From patchwork Tue Oct 9 13:37:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juerg Haefliger X-Patchwork-Id: 981262 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 42Tyvs2s7bz9sBk; Wed, 10 Oct 2018 00:37:29 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1g9sCN-00082M-43; Tue, 09 Oct 2018 13:37:19 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.86_2) (envelope-from ) id 1g9sCL-00081E-TL for kernel-team@lists.ubuntu.com; Tue, 09 Oct 2018 13:37:17 +0000 Received: from mail-ed1-f70.google.com ([209.85.208.70]) by youngberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1g9sCL-0007v6-Lu for kernel-team@lists.ubuntu.com; Tue, 09 Oct 2018 13:37:17 +0000 Received: by mail-ed1-f70.google.com with SMTP id i16-v6so1257025ede.11 for ; Tue, 09 Oct 2018 06:37:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=vvPeBnWdgm+PLONl07dg41EcdT1oEZb9nHKcyqGZaRA=; b=J6cYeYblfMBBZ93E/c/UOzAGCt1puplEjikviNcvQHz9DQaTxLOxLLl3xZMiV4zyo/ H2z8YmF/G7iUkjqbxHmWonXnTyKfNr/zKGo3uEd1hyaWRCO1G1y9cqusRTcKnkQUJcWL XiHWsxOCyw6Wq3SCqaU7rdK5NDyVTyC1EZ9nh0XCGOMhN/DiQR7PfIPoV+X8RwttlQIB vLb+cfpbMjqw2Ij+8bsJafbJWllodiNyKJ1ZN2M40m756W1wklV2s0HGGPAFoeG3KYZI qTDLT+t0PKWTU/xMXAa4mdmNtTPh81r/xs/WAql0FKxeQTwjLY8gL8wQKqeG7nKPPoxZ uinA== X-Gm-Message-State: ABuFfojHmZMesaXOCZTDDznRx4WxsVqNs20XAUsKPsI+uriKsXhtn3C9 q9VW59TkbL5bVrrkxHpoqafgmxTE0BFQv3sJUD9Hv2UO63n221ycTxLcTNbBasKnLb8GInsaHay m/c3/klWAt9XroLtXSkE3ywoKj/Hw9Uwq1/+MYpb73A== X-Received: by 2002:a50:9e26:: with SMTP id z35-v6mr35456494ede.90.1539092236982; Tue, 09 Oct 2018 06:37:16 -0700 (PDT) X-Google-Smtp-Source: ACcGV62Sn5+VhRnORA+sClUsXG2x/rg8xDu/fwNRtaNKN+KKPuE9ewWNBdFpYs3OIi+UE4wQ6oodDg== X-Received: by 2002:a50:9e26:: with SMTP id z35-v6mr35456452ede.90.1539092236695; Tue, 09 Oct 2018 06:37:16 -0700 (PDT) Received: from localhost.localdomain ([81.221.205.149]) by smtp.gmail.com with ESMTPSA id w23sm6063839edv.30.2018.10.09.06.37.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 09 Oct 2018 06:37:15 -0700 (PDT) From: Juerg Haefliger X-Google-Original-From: Juerg Haefliger To: kernel-team@lists.ubuntu.com Subject: [SRU][Trusty][PULL] Cleanup Meltdown/Spectre implementation (LP: #1779848) Date: Tue, 9 Oct 2018 15:37:14 +0200 Message-Id: <20181009133714.32139-1-juergh@canonical.com> X-Mailer: git-send-email 2.17.1 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: juergh@canonical.com MIME-Version: 1.0 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1779848 == SRU Justification == Ubuntu kernels contain Meltdown and Spectre mitigations that are largely based on embargoed patches but what eventually landed in upstream is different in some places. We should clean up the different kernels to bring them closer in line with upstream. == Fix == Add missing upstream patches. == Regression Potential == Medium. The patches have been in upstream for quite a while now and are baked in but some of the backporting is not completely trivial and without risk. == Test Case == TBD. *** BLURB HERE *** Signed-off-by: Juerg Haefliger Acked-by: Stefan Bader Acked-by: Kleber Sacilotto de Souza --- The following changes since commit cefa65a1685282dcbadad7c914d4d8e89428a5eb: UBUNTU: Ubuntu-3.13.0-161.211 (2018-10-03 16:41:43 +0200) are available in the Git repository at: git://git.launchpad.net/~juergh/+git/trusty-linux lp1779848 for you to fetch changes up to 8cccec097d1fb83c610f9dddd47827fb6d3237aa: