| Message ID | 20180209170835.GB4572@brain |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,xenial] retpoline/IBPB combined mitigation | expand |
On 09/02/18 17:08, Andy Whitcroft wrote: > The previous retpoline update dropped IBPB support. This would reduce our > protection for userspace/VMs. This patch kit reinstates that protection > and uses it in combination with retpoline where each is available. Note > that IBPB support is dependent on having microcode for your CPU which > supports it. > > Proposing for SRU to xenial. > > -apw > > The following changes since commit 0d65082c299f05f6d3d9a5d37e033e162337b881: > > UBUNTU: Ubuntu-4.4.0-113.136 (2018-02-07 16:08:01 +0000) > > are available in the Git repository at: > > https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/xenial-speculation-control-intel > > for you to fetch changes up to a828947db96c16f224bf3e040f9e5e8b770dc497: > > UBUNTU: SAUCE: turn off IBPB when full retpoline is present (2018-02-09 14:36:13 +0000) > > ---------------------------------------------------------------- > * CVE-2017-5715 (Spectre v2 Intel) > - SAUCE: drop lingering gmb() macro > - x86/feature: Enable the x86 feature to control Speculation > - x86/feature: Report presence of IBPB and IBRS control > - x86/enter: MACROS to set/clear IBRS and set IBPB > - x86/enter: Use IBRS on syscall and interrupts > - x86/idle: Disable IBRS entering idle and enable it on wakeup > - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup > - x86/mm: Set IBPB upon context switch > - x86/mm: Only set IBPB when the new thread cannot ptrace current thread > - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm > - x86/kvm: Set IBPB when switching VM > - x86/kvm: Toggle IBRS on VM entry and exit > - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature > - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control > - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR > - x86/cpu/AMD: Add speculative control support for AMD > - x86/microcode: Extend post microcode reload to support IBPB feature > - KVM: SVM: Do not intercept new speculative control MSRs > - x86/svm: Set IBRS value on VM entry and exit > - x86/svm: Set IBPB when running a different VCPU > - KVM: x86: Add speculative control CPUID support for guests > - SAUCE: Fix spec_ctrl support in KVM > - SAUCE: turn off IBPB when full retpoline is present > I've tested these and didn't see any regressions. Acked-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com> On Fri, Feb 09, 2018 at 05:08:35PM +0000, Andy Whitcroft wrote: > The previous retpoline update dropped IBPB support. This would reduce our > protection for userspace/VMs. This patch kit reinstates that protection > and uses it in combination with retpoline where each is available. Note > that IBPB support is dependent on having microcode for your CPU which > supports it. > > Proposing for SRU to xenial. > > -apw > > The following changes since commit 0d65082c299f05f6d3d9a5d37e033e162337b881: > > UBUNTU: Ubuntu-4.4.0-113.136 (2018-02-07 16:08:01 +0000) > > are available in the Git repository at: > > https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/xenial-speculation-control-intel > > for you to fetch changes up to a828947db96c16f224bf3e040f9e5e8b770dc497: > > UBUNTU: SAUCE: turn off IBPB when full retpoline is present (2018-02-09 14:36:13 +0000) > > ---------------------------------------------------------------- > * CVE-2017-5715 (Spectre v2 Intel) > - SAUCE: drop lingering gmb() macro > - x86/feature: Enable the x86 feature to control Speculation > - x86/feature: Report presence of IBPB and IBRS control > - x86/enter: MACROS to set/clear IBRS and set IBPB > - x86/enter: Use IBRS on syscall and interrupts > - x86/idle: Disable IBRS entering idle and enable it on wakeup > - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup > - x86/mm: Set IBPB upon context switch > - x86/mm: Only set IBPB when the new thread cannot ptrace current thread > - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm > - x86/kvm: Set IBPB when switching VM > - x86/kvm: Toggle IBRS on VM entry and exit > - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature > - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control > - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR > - x86/cpu/AMD: Add speculative control support for AMD > - x86/microcode: Extend post microcode reload to support IBPB feature > - KVM: SVM: Do not intercept new speculative control MSRs > - x86/svm: Set IBRS value on VM entry and exit > - x86/svm: Set IBPB when running a different VCPU > - KVM: x86: Add speculative control CPUID support for guests > - SAUCE: Fix spec_ctrl support in KVM > - SAUCE: turn off IBPB when full retpoline is present > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
Applied to xenial/master-next On 2018-02-09 17:08:35 , Andy Whitcroft wrote: > The previous retpoline update dropped IBPB support. This would reduce our > protection for userspace/VMs. This patch kit reinstates that protection > and uses it in combination with retpoline where each is available. Note > that IBPB support is dependent on having microcode for your CPU which > supports it. > > Proposing for SRU to xenial. > > -apw > > The following changes since commit 0d65082c299f05f6d3d9a5d37e033e162337b881: > > UBUNTU: Ubuntu-4.4.0-113.136 (2018-02-07 16:08:01 +0000) > > are available in the Git repository at: > > https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/xenial-speculation-control-intel > > for you to fetch changes up to a828947db96c16f224bf3e040f9e5e8b770dc497: > > UBUNTU: SAUCE: turn off IBPB when full retpoline is present (2018-02-09 14:36:13 +0000) > > ---------------------------------------------------------------- > * CVE-2017-5715 (Spectre v2 Intel) > - SAUCE: drop lingering gmb() macro > - x86/feature: Enable the x86 feature to control Speculation > - x86/feature: Report presence of IBPB and IBRS control > - x86/enter: MACROS to set/clear IBRS and set IBPB > - x86/enter: Use IBRS on syscall and interrupts > - x86/idle: Disable IBRS entering idle and enable it on wakeup > - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup > - x86/mm: Set IBPB upon context switch > - x86/mm: Only set IBPB when the new thread cannot ptrace current thread > - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm > - x86/kvm: Set IBPB when switching VM > - x86/kvm: Toggle IBRS on VM entry and exit > - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature > - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control > - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR > - x86/cpu/AMD: Add speculative control support for AMD > - x86/microcode: Extend post microcode reload to support IBPB feature > - KVM: SVM: Do not intercept new speculative control MSRs > - x86/svm: Set IBRS value on VM entry and exit > - x86/svm: Set IBPB when running a different VCPU > - KVM: x86: Add speculative control CPUID support for guests > - SAUCE: Fix spec_ctrl support in KVM > - SAUCE: turn off IBPB when full retpoline is present > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
The previous retpoline update dropped IBPB support. This would reduce our protection for userspace/VMs. This patch kit reinstates that protection and uses it in combination with retpoline where each is available. Note that IBPB support is dependent on having microcode for your CPU which supports it. Proposing for SRU to xenial. -apw The following changes since commit 0d65082c299f05f6d3d9a5d37e033e162337b881: UBUNTU: Ubuntu-4.4.0-113.136 (2018-02-07 16:08:01 +0000) are available in the Git repository at: https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/xenial-speculation-control-intel for you to fetch changes up to a828947db96c16f224bf3e040f9e5e8b770dc497: UBUNTU: SAUCE: turn off IBPB when full retpoline is present (2018-02-09 14:36:13 +0000) ---------------------------------------------------------------- * CVE-2017-5715 (Spectre v2 Intel) - SAUCE: drop lingering gmb() macro - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - SAUCE: Fix spec_ctrl support in KVM - SAUCE: turn off IBPB when full retpoline is present