Commit 4589f199 authored by Ingo Molnar's avatar Ingo Molnar
Browse files

Merge branch 'x86/bugs' into x86/core, to pick up pending changes before dependent patches 



Merge in pending alternatives patching infrastructure changes, before
applying more patches.

Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parents 03c11eb3 4461438a

Documentation/admin-guide/hw-vuln/spectre.rst

+4 −4
Original line number Diff line number Diff line
@@ -473,8 +473,8 @@ Spectre variant 2 
   -mindirect-branch=thunk-extern -mindirect-branch-register options.

   If the kernel is compiled with a Clang compiler, the compiler needs

   to support -mretpoline-external-thunk option.  The kernel config

   CONFIG_RETPOLINE needs to be turned on, and the CPU needs to run with

   the latest updated microcode.

   CONFIG_MITIGATION_RETPOLINE needs to be turned on, and the CPU needs

   to run with the latest updated microcode.



   On Intel Skylake-era systems the mitigation covers most, but not all,

   cases. See :ref:`[3] <spec_ref3>` for more details.
@@ -609,8 +609,8 @@ kernel command line. 
		Selecting 'on' will, and 'auto' may, choose a

		mitigation method at run time according to the

		CPU, the available microcode, the setting of the

		CONFIG_RETPOLINE configuration option, and the

		compiler with which the kernel was built.

		CONFIG_MITIGATION_RETPOLINE configuration option,

		and the compiler with which the kernel was built.



		Selecting 'on' will also enable the mitigation

		against user space to user space task attacks.

Documentation/admin-guide/kernel-parameters.txt

+2 −2
Original line number Diff line number Diff line
@@ -6027,8 +6027,8 @@ 
			Selecting 'on' will, and 'auto' may, choose a

			mitigation method at run time according to the

			CPU, the available microcode, the setting of the

			CONFIG_RETPOLINE configuration option, and the

			compiler with which the kernel was built.

			CONFIG_MITIGATION_RETPOLINE configuration option,

			and the compiler with which the kernel was built.



			Selecting 'on' will also enable the mitigation

			against user space to user space task attacks.

Documentation/arch/x86/pti.rst

+3 −3
Original line number Diff line number Diff line
@@ -26,9 +26,9 @@ comments in pti.c). 


This approach helps to ensure that side-channel attacks leveraging

the paging structures do not function when PTI is enabled.  It can be

enabled by setting CONFIG_PAGE_TABLE_ISOLATION=y at compile time.

Once enabled at compile-time, it can be disabled at boot with the

'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).

enabled by setting CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=y at compile

time.  Once enabled at compile-time, it can be disabled at boot with

the 'nopti' or 'pti=' kernel parameters (see kernel-parameters.txt).



Page Table Management

=====================

arch/x86/Kconfig

+16 −16
Original line number Diff line number Diff line
@@ -2477,12 +2477,12 @@ config CALL_PADDING 


config FINEIBT

	def_bool y

	depends on X86_KERNEL_IBT && CFI_CLANG && RETPOLINE

	depends on X86_KERNEL_IBT && CFI_CLANG && MITIGATION_RETPOLINE

	select CALL_PADDING



config HAVE_CALL_THUNKS

	def_bool y

	depends on CC_HAS_ENTRY_PADDING && RETHUNK && OBJTOOL

	depends on CC_HAS_ENTRY_PADDING && MITIGATION_RETHUNK && OBJTOOL



config CALL_THUNKS

	def_bool n
@@ -2504,7 +2504,7 @@ menuconfig SPECULATION_MITIGATIONS 


if SPECULATION_MITIGATIONS



config PAGE_TABLE_ISOLATION

config MITIGATION_PAGE_TABLE_ISOLATION

	bool "Remove the kernel mapping in user mode"

	default y

	depends on (X86_64 || X86_PAE)
@@ -2515,7 +2515,7 @@ config PAGE_TABLE_ISOLATION 


	  See Documentation/arch/x86/pti.rst for more details.



config RETPOLINE

config MITIGATION_RETPOLINE

	bool "Avoid speculative indirect branches in kernel"

	select OBJTOOL if HAVE_OBJTOOL

	default y
@@ -2525,9 +2525,9 @@ config RETPOLINE 
	  branches. Requires a compiler with -mindirect-branch=thunk-extern

	  support for full protection. The kernel may run slower.



config RETHUNK

config MITIGATION_RETHUNK

	bool "Enable return-thunks"

	depends on RETPOLINE && CC_HAS_RETURN_THUNK

	depends on MITIGATION_RETPOLINE && CC_HAS_RETURN_THUNK

	select OBJTOOL if HAVE_OBJTOOL

	default y if X86_64

	help
@@ -2536,14 +2536,14 @@ config RETHUNK 
	  Requires a compiler with -mfunction-return=thunk-extern

	  support for full protection. The kernel may run slower.



