From: Ben Hutchings <ben@decadent.org.uk>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: akpm@linux-foundation.org, karahmed@amazon.de,
ak@linux.intel.com, "David Woodhouse" <dwmw@amazon.co.uk>,
peterz@infradead.org, torvalds@linux-foundation.org,
bp@alien8.de, dave.hansen@intel.com, tim.c.chen@linux.intel.com,
arjan@linux.intel.com, pbonzini@redhat.com,
gregkh@linux-foundation.org,
"Thomas Gleixner" <tglx@linutronix.de>
Subject: [PATCH 3.2 096/104] x86/cpufeatures: Clean up Spectre v2 related CPUID flags
Date: Mon, 12 Mar 2018 03:03:34 +0000 [thread overview]
Message-ID: <lsq.1520823814.529333574@decadent.org.uk> (raw)
In-Reply-To: <lsq.1520823814.606620518@decadent.org.uk>
3.2.101-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: David Woodhouse <dwmw@amazon.co.uk>
commit 2961298efe1ea1b6fc0d7ee8b76018fa6c0bcef2 upstream.
We want to expose the hardware features simply in /proc/cpuinfo as "ibrs",
"ibpb" and "stibp". Since AMD has separate CPUID bits for those, use them
as the user-visible bits.
When the Intel SPEC_CTRL bit is set which indicates both IBRS and IBPB
capability, set those (AMD) bits accordingly. Likewise if the Intel STIBP
bit is set, set the AMD STIBP that's used for the generic hardware
capability.
Hide the rest from /proc/cpuinfo by putting "" in the comments. Including
RETPOLINE and RETPOLINE_AMD which shouldn't be visible there. There are
patches to make the sysfs vulnerabilities information non-readable by
non-root, and the same should apply to all information about which
mitigations are actually in use. Those *shouldn't* appear in /proc/cpuinfo.
The feature bit for whether IBPB is actually used, which is needed for
ALTERNATIVEs, is renamed to X86_FEATURE_USE_IBPB.
Originally-by: Borislav Petkov <bp@suse.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: ak@linux.intel.com
Cc: dave.hansen@intel.com
Cc: karahmed@amazon.de
Cc: arjan@linux.intel.com
Cc: torvalds@linux-foundation.org
Cc: peterz@infradead.org
Cc: bp@alien8.de
Cc: pbonzini@redhat.com
Cc: tim.c.chen@linux.intel.com
Cc: gregkh@linux-foundation.org
Link: https://lkml.kernel.org/r/1517070274-12128-2-git-send-email-dwmw@amazon.co.uk
[bwh: For 3.2, just apply the part that hides fake CPU feature bits]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -178,10 +178,10 @@
#define X86_FEATURE_PTS (7*32+ 6) /* Intel Package Thermal Status */
#define X86_FEATURE_DTHERM (7*32+ 7) /* Digital Thermal Sensor */
#define X86_FEATURE_INVPCID_SINGLE (7*32+ 8) /* Effectively INVPCID && CR4.PCIDE=1 */
-#define X86_FEATURE_RSB_CTXSW (7*32+9) /* Fill RSB on context switches */
+#define X86_FEATURE_RSB_CTXSW (7*32+9) /* "" Fill RSB on context switches */
-#define X86_FEATURE_RETPOLINE (7*32+29) /* Generic Retpoline mitigation for Spectre variant 2 */
-#define X86_FEATURE_RETPOLINE_AMD (7*32+30) /* AMD Retpoline mitigation for Spectre variant 2 */
+#define X86_FEATURE_RETPOLINE (7*32+29) /* "" Generic Retpoline mitigation for Spectre variant 2 */
+#define X86_FEATURE_RETPOLINE_AMD (7*32+30) /* "" AMD Retpoline mitigation for Spectre variant 2 */
/* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */
#define X86_FEATURE_KAISER ( 7*32+31) /* "" CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */
next prev parent reply other threads:[~2018-03-12 3:03 UTC|newest]
Thread overview: 106+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-12 3:03 [PATCH 3.2 000/104] 3.2.101-rc1 review Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 070/104] kprobes/x86: Blacklist indirect thunk functions for kprobes Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 089/104] x86/spectre: Report get_user mitigation for spectre_v1 Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 079/104] x86/bugs: Drop one "mitigation" from dmesg Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 091/104] x86/paravirt: Remove 'noreplace-paravirt' cmdline option Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 008/104] rtlwifi: rtl8192de: Fix W=1 build warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 056/104] kconfig.h: use __is_defined() to check if MODULE is defined Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 085/104] x86: Introduce barrier_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 042/104] x86/cpu, x86/pti: Do not enable PTI on AMD processors Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 052/104] x86/alternatives: Fix optimize_nops() checking Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 003/104] rtlwifi: rtl8192se: Fix gcc 4.7.x warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 088/104] vfs, fdtable: Prevent bounds-check bypass via speculative execution Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 101/104] x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 068/104] x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 047/104] x86/cpu: Implement CPU vulnerabilites sysfs functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 016/104] gcov: compile specific gcov implementation based on gcc version Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 007/104] rtlwifi: rtl8192c: Fix W=1 warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 046/104] sysfs/cpu: Add vulnerability folder Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 072/104] x86/pti: Document fix wrong index Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 025/104] atp: remove set_rx_mode_8012() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 041/104] x86/cpufeatures: Add X86_BUG_CPU_INSECURE Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 001/104] brcmfmac: work-around gcc 4.7 build issue Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 044/104] x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 017/104] SELinux: security_load_policy: Silence frame-larger-than warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 033/104] x86, asm: Extend definitions of _ASM_* with a raw format Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 036/104] x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 073/104] x86/retpoline: Optimize inline assembler for vmexit_fill_RSB Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 087/104] x86/syscall: Sanitize syscall table de-references under speculation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 048/104] sysfs/cpu: Fix typos in vulnerability documentation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 102/104] x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 032/104] x86, cpu: Expand cpufeature facility to include cpu bugs Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 051/104] x86/alternatives: Make optimize_nops() interrupt safe and synced Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 024/104] [media] budget-av: only use t_state if initialized Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 015/104] gcov: add support for gcc 4.7 gcov format Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 098/104] nospec: Move array_index_nospec() parameter checking into separate macro Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 014/104] gcov: move gcov structs definitions to a gcc version specific file Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 050/104] x86/alternatives: Fix ALTERNATIVE_2 padding generation properly Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 069/104] retpoline: Introduce start/end markers of indirect thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 100/104] nospec: Include <asm/barrier.h> dependency Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 035/104] x86: Add another set of MSR accessor functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 082/104] Documentation: Document array_index_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 062/104] x86/retpoline/hyperv: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 095/104] x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 038/104] x86/Documentation: Add PTI description Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 034/104] bitops: Introduce BIT_ULL Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 049/104] x86/alternatives: Guard NOPs optimization Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 077/104] module/retpoline: Warn about missing retpoline in module Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 090/104] x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 074/104] x86/cpu/intel: Introduce macros for Intel family numbers Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 097/104] x86/spectre: Fix an error message Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 012/104] usb: renesas_usbhs: fixup __usbhs_for_each_pipe 1st pos Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 071/104] kprobes/x86: Disable optimizing on the function jumps to indirect thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 080/104] x86/cpu/bugs: Make retpoline module warning conditional Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 065/104] x86/retpoline/irq32: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 094/104] x86/spectre: Simplify spectre_v2 command line parsing Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 030/104] KVM: VMX: Make use of asm.h Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 009/104] rtl8192c:dm: Properly initialize local array and set value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 054/104] x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 076/104] x86/retpoline: Remove the esp/rsp thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 075/104] x86/retpoline: Fill RSB on context switch for affected CPUs Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 005/104] ath6kl: fix uninitialized variable in ath6kl_sdio_enable_scatter() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 092/104] x86/kvm: Update spectre-v1 mitigation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 018/104] gcov: add support for GCC 4.9 Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 061/104] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 019/104] ath6kl: fix struct hif_scatter_req list handling Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 086/104] x86/get_user: Use pointer masking to limit speculation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 002/104] Bluetooth: Remove unused hci_le_ltk_reply() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 022/104] fs: namespace: suppress 'may be used uninitialized' warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 064/104] x86/retpoline/checksum32: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 040/104] x86/cpufeatures: Make CPU bugs sticky Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 028/104] x86/bitops: Move BIT_64() for a wider use Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 026/104] staging/wlan-ng: Fix 'Branch condition evaluates to a garbage value' in p80211netdev.c Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 060/104] x86/retpoline/entry: Convert entry assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 031/104] KVM: SVM: Make use of asm.h Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 020/104] modpost: reduce visibility of symbols and constify r/o arrays Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 099/104] nospec: Kill array_index_nospec_mask_check() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 063/104] x86/retpoline/xen: Convert Xen hypercall indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 057/104] x86/asm: Use register variable to get stack pointer value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 058/104] x86/retpoline: Add initial retpoline support Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 013/104] usb: renesas_usbhs: tidyup original usbhsx_for_each_xxx macro Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 059/104] x86/spectre: Add boot time option to select Spectre v2 mitigation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 084/104] x86: Implement array_index_mask_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 004/104] brcm80211: Remove bogus memcpy in ai_detach Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 104/104] cris: Remove old legacy "-traditional" flag from arch-v10/lib/Makefile Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 066/104] x86/retpoline: Fill return stack buffer on vmexit Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 093/104] x86/retpoline: Avoid retpolines for built-in __init functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 037/104] kvm: vmx: Scrub hardware GPRs at VM-exit Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 010/104] rtlwifi: initialize local array and set value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 029/104] x86, alternative: Add header guards to <asm/alternative-asm.h> Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 023/104] [media] max2165: trival fix for some -Wuninitialized warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 083/104] array_index_nospec: Sanitize speculative array de-references Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 067/104] x86/retpoline: Remove compile time warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 043/104] x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN Ben Hutchings
2018-03-12 3:03 ` Ben Hutchings [this message]
2018-03-12 3:03 ` [PATCH 3.2 021/104] modpost: don't emit section mismatch warnings for compiler optimizations Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 055/104] x86/asm: Make asm/alternative.h safe from assembly Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 078/104] x86/nospec: Fix header guards names Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 045/104] x86/cpu: Merge bugs.c and bugs_64.c Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 039/104] x86/cpu: Factor out application of forced CPU caps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 006/104] Turn off -Wmaybe-uninitialized when building with -Os Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 103/104] x86: fix build warnign with 32-bit PAE Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 011/104] Removed unused typedef to avoid "unused local typedef" warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 053/104] x86/cpu/AMD: Make LFENCE a serializing instruction Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 027/104] kconfig: fix IS_ENABLED to not require all options to be defined Ben Hutchings
2018-03-12 14:54 ` [PATCH 3.2 000/104] 3.2.101-rc1 review Guenter Roeck
2018-03-12 19:53 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=lsq.1520823814.529333574@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=arjan@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dwmw@amazon.co.uk \
--cc=gregkh@linux-foundation.org \
--cc=karahmed@amazon.de \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tim.c.chen@linux.intel.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox