kernel-5.18.13-100
* Fri Jul 22 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.13-0] - um: Add missing apply_returns() (Peter Zijlstra) - x86/bugs: Remove apostrophe typo (Kim Phillips) - tools headers cpufeatures: Sync with the kernel sources (Arnaldo Carvalho de Melo) - tools arch x86: Sync the msr-index.h copy with the kernel sources (Arnaldo Carvalho de Melo) - KVM: emulate: do not adjust size of fastop and setcc subroutines (Paolo Bonzini) - x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Thadeu Lima de Souza Cascardo) - efi/x86: use naked RET on mixed mode call wrapper (Thadeu Lima de Souza Cascardo) - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Nathan Chancellor) - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Jiri Slaby) - fedora: Also enable efifb on aarch64 for Nvidia (Javier Martinez Canillas) - Turn on configs for retbleed (Justin M. Forbes) Resolves: Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
This commit is contained in:
parent
da482b38ea
commit
ba3ee622e7
|
@ -1,3 +1,30 @@
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/f014b0b869404c24a955539ae044dae72f639cce
|
||||||
|
f014b0b869404c24a955539ae044dae72f639cce um: Add missing apply_returns()
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/0aabd44e8df94774bcadbd06c88a49257f5b27f3
|
||||||
|
0aabd44e8df94774bcadbd06c88a49257f5b27f3 x86/bugs: Remove apostrophe typo
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/7095e33ea429177c0b44b7194efeb334af5fd897
|
||||||
|
7095e33ea429177c0b44b7194efeb334af5fd897 tools headers cpufeatures: Sync with the kernel sources
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/44a6c2ee845e197336ad8993d9369d11a342b9b3
|
||||||
|
44a6c2ee845e197336ad8993d9369d11a342b9b3 tools arch x86: Sync the msr-index.h copy with the kernel sources
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/d93f9a7a81a4fcfad3c03b2d3aee7f3ce15b73dc
|
||||||
|
d93f9a7a81a4fcfad3c03b2d3aee7f3ce15b73dc KVM: emulate: do not adjust size of fastop and setcc subroutines
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/eda959dfce68b14c64ed2a46be10c3ad190dfec9
|
||||||
|
eda959dfce68b14c64ed2a46be10c3ad190dfec9 x86/kvm: fix FASTOP_SIZE when return thunks are enabled
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/ea3cd1bd63d9f4f574c2859b5b0d8ffabc430bef
|
||||||
|
ea3cd1bd63d9f4f574c2859b5b0d8ffabc430bef efi/x86: use naked RET on mixed mode call wrapper
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/0b667f92cd5ec5d23426696cf698af4464954c8b
|
||||||
|
0b667f92cd5ec5d23426696cf698af4464954c8b x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
|
||||||
|
|
||||||
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/9fb40753adacf689d8bf16ddccafec7a9cb506c0
|
||||||
|
9fb40753adacf689d8bf16ddccafec7a9cb506c0 x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
|
||||||
|
|
||||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/124840092adcbd2b256ecb6ec277d90a52e9ca35
|
"https://gitlab.com/cki-project/kernel-ark/-/commit"/124840092adcbd2b256ecb6ec277d90a52e9ca35
|
||||||
124840092adcbd2b256ecb6ec277d90a52e9ca35 x86/static_call: Serialize __static_call_fixup() properly
|
124840092adcbd2b256ecb6ec277d90a52e9ca35 x86/static_call: Serialize __static_call_fixup() properly
|
||||||
|
|
||||||
|
|
16
kernel.spec
16
kernel.spec
|
@ -122,11 +122,11 @@ Summary: The Linux kernel
|
||||||
# the --with-release option overrides this setting.)
|
# the --with-release option overrides this setting.)
|
||||||
%define debugbuildsenabled 1
|
%define debugbuildsenabled 1
|
||||||
# define buildid .local
|
# define buildid .local
|
||||||
%define specversion 5.18.11
|
%define specversion 5.18.13
|
||||||
%define patchversion 5.18
|
%define patchversion 5.18
|
||||||
%define pkgrelease 100
|
%define pkgrelease 100
|
||||||
%define kversion 5
|
%define kversion 5
|
||||||
%define tarfile_release 5.18.11
|
%define tarfile_release 5.18.13
|
||||||
# This is needed to do merge window version magic
|
# This is needed to do merge window version magic
|
||||||
%define patchlevel 18
|
%define patchlevel 18
|
||||||
# allow pkg_release to have configurable %%{?dist} tag
|
# allow pkg_release to have configurable %%{?dist} tag
|
||||||
|
@ -3034,7 +3034,17 @@ fi
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
* Tue Jul 12 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.11-100]
|
* Fri Jul 22 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.13-0]
|
||||||
|
- um: Add missing apply_returns() (Peter Zijlstra)
|
||||||
|
- x86/bugs: Remove apostrophe typo (Kim Phillips)
|
||||||
|
- tools headers cpufeatures: Sync with the kernel sources (Arnaldo Carvalho de Melo)
|
||||||
|
- tools arch x86: Sync the msr-index.h copy with the kernel sources (Arnaldo Carvalho de Melo)
|
||||||
|
- KVM: emulate: do not adjust size of fastop and setcc subroutines (Paolo Bonzini)
|
||||||
|
- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Thadeu Lima de Souza Cascardo)
|
||||||
|