config CPU_UNRET_ENTRY

config MITIGATION_UNRET_ENTRY

	bool "Enable UNRET on kernel entry"

	depends on CPU_SUP_AMD && RETHUNK && X86_64

	depends on CPU_SUP_AMD && MITIGATION_RETHUNK && X86_64

	default y

	help

	  Compile the kernel with support for the retbleed=unret mitigation.



config CALL_DEPTH_TRACKING

config MITIGATION_CALL_DEPTH_TRACKING

	bool "Mitigate RSB underflow with call depth tracking"

	depends on CPU_SUP_INTEL && HAVE_CALL_THUNKS

	select HAVE_DYNAMIC_FTRACE_NO_PATCHABLE
@@ -2563,7 +2563,7 @@ config CALL_DEPTH_TRACKING 


config CALL_THUNKS_DEBUG

	bool "Enable call thunks and call depth tracking debugging"

	depends on CALL_DEPTH_TRACKING

	depends on MITIGATION_CALL_DEPTH_TRACKING

	select FUNCTION_ALIGNMENT_32B

	default n

	help
@@ -2574,14 +2574,14 @@ config CALL_THUNKS_DEBUG 
	  Only enable this when you are debugging call thunks as this

	  creates a noticeable runtime overhead. If unsure say N.



config CPU_IBPB_ENTRY

config MITIGATION_IBPB_ENTRY

	bool "Enable IBPB on kernel entry"

	depends on CPU_SUP_AMD && X86_64

	default y

	help

	  Compile the kernel with support for the retbleed=ibpb mitigation.



config CPU_IBRS_ENTRY

config MITIGATION_IBRS_ENTRY

	bool "Enable IBRS on kernel entry"

	depends on CPU_SUP_INTEL && X86_64

	default y
@@ -2590,14 +2590,14 @@ config CPU_IBRS_ENTRY 
	  This mitigates both spectre_v2 and retbleed at great cost to

	  performance.



config CPU_SRSO

config MITIGATION_SRSO

	bool "Mitigate speculative RAS overflow on AMD"

	depends on CPU_SUP_AMD && X86_64 && RETHUNK

	depends on CPU_SUP_AMD && X86_64 && MITIGATION_RETHUNK

	default y

	help

	  Enable the SRSO mitigation needed on AMD Zen1-4 machines.



config SLS

config MITIGATION_SLS

	bool "Mitigate Straight-Line-Speculation"

	depends on CC_HAS_SLS && X86_64

	select OBJTOOL if HAVE_OBJTOOL
@@ -2607,7 +2607,7 @@ config SLS 
	  against straight line speculation. The kernel image might be slightly

	  larger.



config GDS_FORCE_MITIGATION

config MITIGATION_GDS_FORCE

	bool "Force GDS Mitigation"

	depends on CPU_SUP_INTEL

	default n

arch/x86/Makefile

+4 −4
Original line number Diff line number Diff line
@@ -22,7 +22,7 @@ RETPOLINE_VDSO_CFLAGS := -mretpoline 
endif

RETPOLINE_CFLAGS	+= $(call cc-option,-mindirect-branch-cs-prefix)



ifdef CONFIG_RETHUNK

ifdef CONFIG_MITIGATION_RETHUNK

RETHUNK_CFLAGS		:= -mfunction-return=thunk-extern

RETPOLINE_CFLAGS	+= $(RETHUNK_CFLAGS)

endif
@@ -192,7 +192,7 @@ KBUILD_CFLAGS += -Wno-sign-compare 
KBUILD_CFLAGS += -fno-asynchronous-unwind-tables



# Avoid indirect branches in kernel to deal with Spectre

ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

  KBUILD_CFLAGS += $(RETPOLINE_CFLAGS)

  # Additionally, avoid generating expensive indirect jumps which

  # are subject to retpolines for small number of switch cases.
@@ -205,7 +205,7 @@ ifdef CONFIG_RETPOLINE 
  endif

endif



ifdef CONFIG_SLS

ifdef CONFIG_MITIGATION_SLS

  KBUILD_CFLAGS += -mharden-sls=all

endif
@@ -301,7 +301,7 @@ vdso-install-$(CONFIG_IA32_EMULATION) += arch/x86/entry/vdso/vdso32.so.dbg 


archprepare: checkbin

checkbin:

ifdef CONFIG_RETPOLINE

ifdef CONFIG_MITIGATION_RETPOLINE

ifeq ($(RETPOLINE_CFLAGS),)

	@echo "You are building kernel with non-retpoline compiler." >&2

	@echo "Please update your compiler." >&2