ACK/cmnt: [SRU artful/linux] switch Spectre V2 mitigation to retpoline
Andy Whitcroft
apw at canonical.com
Mon Feb 5 15:47:10 UTC 2018
On Mon, Feb 05, 2018 at 04:14:32PM +0100, Kleber Souza wrote:
> On 02/05/18 10:39, Andy Whitcroft wrote:
> > Now that retpoline has made it to stable it is appropriate we switch
> > over to this for mitigation of Spectre V2. This form is meant to have a
> > significantly lower performance penalty, and also does not require
> > microcode support from the processor.
> >
> > This is a large patchset as it has to revert the existing mitigations for
> > Spectre V1 and V2 as these are intertwined. We take advantage of this
> > to reapply a slightly updated Spectre V1 mitigation and to more clearly
> > identify those patches for when they are themselves replaced by final
> > upstream versions. Finally testing of this set threw up a procfs bug
> > (LP: #1747263) which though not actuall a regression I am including as
> > it breaks ADT testing.
> >
> > The patches are split into 4 sections, each set has been marked up such
> > that they fall out separatly in the Ubuntu change (which is included in
> > the pull request at the end of this email).
> >
> > * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
> > * CVE-2017-5715 (Spectre v2 retpoline)
> > * CVE-2017-5753 (Spectre v1 Intel)
> > * [artful] panic in update_stack_state when reading /proc/<pid>/stack on i386
> >
> > Full pull-request is below. Proposing for SRU to artful/linux.
> >
> > -apw
> >
> > The following changes since commit b9f7706e18abb6276a87776e15596fa898cbafa4:
> >
> > x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP (2018-02-02 17:14:07 +0100)
> >
> > are available in the Git repository at:
> >
> > https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/artful-retpoline-intelv1--pull
> >
> > for you to fetch changes up to c50da22ff258fea6938eda9b3fc0475288b3ee7d:
> >
> > x86/unwind: Fix dereference of untrusted pointer (2018-02-04 14:47:15 +0000)
>
> There's a remaining fixup commit
> (3918407522d27d0394f9376e37615f5477997bd1 - fix! x86/retpoline/hyperv:
> Convert assembler indirect jumps) which can be fixed when applying.
>
>
> Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Yes, please merge that into its associated commit. Derp.
-apw
More information about the kernel-team
mailing list