- efi/x86: use naked RET on mixed mode call wrapper (Thadeu Lima de Souza Cascardo)
|
||||||
|
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Nathan Chancellor)
|
||||||
|
- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Jiri Slaby)
|
||||||
|
- fedora: Also enable efifb on aarch64 for Nvidia (Javier Martinez Canillas)
|
||||||
- Turn on configs for retbleed (Justin M. Forbes)
|
- Turn on configs for retbleed (Justin M. Forbes)
|
||||||
|
|
||||||
* Tue Jul 12 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.11-0]
|
* Tue Jul 12 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.11-0]
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
arch/s390/include/asm/ipl.h | 1 +
|
arch/s390/include/asm/ipl.h | 1 +
|
||||||
arch/s390/kernel/ipl.c | 5 +
|
arch/s390/kernel/ipl.c | 5 +
|
||||||
arch/s390/kernel/setup.c | 4 +
|
arch/s390/kernel/setup.c | 4 +
|
||||||
|
arch/um/kernel/um_arch.c | 4 +
|
||||||
arch/x86/Kconfig | 103 ++++-
|
arch/x86/Kconfig | 103 ++++-
|
||||||
arch/x86/Makefile | 6 +
|
arch/x86/Makefile | 6 +
|
||||||
arch/x86/boot/header.S | 4 +
|
arch/x86/boot/header.S | 4 +
|
||||||
|
@ -22,7 +23,7 @@
|
||||||
arch/x86/include/asm/efi.h | 5 +
|
arch/x86/include/asm/efi.h | 5 +
|
||||||
arch/x86/include/asm/linkage.h | 8 +
|
arch/x86/include/asm/linkage.h | 8 +
|
||||||
arch/x86/include/asm/msr-index.h | 13 +
|
arch/x86/include/asm/msr-index.h | 13 +
|
||||||
arch/x86/include/asm/nospec-branch.h | 68 ++-
|
arch/x86/include/asm/nospec-branch.h | 69 ++-
|
||||||
arch/x86/include/asm/static_call.h | 19 +-
|
arch/x86/include/asm/static_call.h | 19 +-
|
||||||
arch/x86/include/asm/traps.h | 2 +-
|
arch/x86/include/asm/traps.h | 2 +-
|
||||||
arch/x86/include/asm/unwind_hints.h | 14 +-
|
arch/x86/include/asm/unwind_hints.h | 14 +-
|
||||||
|
@ -35,6 +36,7 @@
|
||||||
arch/x86/kernel/cpu/hygon.c | 6 +
|
arch/x86/kernel/cpu/hygon.c | 6 +
|
||||||
arch/x86/kernel/cpu/scattered.c | 1 +
|
arch/x86/kernel/cpu/scattered.c | 1 +
|
||||||
arch/x86/kernel/ftrace.c | 7 +-
|
arch/x86/kernel/ftrace.c | 7 +-
|
||||||
|
arch/x86/kernel/head_32.S | 1 +
|
||||||
arch/x86/kernel/head_64.S | 5 +
|
arch/x86/kernel/head_64.S | 5 +
|
||||||
arch/x86/kernel/module.c | 8 +-
|
arch/x86/kernel/module.c | 8 +-
|
||||||
arch/x86/kernel/process.c | 2 +-
|
arch/x86/kernel/process.c | 2 +-
|
||||||
|
@ -44,7 +46,7 @@
|
||||||
arch/x86/kernel/static_call.c | 51 ++-
|
arch/x86/kernel/static_call.c | 51 ++-
|
||||||
arch/x86/kernel/traps.c | 19 +-
|
arch/x86/kernel/traps.c | 19 +-
|
||||||
arch/x86/kernel/vmlinux.lds.S | 9 +-
|
arch/x86/kernel/vmlinux.lds.S | 9 +-
|
||||||
arch/x86/kvm/emulate.c | 28 +-
|
arch/x86/kvm/emulate.c | 35 +-
|
||||||
arch/x86/kvm/svm/vmenter.S | 18 +
|
arch/x86/kvm/svm/vmenter.S | 18 +
|
||||||
arch/x86/kvm/vmx/capabilities.h | 4 +-
|
arch/x86/kvm/vmx/capabilities.h | 4 +-
|
||||||
arch/x86/kvm/vmx/nested.c | 2 +-
|
arch/x86/kvm/vmx/nested.c | 2 +-
|
||||||
|
@ -58,6 +60,7 @@
|
||||||
arch/x86/lib/retpoline.S | 79 +++-
|
arch/x86/lib/retpoline.S | 79 +++-
|
||||||
arch/x86/mm/mem_encrypt_boot.S | 10 +-
|
arch/x86/mm/mem_encrypt_boot.S | 10 +-
|
||||||
arch/x86/net/bpf_jit_comp.c | 26 +-
|
arch/x86/net/bpf_jit_comp.c | 26 +-
|
||||||
|
arch/x86/platform/efi/efi_thunk_64.S | 5 +-
|
||||||
arch/x86/xen/setup.c | 6 +-
|
arch/x86/xen/setup.c | 6 +-
|
||||||
arch/x86/xen/xen-asm.S | 30 +-
|
arch/x86/xen/xen-asm.S | 30 +-
|
||||||
arch/x86/xen/xen-head.S | 1 +
|
arch/x86/xen/xen-head.S | 1 +
|
||||||
|
@ -105,7 +108,9 @@
|
||||||
security/lockdown/Kconfig | 13 +
|
security/lockdown/Kconfig | 13 +
|
||||||
security/lockdown/lockdown.c | 1 +
|
security/lockdown/lockdown.c | 1 +
|
||||||
security/security.c | 6 +
|
security/security.c | 6 +
|
||||||
tools/arch/x86/include/asm/msr-index.h | 9 +
|
tools/arch/x86/include/asm/cpufeatures.h | 12 +-
|
||||||
|
tools/arch/x86/include/asm/disabled-features.h | 21 +-
|
||||||
|
tools/arch/x86/include/asm/msr-index.h | 13 +
|
||||||
tools/include/linux/objtool.h | 9 +-
|
tools/include/linux/objtool.h | 9 +-
|
||||||
tools/objtool/arch/x86/decode.c | 5 +
|
tools/objtool/arch/x86/decode.c | 5 +
|
||||||
tools/objtool/builtin-check.c | 4 +-
|
tools/objtool/builtin-check.c | 4 +-
|
||||||
|
@ -116,7 +121,7 @@
|
||||||
tools/objtool/include/objtool/elf.h | 1 +
|
tools/objtool/include/objtool/elf.h | 1 +
|
||||||
tools/objtool/include/objtool/objtool.h | 1 +
|
tools/objtool/include/objtool/objtool.h | 1 +
|
||||||
tools/objtool/objtool.c | 1 +
|
tools/objtool/objtool.c | 1 +
|
||||||
118 files changed, 2609 insertions(+), 614 deletions(-)
|
123 files changed, 2656 insertions(+), 622 deletions(-)
|
||||||
|
|
||||||
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
|
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
|
||||||
index c4893782055b..eb92195ca015 100644
|
index c4893782055b..eb92195ca015 100644
|
||||||
|
@ -162,7 +167,7 @@ index c4893782055b..eb92195ca015 100644
|
||||||
Not specifying this option is equivalent to
|
Not specifying this option is equivalent to
|
||||||
spectre_v2=auto.
