Commit 05017fed authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86_urgent_for_v5.19_rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 fixes from Borislav Petkov:
 "A couple more retbleed fallout fixes.

  It looks like their urgency is decreasing so it seems like we've
  managed to catch whatever snafus the limited -rc testing has exposed.
  Maybe we're getting ready... :)

   - Make retbleed mitigations 64-bit only (32-bit will need a bit more
     work if even needed, at all).

   - Prevent return thunks patching of the LKDTM modules as it is not
     needed there

   - Avoid writing the SPEC_CTRL MSR on every kernel entry on eIBRS
     parts

   - Enhance error output of apply_returns() when it fails to patch a
     return thunk

   - A sparse fix to the sev-guest module

   - Protect EFI fw calls by issuing an IBPB on AMD"

* tag 'x86_urgent_for_v5.19_rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/speculation: Make all RETbleed mitigations 64-bit only
  lkdtm: Disable return thunks in rodata.c
  x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
  x86/alternative: Report missing return thunk details
  virt: sev-guest: Pass the appropriate argument type to iounmap()
  x86/amd: Use IBPB for firmware calls
parents 714b82c1 b648ab48

arch/x86/Kconfig

+4 −4
Original line number Diff line number Diff line
@@ -2474,7 +2474,7 @@ config RETHUNK 
	bool "Enable return-thunks"

	depends on RETPOLINE && CC_HAS_RETURN_THUNK

	select OBJTOOL if HAVE_OBJTOOL

	default y

	default y if X86_64

	help

	  Compile the kernel with the return-thunks compiler option to guard

	  against kernel-to-user data leaks by avoiding return speculation.
@@ -2483,21 +2483,21 @@ config RETHUNK 


config CPU_UNRET_ENTRY

	bool "Enable UNRET on kernel entry"

	depends on CPU_SUP_AMD && RETHUNK

	depends on CPU_SUP_AMD && RETHUNK && X86_64

	default y

	help

	  Compile the kernel with support for the retbleed=unret mitigation.



config CPU_IBPB_ENTRY

	bool "Enable IBPB on kernel entry"

	depends on CPU_SUP_AMD

	depends on CPU_SUP_AMD && X86_64

	default y

	help

	  Compile the kernel with support for the retbleed=ibpb mitigation.



config CPU_IBRS_ENTRY

	bool "Enable IBRS on kernel entry"

	depends on CPU_SUP_INTEL

	depends on CPU_SUP_INTEL && X86_64

	default y

	help

	  Compile the kernel with support for the spectre_v2=ibrs mitigation.

arch/x86/Makefile

+1 −0
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ RETHUNK_CFLAGS := -mfunction-return=thunk-extern 
RETPOLINE_CFLAGS	+= $(RETHUNK_CFLAGS)

endif



export RETHUNK_CFLAGS

export RETPOLINE_CFLAGS

export RETPOLINE_VDSO_CFLAGS

arch/x86/include/asm/cpufeatures.h

+1 −0
Original line number Diff line number Diff line
@@ -302,6 +302,7 @@ 
#define X86_FEATURE_RETPOLINE_LFENCE	(11*32+13) /* "" Use LFENCE for Spectre variant 2 */

#define X86_FEATURE_RETHUNK		(11*32+14) /* "" Use REturn THUNK */

#define X86_FEATURE_UNRET		(11*32+15) /* "" AMD BTB untrain return */

#define X86_FEATURE_USE_IBPB_FW		(11*32+16) /* "" Use IBPB during runtime firmware calls */



/* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */

#define X86_FEATURE_AVX_VNNI		(12*32+ 4) /* AVX VNNI instructions */

arch/x86/include/asm/nospec-branch.h

+2 −0
Original line number Diff line number Diff line
@@ -297,6 +297,8 @@ do { \ 
	alternative_msr_write(MSR_IA32_SPEC_CTRL,			\

			      spec_ctrl_current() | SPEC_CTRL_IBRS,	\

			      X86_FEATURE_USE_IBRS_FW);			\

	alternative_msr_write(MSR_IA32_PRED_CMD, PRED_CMD_IBPB,		\

			      X86_FEATURE_USE_IBPB_FW);			\

} while (0)



#define firmware_restrict_branch_speculation_end()			\

arch/x86/kernel/alternative.c

+3 −1
Original line number Diff line number Diff line
@@ -555,7 +555,9 @@ void __init_or_module noinline apply_returns(s32 *start, s32 *end) 
			dest = addr + insn.length + insn.immediate.value;



		if (__static_call_fixup(addr, op, dest) ||

		    WARN_ON_ONCE(dest != &__x86_return_thunk))

		    WARN_ONCE(dest != &__x86_return_thunk,

			      "missing return thunk: %pS-%pS: %*ph",

			      addr, dest, 5, addr))

			continue;



		DPRINTK("return thunk at: %pS (%px) len: %d to: %pS",