Merge v6.8-rc6 into usb-next

Serge Hallyn <sergeh@kernel.org> <serge.hallyn@canonical.com>

Serge Hallyn <sergeh@kernel.org> <serue@us.ibm.com>

Seth Forshee <sforshee@kernel.org> <seth.forshee@canonical.com>

Shakeel Butt <shakeel.butt@linux.dev> <shakeelb@google.com>

Shannon Nelson <shannon.nelson@amd.com> <snelson@pensando.io>

Shannon Nelson <shannon.nelson@amd.com> <shannon.nelson@intel.com>

Shannon Nelson <shannon.nelson@amd.com> <shannon.nelson@oracle.com>

    mds_clear_cpu_buffers()

Also macro CLEAR_CPU_BUFFERS can be used in ASM late in exit-to-user path.

Other than CFLAGS.ZF, this macro doesn't clobber any registers.

The mitigation is invoked on kernel/userspace, hypervisor/guest and C-state

(idle) transitions.

   When transitioning from kernel to user space the CPU buffers are flushed

   on affected CPUs when the mitigation is not disabled on the kernel

   command line. The migitation is enabled through the static key

   mds_user_clear.

   The mitigation is invoked in prepare_exit_to_usermode() which covers

   all but one of the kernel to user space transitions.  The exception

   is when we return from a Non Maskable Interrupt (NMI), which is

   handled directly in do_nmi().

   (The reason that NMI is special is that prepare_exit_to_usermode() can

    enable IRQs.  In NMI context, NMIs are blocked, and we don't want to

    enable IRQs with NMIs blocked.)

   command line. The mitigation is enabled through the feature flag

   X86_FEATURE_CLEAR_CPU_BUF.

   The mitigation is invoked just before transitioning to userspace after

   user registers are restored. This is done to minimize the window in

   which kernel data could be accessed after VERW e.g. via an NMI after

   VERW.

   **Corner case not handled**

   Interrupts returning to kernel don't clear CPUs buffers since the

   exit-to-user path is expected to do that anyways. But, there could be

   a case when an NMI is generated in kernel after the exit-to-user path

   has cleared the buffers. This case is not handled and NMI returning to

   kernel don't clear CPU buffers because:

   1. It is rare to get an NMI after VERW, but before returning to userspace.

   2. For an unprivileged user, there is no known way to make that NMI

      less rare or target it.

   3. It would take a large number of these precisely-timed NMIs to mount

      an actual attack.  There's presumably not enough bandwidth.

   4. The NMI in question occurs after a VERW, i.e. when user state is

      restored and most interesting data is already scrubbed. Whats left

      is only the data that NMI touches, and that may or may not be of

      any interest.

2. C-State transition

        verbatimhintsturnover=false,

    ''',

    #

    # Some of our authors are fond of deep nesting; tell latex to

    # cope.

    #

    'maxlistdepth': '10',

    # For CJK One-half spacing, need to be in front of hyperref

    'extrapackages': r'\usepackage{setspace}',

        clock-names:

          items:

            - const: dout_cmu_misc_bus

            - const: dout_cmu_misc_sss

            - const: bus

            - const: sss

additionalProperties: false

Checks in patchwork are mostly simple wrappers around existing kernel

scripts, the sources are available at:

https://github.com/kuba-moo/nipa/tree/master/tests

https://github.com/linux-netdev/nipa/tree/master/tests

**Do not** post your patches just to run them through the checks.

You must ensure that your patches are ready by testing them locally