|
spectre_v2=auto.
|
||||||
diff --git a/Makefile b/Makefile
|
diff --git a/Makefile b/Makefile
|
||||||
index 323032d60ac3..bbb113602cc8 100644
|
index 1f3c753cb28d..89ed649fae1b 100644
|
||||||
--- a/Makefile
|
--- a/Makefile
|
||||||
+++ b/Makefile
|
+++ b/Makefile
|
||||||
@@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
|
@@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
|
||||||
|
@ -260,6 +265,21 @@ index 2cef49983e9e..c50998b4b554 100644
|
||||||
/* Have one command line that is parsed and saved in /proc/cmdline */
|
/* Have one command line that is parsed and saved in /proc/cmdline */
|
||||||
/* boot_command_line has been already set up in early.c */
|
/* boot_command_line has been already set up in early.c */
|
||||||
*cmdline_p = boot_command_line;
|
*cmdline_p = boot_command_line;
|
||||||
|
diff --git a/arch/um/kernel/um_arch.c b/arch/um/kernel/um_arch.c
|
||||||
|
index 0760e24f2eba..9838967d0b2f 100644
|
||||||
|
--- a/arch/um/kernel/um_arch.c
|
||||||
|
+++ b/arch/um/kernel/um_arch.c
|
||||||
|
@@ -432,6 +432,10 @@ void apply_retpolines(s32 *start, s32 *end)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
+void apply_returns(s32 *start, s32 *end)
|
||||||
|
+{
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
void apply_alternatives(struct alt_instr *start, struct alt_instr *end)
|
||||||
|
{
|
||||||
|
}
|
||||||
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
|
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
|
||||||
index b2c65f573353..4d1d87f76a74 100644
|
index b2c65f573353..4d1d87f76a74 100644
|
||||||
--- a/arch/x86/Kconfig
|
--- a/arch/x86/Kconfig
|
||||||
|
@ -1148,10 +1168,18 @@ index 4425d6773183..ad084326f24c 100644
|
||||||
#define MSR_F16H_L2I_PERF_CTL 0xc0010230
|
#define MSR_F16H_L2I_PERF_CTL 0xc0010230
|
||||||
#define MSR_F16H_L2I_PERF_CTR 0xc0010231
|
#define MSR_F16H_L2I_PERF_CTR 0xc0010231
|
||||||
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
|
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
|
||||||
index da251a5645b0..bb05ed4f46bd 100644
|
index da251a5645b0..10a3bfc1eb23 100644
|
||||||
--- a/arch/x86/include/asm/nospec-branch.h
|
--- a/arch/x86/include/asm/nospec-branch.h
|
||||||
+++ b/arch/x86/include/asm/nospec-branch.h
|
+++ b/arch/x86/include/asm/nospec-branch.h
|
||||||
@@ -75,6 +75,23 @@
|
@@ -11,6 +11,7 @@
|
||||||
|
#include <asm/cpufeatures.h>
|
||||||
|
#include <asm/msr-index.h>
|
||||||
|
#include <asm/unwind_hints.h>
|
||||||
|
+#include <asm/percpu.h>
|
||||||
|
|
||||||
|
#define RETPOLINE_THUNK_SIZE 32
|
||||||
|
|
||||||
|
@@ -75,6 +76,23 @@
|
||||||
.popsection
|
.popsection
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
|
@ -1175,7 +1203,7 @@ index da251a5645b0..bb05ed4f46bd 100644
|
||||||
/*
|
/*
|
||||||
* JMP_NOSPEC and CALL_NOSPEC macros can be used instead of a simple
|
* JMP_NOSPEC and CALL_NOSPEC macros can be used instead of a simple
|
||||||
* indirect jmp/call which may be susceptible to the Spectre variant 2
|
* indirect jmp/call which may be susceptible to the Spectre variant 2
|
||||||
@@ -105,10 +122,34 @@
|
@@ -105,10 +123,34 @@
|
||||||
* monstrosity above, manually.
|
* monstrosity above, manually.
|
||||||
*/
|
*/
|
||||||
.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req
|
.macro FILL_RETURN_BUFFER reg:req nr:req ftr:req
|
||||||
|
@ -1211,7 +1239,7 @@ index da251a5645b0..bb05ed4f46bd 100644
|
||||||
#endif
|
#endif
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
@@ -120,17 +161,20 @@
|
@@ -120,17 +162,20 @@
|
||||||
_ASM_PTR " 999b\n\t" \
|
_ASM_PTR " 999b\n\t" \
|
||||||
".popsection\n\t"
|
".popsection\n\t"
|
||||||
|
|
||||||
|
@ -1236,7 +1264,7 @@ index da251a5645b0..bb05ed4f46bd 100644
|
||||||
#ifdef CONFIG_X86_64
|
#ifdef CONFIG_X86_64
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -193,6 +237,7 @@ enum spectre_v2_mitigation {
|
@@ -193,6 +238,7 @@ enum spectre_v2_mitigation {
|
||||||
SPECTRE_V2_EIBRS,
|
SPECTRE_V2_EIBRS,
|
||||||
SPECTRE_V2_EIBRS_RETPOLINE,
|
SPECTRE_V2_EIBRS_RETPOLINE,
|
||||||
SPECTRE_V2_EIBRS_LFENCE,
|
SPECTRE_V2_EIBRS_LFENCE,
|
||||||
|
@ -1244,17 +1272,17 @@ index da251a5645b0..bb05ed4f46bd 100644
|
||||||
};
|
};
|
||||||
|
|
||||||
/* The indirect branch speculation control variants */
|
/* The indirect branch speculation control variants */
|
||||||
@@ -235,6 +280,9 @@ static inline void indirect_branch_prediction_barrier(void)
|
@@ -235,6 +281,9 @@ static inline void indirect_branch_prediction_barrier(void)
|
||||||
|
|
||||||
/* The Intel SPEC CTRL MSR base value cache */
|
/* The Intel SPEC CTRL MSR base value cache */
|
||||||
extern u64 x86_spec_ctrl_base;
|
extern u64 x86_spec_ctrl_base;
|
||||||
+extern u64 x86_spec_ctrl_current;
|
+DECLARE_PER_CPU(u64, x86_spec_ctrl_current);
|
||||||
+extern void write_spec_ctrl_current(u64 val, bool force);
|
+extern void write_spec_ctrl_current(u64 val, bool force);
|
||||||
+extern u64 spec_ctrl_current(void);
|
+extern u64 spec_ctrl_current(void);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* With retpoline, we must use IBRS to restrict branch prediction
|
* With retpoline, we must use IBRS to restrict branch prediction
|
||||||
@@ -244,18 +292,16 @@ extern u64 x86_spec_ctrl_base;
|
@@ -244,18 +293,16 @@ extern u64 x86_spec_ctrl_base;
|
||||||
*/
|
*/
|
||||||
#define firmware_restrict_branch_speculation_start() \
|
#define firmware_restrict_branch_speculation_start() \
|
||||||
do { \
|
do { \
|
||||||
|
@ -1564,7 +1592,7 @@ index 0c0b09796ced..35d5288394cb 100644
|
||||||
}
|
}
|
||||||
|
|
||||||
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
|
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
|
||||||
index a8a9f6406331..f6dfa26ed88b 100644
|
index a8a9f6406331..0b64e894b383 100644
|
||||||
--- a/arch/x86/kernel/cpu/bugs.c
|
--- a/arch/x86/kernel/cpu/bugs.c
|
||||||
+++ b/arch/x86/kernel/cpu/bugs.c
|
+++ b/arch/x86/kernel/cpu/bugs.c
|
||||||
@@ -38,6 +38,8 @@
|
@@ -38,6 +38,8 @@
|
||||||
|
@ -1948,7 +1976,7 @@ index a8a9f6406331..f6dfa26ed88b 100644
|
||||||
+ if (retbleed_mitigation == RETBLEED_MITIGATION_UNRET) {
|
+ if (retbleed_mitigation == RETBLEED_MITIGATION_UNRET) {
|
||||||
+ if (mode != SPECTRE_V2_USER_STRICT &&
|
+ if (mode != SPECTRE_V2_USER_STRICT &&
|
||||||
+ mode != SPECTRE_V2_USER_STRICT_PREFERRED)
|
+ mode != SPECTRE_V2_USER_STRICT_PREFERRED)
|
||||||
+ pr_info("Selecting STIBP always-on mode to complement retbleed mitigation'\n");
|
+ pr_info("Selecting STIBP always-on mode to complement retbleed mitigation\n");
|
||||||
+ mode = SPECTRE_V2_USER_STRICT_PREFERRED;
|
+ mode = SPECTRE_V2_USER_STRICT_PREFERRED;
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
|
@ -2451,6 +2479,18 @@ index 1e31c7d21597..6892ca67d9c6 100644
|
||||||
|
|
||||||
/* No need to test direct calls on created trampolines */
|
/* No need to test direct calls on created trampolines */
|
||||||
if (ops->flags & FTRACE_OPS_FL_SAVE_REGS) {
|
if (ops->flags & FTRACE_OPS_FL_SAVE_REGS) {
|
||||||
|
diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S
|
||||||
|
index eb8656bac99b..9b7acc9c7874 100644
|
||||||
|
--- a/arch/x86/kernel/head_32.S
|
||||||
|
+++ b/arch/x86/kernel/head_32.S
|
||||||
|
@@ -23,6 +23,7 @@
|
||||||
|
#include <asm/cpufeatures.h>
|
||||||
|
#include <asm/percpu.h>
|
||||||
|
#include <asm/nops.h>
|
||||||
|
+#include <asm/nospec-branch.h>
|
||||||
|
#include <asm/bootparam.h>
|
||||||
|
#include <asm/export.h>
|
||||||
|
#include <asm/pgtable_32.h>
|
||||||
diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
|
diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
|
||||||
index b8e3019547a5..3178fd81f93f 100644
|
index b8e3019547a5..3178fd81f93f 100644
|
||||||
--- a/arch/x86/kernel/head_64.S
|
--- a/arch/x86/kernel/head_64.S
|
||||||
|
@ -2898,10 +2938,36 @@ index 7fda7f27e762..071faf2c8a77 100644
|
||||||
|
|
||||||
#ifdef CONFIG_X86_KERNEL_IBT
|
#ifdef CONFIG_X86_KERNEL_IBT
|
||||||
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
|
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
|
||||||
index 89b11e7dca8a..db96bf7d1122 100644
|
index 89b11e7dca8a..f8382abe22ff 100644
|
||||||
--- a/arch/x86/kvm/emulate.c
|
--- a/arch/x86/kvm/emulate.c
|
||||||
+++ b/arch/x86/kvm/emulate.c
|
+++ b/arch/x86/kvm/emulate.c
|
||||||
@@ -325,13 +325,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop);
|
@@ -189,9 +189,6 @@
|
||||||
|
#define X8(x...) X4(x), X4(x)
|
||||||
|
#define X16(x...) X8(x), X8(x)
|
||||||
|
|
||||||
|
-#define NR_FASTOP (ilog2(sizeof(ulong)) + 1)
|
||||||
|
-#define FASTOP_SIZE (8 * (1 + HAS_KERNEL_IBT))
|
||||||
|
-
|
||||||
|
struct opcode {
|
||||||
|
u64 flags;
|
||||||
|
u8 intercept;
|
||||||
|
@@ -306,9 +303,15 @@ static void invalidate_registers(struct x86_emulate_ctxt *ctxt)
|
||||||
|
* Moreover, they are all exactly FASTOP_SIZE bytes long, so functions for
|
||||||
|
* different operand sizes can be reached by calculation, rather than a jump
|
||||||
|
* table (which would be bigger than the code).
|
||||||
|
+ *
|
||||||
|
+ * The 16 byte alignment, considering 5 bytes for the RET thunk, 3 for ENDBR
|
||||||
|
+ * and 1 for the straight line speculation INT3, leaves 7 bytes for the
|
||||||
|
+ * body of the function. Currently none is larger than 4.
