projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 14f9643 5a15d83)
Merge tag 'x86_bugs_srso' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
authorLinus Torvalds <torvalds@linux-foundation.org>
Mon, 7 Aug 2023 23:35:44 +0000 (16:35 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Mon, 7 Aug 2023 23:35:44 +0000 (16:35 -0700)
Pull x86/srso fixes from Borislav Petkov:
 "Add a mitigation for the speculative RAS (Return Address Stack)
  overflow vulnerability on AMD processors.

  In short, this is yet another issue where userspace poisons a
  microarchitectural structure which can then be used to leak privileged
  information through a side channel"

* tag 'x86_bugs_srso' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/srso: Tie SBPB bit setting to microcode patch detection
  x86/srso: Add a forgotten NOENDBR annotation
  x86/srso: Fix return thunks in generated code
  x86/srso: Add IBPB on VMEXIT
  x86/srso: Add IBPB
  x86/srso: Add SRSO_NO support
  x86/srso: Add IBPB_BRTYPE support
  x86/srso: Add a Speculative RAS Overflow mitigation
  x86/bugs: Increase the x86 bugs vector size to two u32s

1  2 
arch/x86/include/asm/msr-index.h patch | diff1 | diff2 | blob | history
arch/x86/kernel/cpu/amd.c patch | diff1 | diff2 | blob | history
arch/x86/kernel/cpu/bugs.c patch | diff1 | diff2 | blob | history
arch/x86/kernel/cpu/common.c patch | diff1 | diff2 | blob | history
arch/x86/kvm/svm/svm.c patch | diff1 | diff2 | blob | history

diff --cc arch/x86/include/asm/msr-index.h
Simple merge
diff --cc arch/x86/kernel/cpu/amd.c
index 26ad7ca,41e10c2..1e1e253
--- 1/arch/x86/kernel/cpu/amd.c
--- 2/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@@ -1279,14 -1236,21 +1279,33 @@@ u32 amd_get_highest_perf(void
  }
  EXPORT_SYMBOL_GPL(amd_get_highest_perf);
  
 +static void zenbleed_check_cpu(void *unused)
 +{
 +      struct cpuinfo_x86 *c = &cpu_data(smp_processor_id());
 +
 +      zenbleed_check(c);
 +}
 +
 +void amd_check_microcode(void)
 +{
 +      on_each_cpu(zenbleed_check_cpu, NULL, 1);
 +}
++
+ bool cpu_has_ibpb_brtype_microcode(void)
+ {
+       switch (boot_cpu_data.x86) {
+       /* Zen1/2 IBPB flushes branch type predictions too. */
+       case 0x17:
+               return boot_cpu_has(X86_FEATURE_AMD_IBPB);
+       case 0x19:
+               /* Poke the MSR bit on Zen3/4 to check its presence. */
+               if (!wrmsrl_safe(MSR_IA32_PRED_CMD, PRED_CMD_SBPB)) {
+                       setup_force_cpu_cap(X86_FEATURE_SBPB);
+                       return true;
+               } else {
+                       return false;
+               }
+       default:
+               return false;
+       }
+ }
diff --cc arch/x86/kernel/cpu/bugs.c
Simple merge
diff --cc arch/x86/kernel/cpu/common.c
Simple merge
diff --cc arch/x86/kvm/svm/svm.c
Simple merge
Domain: System / Kernel;