kernel / kernel-source

Clone
Source Code
GIT

Blame patches.suse/x86-bugs-Do-IBPB-fallback-check-only-once.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   888eddd4fd1e487559f6a6cf1b44bfe17b8ae897
  2.   patches.suse
  3.   x86-bugs-Do-IBPB-fallback-check-only-once.patch
Blob History Raw
Borislav Petkov ce4a75 
From: Josh Poimboeuf <jpoimboe@kernel.org>
Borislav Petkov ce4a75 
Date: Tue, 14 Jun 2022 15:07:19 -0700
Borislav Petkov ce4a75 
Subject: x86/bugs: Do IBPB fallback check only once
Borislav Petkov ce4a75 
Git-commit: 0fe4aeea9c01baabecc8c3afc7889c809d939bc2
Borislav Petkov d06c64 
Patch-mainline: v5.19-rc4
Borislav Petkov ce4a75 
References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
Borislav Petkov ce4a75
Borislav Petkov ce4a75 
When booting with retbleed=auto, if the kernel wasn't built with
Borislav Petkov ce4a75 
CONFIG_CC_HAS_RETURN_THUNK, the mitigation falls back to IBPB.  Make
Borislav Petkov ce4a75 
sure a warning is printed in that case.  The IBPB fallback check is done
Borislav Petkov ce4a75 
twice, but it really only needs to be done once.
Borislav Petkov ce4a75
Borislav Petkov ce4a75 
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Borislav Petkov ce4a75 
Signed-off-by: Borislav Petkov <bp@suse.de>
Borislav Petkov ce4a75 
---
Borislav Petkov ce4a75 
 arch/x86/kernel/cpu/bugs.c | 15 +++++----------
Borislav Petkov ce4a75 
 1 file changed, 5 insertions(+), 10 deletions(-)
Borislav Petkov ce4a75
Borislav Petkov ce4a75 
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
Borislav Petkov ce4a75 
index 04077d13b3ae..108bd74289c5 100644
Borislav Petkov ce4a75 
--- a/arch/x86/kernel/cpu/bugs.c
Borislav Petkov ce4a75 
+++ b/arch/x86/kernel/cpu/bugs.c
Borislav Petkov ce4a75 
@@ -891,18 +891,13 @@ static void __init retbleed_select_mitigation(void)
Borislav Petkov ce4a75 
 	case RETBLEED_CMD_AUTO:
Borislav Petkov ce4a75 
 	default:
Borislav Petkov ce4a75 
 		if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
Borislav Petkov ce4a75 
-		    boot_cpu_data.x86_vendor == X86_VENDOR_HYGON) {
Borislav Petkov ce4a75 
-
Borislav Petkov ce4a75 
-			if (IS_ENABLED(CONFIG_RETPOLINE) &&
Borislav Petkov ce4a75 
-			    IS_ENABLED(CONFIG_CC_HAS_RETURN_THUNK))
Borislav Petkov ce4a75 
-				retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
Borislav Petkov ce4a75 
-			else
Borislav Petkov ce4a75 
-				retbleed_mitigation = RETBLEED_MITIGATION_IBPB;
Borislav Petkov ce4a75 
-		}
Borislav Petkov ce4a75 
+		    boot_cpu_data.x86_vendor == X86_VENDOR_HYGON)
Borislav Petkov ce4a75 
+			retbleed_mitigation = RETBLEED_MITIGATION_UNRET;
Borislav Petkov ce4a75
Borislav Petkov ce4a75 
 		/*
Borislav Petkov ce4a75 
-		 * The Intel mitigation (IBRS) was already selected in
Borislav Petkov ce4a75 
-		 * spectre_v2_select_mitigation().
Borislav Petkov ce4a75 
+		 * The Intel mitigation (IBRS or eIBRS) was already selected in
Borislav Petkov ce4a75 
+		 * spectre_v2_select_mitigation().  'retbleed_mitigation' will
Borislav Petkov ce4a75 
+		 * be set accordingly below.
Borislav Petkov ce4a75 
 		 */
Borislav Petkov ce4a75
Borislav Petkov ce4a75 
 		break;
Borislav Petkov ce4a75
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.