|
||||||
|
*/
|
||||||
|
static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop);
|
||||||
|
|
||||||
|
+#define FASTOP_SIZE 16
|
||||||
|
+
|
||||||
|
#define __FOP_FUNC(name) \
|
||||||
|
".align " __stringify(FASTOP_SIZE) " \n\t" \
|
||||||
|
".type " name ", @function \n\t" \
|
||||||
|
@@ -325,13 +328,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop);
|
||||||
#define FOP_RET(name) \
|
#define FOP_RET(name) \
|
||||||
__FOP_RET(#name)
|
__FOP_RET(#name)
|
||||||
|
|
||||||
|
@ -2919,7 +2985,7 @@ index 89b11e7dca8a..db96bf7d1122 100644
|
||||||
#define FOP_END \
|
#define FOP_END \
|
||||||
".popsection")
|
".popsection")
|
||||||
|
|
||||||
@@ -435,16 +437,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop);
|
@@ -435,17 +440,12 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop);
|
||||||
/*
|
/*
|
||||||
* Depending on .config the SETcc functions look like:
|
* Depending on .config the SETcc functions look like:
|
||||||
*
|
*
|
||||||
|
@ -2937,14 +3003,12 @@ index 89b11e7dca8a..db96bf7d1122 100644
|
||||||
*/
|
*/
|
||||||
-#define SETCC_LENGTH (ENDBR_INSN_SIZE + 4 + IS_ENABLED(CONFIG_SLS))
|
-#define SETCC_LENGTH (ENDBR_INSN_SIZE + 4 + IS_ENABLED(CONFIG_SLS))
|
||||||
-#define SETCC_ALIGN (4 << IS_ENABLED(CONFIG_SLS) << HAS_KERNEL_IBT)
|
-#define SETCC_ALIGN (4 << IS_ENABLED(CONFIG_SLS) << HAS_KERNEL_IBT)
|
||||||
+#define RET_LENGTH (1 + (4 * IS_ENABLED(CONFIG_RETHUNK)) + \
|
-static_assert(SETCC_LENGTH <= SETCC_ALIGN);
|
||||||
+ IS_ENABLED(CONFIG_SLS))
|
+#define SETCC_ALIGN 16
|
||||||
+#define SETCC_LENGTH (ENDBR_INSN_SIZE + 3 + RET_LENGTH)
|
|
||||||
+#define SETCC_ALIGN (4 << ((SETCC_LENGTH > 4) & 1) << ((SETCC_LENGTH > 8) & 1))
|
|
||||||
static_assert(SETCC_LENGTH <= SETCC_ALIGN);
|
|
||||||
|
|
||||||
#define FOP_SETCC(op) \
|
#define FOP_SETCC(op) \
|
||||||
@@ -453,9 +454,10 @@ static_assert(SETCC_LENGTH <= SETCC_ALIGN);
|
".align " __stringify(SETCC_ALIGN) " \n\t" \
|
||||||
|
@@ -453,9 +453,10 @@ static_assert(SETCC_LENGTH <= SETCC_ALIGN);
|
||||||
#op ": \n\t" \
|
#op ": \n\t" \
|
||||||
ASM_ENDBR \
|
ASM_ENDBR \
|
||||||
#op " %al \n\t" \
|
#op " %al \n\t" \
|
||||||
|
@ -3498,10 +3562,10 @@ index 5e7f41225780..5cfc49ddb1b4 100644
|
||||||
asmlinkage void vmread_error(unsigned long field, bool fault);
|
asmlinkage void vmread_error(unsigned long field, bool fault);
|
||||||
__attribute__((regparm(0))) void vmread_error_trampoline(unsigned long field,
|
__attribute__((regparm(0))) void vmread_error_trampoline(unsigned long field,
|
||||||
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
|
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
|
||||||
index 558d1f2ab5b4..9caa902f0de1 100644
|
index 828f5cf1af45..53b6fdf30c99 100644
|
||||||
--- a/arch/x86/kvm/x86.c
|
--- a/arch/x86/kvm/x86.c
|
||||||
+++ b/arch/x86/kvm/x86.c
|
+++ b/arch/x86/kvm/x86.c
|
||||||
@@ -12531,9 +12531,9 @@ void kvm_arch_end_assignment(struct kvm *kvm)
|
@@ -12533,9 +12533,9 @@ void kvm_arch_end_assignment(struct kvm *kvm)
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(kvm_arch_end_assignment);
|
EXPORT_SYMBOL_GPL(kvm_arch_end_assignment);
|
||||||
|
|
||||||
|
@ -3716,6 +3780,29 @@ index 4c71fa04e784..2dab2816b3f7 100644
|
||||||
/* Make sure the trampoline generation logic doesn't overflow */
|
/* Make sure the trampoline generation logic doesn't overflow */
|
||||||
if (WARN_ON_ONCE(prog > (u8 *)image_end - BPF_INSN_SAFETY)) {
|
if (WARN_ON_ONCE(prog > (u8 *)image_end - BPF_INSN_SAFETY)) {
|
||||||
ret = -EFAULT;
|
ret = -EFAULT;
|
||||||
|
diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
|
||||||
|
index 854dd81804b7..bc740a7c438c 100644
|
||||||
|
--- a/arch/x86/platform/efi/efi_thunk_64.S
|
||||||
|
+++ b/arch/x86/platform/efi/efi_thunk_64.S
|
||||||
|
@@ -23,6 +23,7 @@
|
||||||
|
#include <linux/objtool.h>
|
||||||
|
#include <asm/page_types.h>
|
||||||
|
#include <asm/segment.h>
|
||||||
|
+#include <asm/nospec-branch.h>
|
||||||
|
|
||||||
|
.text
|
||||||
|
.code64
|
||||||
|
@@ -75,7 +76,9 @@ STACK_FRAME_NON_STANDARD __efi64_thunk
|
||||||
|
1: movq 0x20(%rsp), %rsp
|
||||||
|
pop %rbx
|
||||||
|
pop %rbp
|
||||||
|
- RET
|
||||||
|
+ ANNOTATE_UNRET_SAFE
|
||||||
|
+ ret
|
||||||
|
+ int3
|
||||||
|
|
||||||
|
.code32
|
||||||
|
2: pushl $__KERNEL_CS
|
||||||
diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
|
diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c
|
||||||
index 81aa46f770c5..cfa99e8f054b 100644
|
index 81aa46f770c5..cfa99e8f054b 100644
|
||||||
--- a/arch/x86/xen/setup.c
|
--- a/arch/x86/xen/setup.c
|
||||||
|
@ -3830,7 +3917,7 @@ index caa9bc2fa100..6b4fdf6b9542 100644
|
||||||
|
|
||||||
#endif /* CONFIG_IA32_EMULATION */