UBUNTU: SAUCE: x86/speculation: Cleanup IBRS runtime control handling (2018-10-09 10:46:55 +0200) ---------------------------------------------------------------- Arnd Bergmann (1): x86/pti: Mark constant arrays as __initconst Ben Hutchings (1): xen: Add xen_arch_suspend() Borislav Petkov (2): x86/nospec: Fix header guards names x86/bugs: Drop one "mitigation" from dmesg Dan Carpenter (1): x86/spectre: Fix an error message Dave Hansen (1): x86/Documentation: Add PTI description David Woodhouse (5): x86/cpufeatures: Add AMD feature bits for Speculation Control x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support x86/cpufeatures: Clean up Spectre v2 related CPUID flags x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel x86/speculation: Use IBRS if available before calling into firmware Dou Liyang (1): x86/spectre: Check CONFIG_RETPOLINE in command line parser Ingo Molnar (1): x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP Juerg Haefliger (14): Revert "x86/cpu/AMD: Make the LFENCE instruction serialized" UBUNTU: SAUCE: x86/cpufeatures: Reorder spectre-related feature bits UBUNTU: SAUCE: x86/msr: Fix formatting of msr-index.h UBUNTU: SAUCE: x86/msr: Rename MSR spec control feature bits UBUNTU: SAUCE: x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP UBUNTU: SAUCE: x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS UBUNTU: SAUCE: x86/bugs: Fix re-use of SPEC_CTRL MSR boot value UBUNTU: SAUCE: Move SSBD feature detection to common code UBUNTU: SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code UBUNTU: SAUCE: x86/speculation: Query individual feature flags when reloading microcode UBUNTU: SAUCE: x86/pti: Evaluate X86_BUG_CPU_MELTDOWN when pti=auto UBUNTU: SAUCE: x86/speculation: Make use of indirect_branch_prediction_barrier() UBUNTU: SAUCE: x86/speculation: Cleanup IBPB runtime control handling UBUNTU: SAUCE: x86/speculation: Cleanup IBRS runtime control handling Juergen Gross (1): x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend KarimAllah Ahmed (1): x86/spectre: Simplify spectre_v2 command line parsing Tom Lendacky (2): x86/cpu/AMD: Make LFENCE a serializing instruction x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC zhenwei.pi (1): x86/pti: Document fix wrong index Documentation/kernel-parameters.txt | 21 ++-- Documentation/x86/pti.txt | 186 +++++++++++++++++++++++++++++++++ arch/x86/include/asm/apm.h | 6 ++ arch/x86/include/asm/cpufeature.h | 31 ++++-- arch/x86/include/asm/efi.h | 7 ++ arch/x86/include/asm/nospec-branch.h | 62 ++++++++++- arch/x86/include/asm/spec_ctrl.h | 13 ++- arch/x86/include/uapi/asm/msr-index.h | 34 +++--- arch/x86/kernel/acpi/cstate.c | 6 +- arch/x86/kernel/cpu/amd.c | 92 ++++++++-------- arch/x86/kernel/cpu/bugs.c | 169 ++++++++++++++++++++---------- arch/x86/kernel/cpu/common.c | 40 ++++++- arch/x86/kernel/cpu/intel.c | 19 ---- arch/x86/kernel/microcode_core.c | 20 ---- arch/x86/kernel/process.c | 11 +- arch/x86/kernel/smpboot.c | 6 +- arch/x86/kvm/svm.c | 11 +- arch/x86/kvm/vmx.c | 3 +- arch/x86/mm/kaiser.c | 7 +- arch/x86/mm/tlb.c | 5 +- arch/x86/xen/suspend.c | 24 +++++ drivers/xen/manage.c | 9 +- include/linux/smp.h | 87 ---------------- include/xen/xen-ops.h | 1 + kernel/smp.c | 46 -------- kernel/sysctl.c | 191 ++++++++++++++++++++-------------- 26 files changed, 672 insertions(+), 435 deletions(-) create mode 100644 Documentation/x86/pti.txt