 14:38 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-22 12:28 [PATCH v2] x86/bugs: Fix use of possibly uninit value in amd_check_tsa_microcode() Michael Zhivich
2025-07-22 14:22 ` Borislav Petkov
2025-07-22 16:56 ` Greg Kroah-Hartman
2025-07-23 13:40 ` [PATCH v3 6.12] " Michael Zhivich
2025-07-23 13:41 ` [PATCH v3 6.6] " Michael Zhivich
2025-07-23 13:41 ` Michael Zhivich
2025-07-23 13:42 ` Michael Zhivich
2025-07-23 13:42 ` Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 5.10] " Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 5.15] " Michael Zhivich
2025-07-23 13:45 ` [PATCH v3 6.1] " Michael Zhivich
[not found] ` <PH0PR17MB4639467A94DEC056F2F46519B95FA@PH0PR17MB4639.namprd17.prod.outlook.com>
2025-07-29 14:38 ` [PATCH v2] " Greg Kroah-Hartman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).