|
#endif /* CONFIG_IA32_EMULATION */
|
||||||
diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S
|
diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S
|
||||||
index 3a2cd93bf059..fa884fc73e07 100644
|
index 13af6fe453e3..ffaa62167f6e 100644
|
||||||
--- a/arch/x86/xen/xen-head.S
|
--- a/arch/x86/xen/xen-head.S
|
||||||
+++ b/arch/x86/xen/xen-head.S
|
+++ b/arch/x86/xen/xen-head.S
|
||||||
@@ -26,6 +26,7 @@ SYM_CODE_START(hypercall_page)
|
@@ -26,6 +26,7 @@ SYM_CODE_START(hypercall_page)
|
||||||
|
@ -4559,7 +4646,7 @@ index 000000000000..de0a3714a5d4
|
||||||
+ }
|
+ }
|
||||||
+}
|
+}
|
||||||
diff --git a/drivers/firmware/sysfb.c b/drivers/firmware/sysfb.c
|
diff --git a/drivers/firmware/sysfb.c b/drivers/firmware/sysfb.c
|
||||||
index 2bfbb05f7d89..a504f7234f35 100644
|
index 1f276f108cc9..7039ad9bdf7f 100644
|
||||||
--- a/drivers/firmware/sysfb.c
|
--- a/drivers/firmware/sysfb.c
|
||||||
+++ b/drivers/firmware/sysfb.c
|
+++ b/drivers/firmware/sysfb.c
|
||||||
@@ -34,6 +34,22 @@
|
@@ -34,6 +34,22 @@
|
||||||
|
@ -4582,18 +4669,18 @@ index 2bfbb05f7d89..a504f7234f35 100644
|
||||||
+}
|
+}
|
||||||
+early_param("nvidia-drm.modeset", simpledrm_disable);
|
+early_param("nvidia-drm.modeset", simpledrm_disable);
|
||||||
+
|
+
|
||||||
static __init int sysfb_init(void)
|
static struct platform_device *pd;
|
||||||
{
|
static DEFINE_MUTEX(disable_lock);
|
||||||
struct screen_info *si = &screen_info;
|
static bool disabled;
|
||||||
@@ -45,7 +61,7 @@ static __init int sysfb_init(void)
|
@@ -83,7 +99,7 @@ static __init int sysfb_init(void)
|
||||||
|
|
||||||
/* try to create a simple-framebuffer device */
|
/* try to create a simple-framebuffer device */
|
||||||
compatible = sysfb_parse_mode(si, &mode);
|
compatible = sysfb_parse_mode(si, &mode);
|
||||||
- if (compatible) {
|
- if (compatible) {
|
||||||
+ if (compatible && !skip_simpledrm) {
|
+ if (compatible && !skip_simpledrm) {
|
||||||
ret = sysfb_create_simplefb(si, &mode);
|
pd = sysfb_create_simplefb(si, &mode);
|
||||||
if (!ret)
|
if (!IS_ERR(pd))
|
||||||
return 0;
|
goto unlock_mutex;
|
||||||
diff --git a/drivers/gpu/drm/i915/display/intel_psr.c b/drivers/gpu/drm/i915/display/intel_psr.c
|
diff --git a/drivers/gpu/drm/i915/display/intel_psr.c b/drivers/gpu/drm/i915/display/intel_psr.c
|
||||||
index 6c9e6e7f0afd..f0ff2f1f5fcb 100644
|
index 6c9e6e7f0afd..f0ff2f1f5fcb 100644
|
||||||
--- a/drivers/gpu/drm/i915/display/intel_psr.c
|
--- a/drivers/gpu/drm/i915/display/intel_psr.c
|
||||||
|
@ -5121,7 +5208,7 @@ index 857d4c2fd1a2..9353941f3a97 100644
|
||||||
* Changes the default domain of an iommu group that has *only* one device
|
* Changes the default domain of an iommu group that has *only* one device
|
||||||
*
|
*
|
||||||
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
|
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
|
||||||
index a2862a56fadc..1cddbc757925 100644
|
index c9831daafbc6..5c4bb1e9ba0a 100644
|
||||||
--- a/drivers/nvme/host/core.c
|
--- a/drivers/nvme/host/core.c
|
||||||
+++ b/drivers/nvme/host/core.c
|
+++ b/drivers/nvme/host/core.c
|
||||||
@@ -240,6 +240,9 @@ static void nvme_delete_ctrl_sync(struct nvme_ctrl *ctrl)
|
@@ -240,6 +240,9 @@ static void nvme_delete_ctrl_sync(struct nvme_ctrl *ctrl)
|
||||||
|
@ -5235,10 +5322,10 @@ index d464fdf978fb..acdaab3d7697 100644
|
||||||
|
|
||||||
if (!ctrl->max_namespaces ||
|
if (!ctrl->max_namespaces ||
|
||||||
diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h
|
diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h
|
||||||
index a2b53ca63335..021e51c64cde 100644
|
index 337ae1e3ad25..727cc7fb542e 100644
|
||||||
--- a/drivers/nvme/host/nvme.h
|
--- a/drivers/nvme/host/nvme.h
|
||||||
+++ b/drivers/nvme/host/nvme.h
|
+++ b/drivers/nvme/host/nvme.h
|
||||||
@@ -800,6 +800,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys);
|
@@ -801,6 +801,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys);
|
||||||
void nvme_mpath_start_freeze(struct nvme_subsystem *subsys);
|
void nvme_mpath_start_freeze(struct nvme_subsystem *subsys);
|
||||||
void nvme_mpath_default_iopolicy(struct nvme_subsystem *subsys);
|
void nvme_mpath_default_iopolicy(struct nvme_subsystem *subsys);
|
||||||
void nvme_failover_req(struct request *req);
|
void nvme_failover_req(struct request *req);
|
||||||
|
@ -5246,7 +5333,7 @@ index a2b53ca63335..021e51c64cde 100644
|
||||||
void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl);
|
void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl);
|
||||||
int nvme_mpath_alloc_disk(struct nvme_ctrl *ctrl,struct nvme_ns_head *head);
|
int nvme_mpath_alloc_disk(struct nvme_ctrl *ctrl,struct nvme_ns_head *head);
