Commit d80825ee authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86_bugs_for_v6.14_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 CPU speculation update from Borislav Petkov:

 - Add support for AMD hardware which is not affected by SRSO on the
   user/kernel attack vector and advertise it to guest userspace

* tag 'x86_bugs_for_v6.14_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace
  x86/bugs: Add SRSO_USER_KERNEL_NO support
parents 0763dd89 716f86b5

arch/x86/include/asm/cpufeatures.h

+1 −0
Original line number Diff line number Diff line
@@ -465,6 +465,7 @@ 
#define X86_FEATURE_SBPB		(20*32+27) /* Selective Branch Prediction Barrier */

#define X86_FEATURE_IBPB_BRTYPE		(20*32+28) /* MSR_PRED_CMD[IBPB] flushes all branch type predictions */

#define X86_FEATURE_SRSO_NO		(20*32+29) /* CPU is not affected by SRSO */

#define X86_FEATURE_SRSO_USER_KERNEL_NO	(20*32+30) /* CPU is not affected by SRSO across user/kernel boundaries */



/*

 * Extended auxiliary flags: Linux defined - for features scattered in various

arch/x86/kernel/cpu/bugs.c

+4 −0
Original line number Diff line number Diff line
@@ -2615,6 +2615,9 @@ static void __init srso_select_mitigation(void) 
		break;



	case SRSO_CMD_SAFE_RET:

		if (boot_cpu_has(X86_FEATURE_SRSO_USER_KERNEL_NO))

			goto ibpb_on_vmexit;



		if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) {

			/*

			 * Enable the return thunk for generated code
@@ -2658,6 +2661,7 @@ static void __init srso_select_mitigation(void) 
		}

		break;



ibpb_on_vmexit:

	case SRSO_CMD_IBPB_ON_VMEXIT:

		if (IS_ENABLED(CONFIG_MITIGATION_SRSO)) {

			if (!boot_cpu_has(X86_FEATURE_ENTRY_IBPB) && has_microcode) {

arch/x86/kernel/cpu/common.c

+1 −0
Original line number Diff line number Diff line
@@ -1270,6 +1270,7 @@ static const struct x86_cpu_id cpu_vuln_blacklist[] __initconst = { 
	VULNBL_AMD(0x17, RETBLEED | SMT_RSB | SRSO),

	VULNBL_HYGON(0x18, RETBLEED | SMT_RSB | SRSO),

	VULNBL_AMD(0x19, SRSO),

	VULNBL_AMD(0x1a, SRSO),

	{}

};

arch/x86/kvm/cpuid.c

+1 −1
Original line number Diff line number Diff line
@@ -821,7 +821,7 @@ void kvm_set_cpu_caps(void) 
	kvm_cpu_cap_mask(CPUID_8000_0021_EAX,

		F(NO_NESTED_DATA_BP) | F(LFENCE_RDTSC) | 0 /* SmmPgCfgLock */ |

		F(NULL_SEL_CLR_BASE) | F(AUTOIBRS) | 0 /* PrefetchCtlMsr */ |

		F(WRMSR_XX_BASE_NS)

		F(WRMSR_XX_BASE_NS) | F(SRSO_USER_KERNEL_NO)

	);



	kvm_cpu_cap_check_and_set(X86_FEATURE_SBPB);