|
||||||
void nvme_mpath_add_disk(struct nvme_ns *ns, struct nvme_id_ns *id);
|
void nvme_mpath_add_disk(struct nvme_ns *ns, struct nvme_id_ns *id);
|
||||||
@@ -836,6 +837,9 @@ static inline bool nvme_ctrl_use_ana(struct nvme_ctrl *ctrl)
|
@@ -837,6 +838,9 @@ static inline bool nvme_ctrl_use_ana(struct nvme_ctrl *ctrl)
|
||||||
static inline void nvme_failover_req(struct request *req)
|
static inline void nvme_failover_req(struct request *req)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
@ -5695,8 +5782,90 @@ index aaf6566deb9f..86926966c15d 100644
|
||||||
#ifdef CONFIG_PERF_EVENTS
|
#ifdef CONFIG_PERF_EVENTS
|
||||||
int security_perf_event_open(struct perf_event_attr *attr, int type)
|
int security_perf_event_open(struct perf_event_attr *attr, int type)
|
||||||
{
|
{
|
||||||
|
diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h
|
||||||
|
index e17de69faa54..5d09ded0c491 100644
|
||||||
|
--- a/tools/arch/x86/include/asm/cpufeatures.h
|
||||||
|
+++ b/tools/arch/x86/include/asm/cpufeatures.h
|
||||||
|
@@ -203,8 +203,8 @@
|
||||||
|
#define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */
|
||||||
|
/* FREE! ( 7*32+10) */
|
||||||
|
#define X86_FEATURE_PTI ( 7*32+11) /* Kernel Page Table Isolation enabled */
|
||||||
|
-#define X86_FEATURE_RETPOLINE ( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */
|
||||||
|
-#define X86_FEATURE_RETPOLINE_LFENCE ( 7*32+13) /* "" Use LFENCE for Spectre variant 2 */
|
||||||
|
+#define X86_FEATURE_KERNEL_IBRS ( 7*32+12) /* "" Set/clear IBRS on kernel entry/exit */
|
||||||
|
+#define X86_FEATURE_RSB_VMEXIT ( 7*32+13) /* "" Fill RSB on VM-Exit */
|
||||||
|
#define X86_FEATURE_INTEL_PPIN ( 7*32+14) /* Intel Processor Inventory Number */
|
||||||
|
#define X86_FEATURE_CDP_L2 ( 7*32+15) /* Code and Data Prioritization L2 */
|
||||||
|
#define X86_FEATURE_MSR_SPEC_CTRL ( 7*32+16) /* "" MSR SPEC_CTRL is implemented */
|
||||||
|
@@ -295,6 +295,12 @@
|
||||||
|
#define X86_FEATURE_PER_THREAD_MBA (11*32+ 7) /* "" Per-thread Memory Bandwidth Allocation */
|
||||||
|
#define X86_FEATURE_SGX1 (11*32+ 8) /* "" Basic SGX */
|
||||||
|
#define X86_FEATURE_SGX2 (11*32+ 9) /* "" SGX Enclave Dynamic Memory Management (EDMM) */
|
||||||
|
+#define X86_FEATURE_ENTRY_IBPB (11*32+10) /* "" Issue an IBPB on kernel entry */
|
||||||
|
+#define X86_FEATURE_RRSBA_CTRL (11*32+11) /* "" RET prediction control */
|
||||||
|
+#define X86_FEATURE_RETPOLINE (11*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */
|
||||||
|
+#define X86_FEATURE_RETPOLINE_LFENCE (11*32+13) /* "" Use LFENCE for Spectre variant 2 */
|
||||||
|
+#define X86_FEATURE_RETHUNK (11*32+14) /* "" Use REturn THUNK */
|
||||||
|
+#define X86_FEATURE_UNRET (11*32+15) /* "" AMD BTB untrain return */
|
||||||
|
|
||||||
|
/* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */
|
||||||
|
#define X86_FEATURE_AVX_VNNI (12*32+ 4) /* AVX VNNI instructions */
|
||||||
|
@@ -315,6 +321,7 @@
|
||||||
|
#define X86_FEATURE_VIRT_SSBD (13*32+25) /* Virtualized Speculative Store Bypass Disable */
|
||||||
|
#define X86_FEATURE_AMD_SSB_NO (13*32+26) /* "" Speculative Store Bypass is fixed in hardware. */
|
||||||
|
#define X86_FEATURE_CPPC (13*32+27) /* Collaborative Processor Performance Control */
|
||||||
|
+#define X86_FEATURE_BTC_NO (13*32+29) /* "" Not vulnerable to Branch Type Confusion */
|
||||||
|
|
||||||
|
/* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */
|
||||||
|
#define X86_FEATURE_DTHERM (14*32+ 0) /* Digital Thermal Sensor */
|
||||||
|
@@ -444,5 +451,6 @@
|
||||||
|
#define X86_BUG_ITLB_MULTIHIT X86_BUG(23) /* CPU may incur MCE during certain page attribute changes */
|
||||||
|
#define X86_BUG_SRBDS X86_BUG(24) /* CPU may leak RNG bits if not mitigated */
|
||||||
|
#define X86_BUG_MMIO_STALE_DATA X86_BUG(25) /* CPU is affected by Processor MMIO Stale Data vulnerabilities */
|
||||||
|
+#define X86_BUG_RETBLEED X86_BUG(26) /* CPU is affected by RETBleed */
|
||||||
|
|
||||||
|
#endif /* _ASM_X86_CPUFEATURES_H */
|
||||||
|
diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h
|
||||||
|
index 1231d63f836d..f7be189e9723 100644
|
||||||
|
--- a/tools/arch/x86/include/asm/disabled-features.h
|
||||||
|
+++ b/tools/arch/x86/include/asm/disabled-features.h
|
||||||
|
@@ -56,6 +56,25 @@
|
||||||
|
# define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31))
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#ifdef CONFIG_RETPOLINE
|
||||||
|
+# define DISABLE_RETPOLINE 0
|
||||||
|
+#else
|
||||||
|
+# define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \
|
||||||
|
+ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31)))
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+#ifdef CONFIG_RETHUNK
|
||||||
|
+# define DISABLE_RETHUNK 0
|
||||||
|
+#else
|
||||||
|
+# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31))
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+#ifdef CONFIG_CPU_UNRET_ENTRY
|
||||||
|
+# define DISABLE_UNRET 0
|
||||||
|
+#else
|
||||||
|
+# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31))
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#ifdef CONFIG_INTEL_IOMMU_SVM
|
||||||
|
# define DISABLE_ENQCMD 0
|
||||||
|
#else
|
||||||
|
@@ -82,7 +101,7 @@
|
||||||
|
#define DISABLED_MASK8 0
|
||||||
|
#define DISABLED_MASK9 (DISABLE_SMAP|DISABLE_SGX)
|
||||||
|
#define DISABLED_MASK10 0
|
||||||
|
-#define DISABLED_MASK11 0
|
||||||
|
+#define DISABLED_MASK11 (DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET)
|
||||||
|
#define DISABLED_MASK12 0
|
||||||
|
#define DISABLED_MASK13 0
|
||||||
|
#define DISABLED_MASK14 0
|
||||||
diff --git a/tools/arch/x86/include/asm/msr-index.h b/tools/arch/x86/include/asm/msr-index.h
|
diff --git a/tools/arch/x86/include/asm/msr-index.h b/tools/arch/x86/include/asm/msr-index.h
|
||||||
index 4425d6773183..8a0a53cf360d 100644
|
index 4425d6773183..ad084326f24c 100644
|
||||||
--- a/tools/arch/x86/include/asm/msr-index.h
|
--- a/tools/arch/x86/include/asm/msr-index.h
|
||||||
+++ b/tools/arch/x86/include/asm/msr-index.h
|
+++ b/tools/arch/x86/include/asm/msr-index.h
|
||||||
@@ -51,6 +51,8 @@
|
@@ -51,6 +51,8 @@
|
||||||
|
@ -5708,7 +5877,15 @@ index 4425d6773183..8a0a53cf360d 100644
|
||||||
|
|
||||||
#define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */
|
#define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */
|
||||||
#define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */
|
#define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */
|
||||||
@@ -138,6 +140,13 @@
|
@@ -91,6 +93,7 @@
|
||||||
|
#define MSR_IA32_ARCH_CAPABILITIES 0x0000010a
|
||||||
|
#define ARCH_CAP_RDCL_NO BIT(0) /* Not susceptible to Meltdown */
|
||||||
|
#define ARCH_CAP_IBRS_ALL BIT(1) /* Enhanced IBRS support */
|
||||||
|
+#define ARCH_CAP_RSBA BIT(2) /* RET may use alternative branch predictors */
|
||||||
|
#define ARCH_CAP_SKIP_VMENTRY_L1DFLUSH BIT(3) /* Skip L1D flush on vmentry */
|
||||||
|
#define ARCH_CAP_SSB_NO BIT(4) /*
|
||||||
|
* Not susceptible to Speculative Store Bypass
|
||||||
|
@@ -138,6 +141,13 @@
|
||||||
* bit available to control VERW
|
* bit available to control VERW
|
||||||
* behavior.
|
* behavior.
|
||||||
*/
|
*/
|
||||||
|
@ -5722,6 +5899,16 @@ index 4425d6773183..8a0a53cf360d 100644
|
||||||
|
|
||||||
#define MSR_IA32_FLUSH_CMD 0x0000010b
|
#define MSR_IA32_FLUSH_CMD 0x0000010b
|
||||||
#define L1D_FLUSH BIT(0) /*
|
#define L1D_FLUSH BIT(0) /*
|
||||||
|
@@ -552,6 +562,9 @@
|
||||||
|
/* Fam 17h MSRs */
|
||||||
|
#define MSR_F17H_IRPERF 0xc00000e9
|
||||||
|
|
||||||
|
+#define MSR_ZEN2_SPECTRAL_CHICKEN 0xc00110e3
|
||||||
|
+#define MSR_ZEN2_SPECTRAL_CHICKEN_BIT BIT_ULL(1)
|
||||||
|
+
|
||||||
|
/* Fam 16h MSRs */
|
||||||
|
#define MSR_F16H_L2I_PERF_CTL 0xc0010230
|
||||||
|
#define MSR_F16H_L2I_PERF_CTR 0xc0010231
|
||||||
diff --git a/tools/include/linux/objtool.h b/tools/include/linux/objtool.h
|
diff --git a/tools/include/linux/objtool.h b/tools/include/linux/objtool.h
|
||||||
index c81ea2264ad8..376110ead758 100644
|
index c81ea2264ad8..376110ead758 100644
|
||||||
--- a/tools/include/linux/objtool.h
|
--- a/tools/include/linux/objtool.h
|
||||||
|
|
6
sources
6
sources
|
@ -1,3 +1,3 @@
|
||||||
SHA512 (linux-5.18.11.tar.xz) = 86d9e65efe242e5bc612c28f1164211805f18dfef08266d4fe6a8d7d41fa42fa4e7be124778c31a792b4c59a523612906933f6fc84c0a0528825adcd559a989e
|
SHA512 (linux-5.18.13.tar.xz) = b5d026d72078c27cc66299a3df1e7ea9dfee3936d9c9c91e3ca7ea9c5ca981e41c67d60c0d8872669a16005fc7e28955e2e7048d3894cd63155749ef9247b348
|
||||||
SHA512 (kernel-abi-stablelists-5.18.11-100.tar.bz2) = 76c21f305c08981f5b1bcc1a10d32e4ed2cc70dd675e5863617632951a56ca791b47cd521af3e2b11b9a20b9b4eaf47c97972e4d41ba25d150e04e4835ac879b
|
SHA512 (kernel-abi-stablelists-5.18.13-100.tar.bz2) = 418bb8d24c892071780f27a271c2e6a5f249ebd1bb334afbe1c0f5fcde416d2b0572f8a67315f7f183898666575cace19592017f03605650da33b670bd535d5a
|
||||||
SHA512 (kernel-kabi-dw-5.18.11-100.tar.bz2) = 2cdaae4c18d710ae130e7ce660e8e69ac9f4da297039a844c1c6b6068ac0a7bcea4b9b58e884488ce1fb91c14e43165e25f271b0f5d5591db5e7eab9e578d0b2
|
SHA512 (kernel-kabi-dw-5.18.13-100.tar.bz2) = 0b9d8a8ec265a266b4689d25a900d5adccf7b8fdd98371677a273b5305bf363c4f0b7afa10bd5c14370c2ceeee17bd44670e7105970fb03e8bdb92e89362df0c
|
||||||
|
|
Loading…
Reference in New Issue