[SRU][Trusty][PULL] Cleanup Meltdown/Spectre implementation (LP: #1779848)

Juerg Haefliger juerg.haefliger at canonical.com
Tue Oct 9 13:37:14 UTC 2018 

BugLink: https://bugs.launchpad.net/bugs/1779848

== SRU Justification ==

Ubuntu kernels contain Meltdown and Spectre mitigations that are largely based on embargoed patches but what eventually landed in upstream is different in some places. We should clean up the different kernels to bring them closer in line with upstream.

== Fix ==

Add missing upstream patches.

== Regression Potential ==

Medium. The patches have been in upstream for quite a while now and are baked in but some of the backporting is not completely trivial and without risk.

== Test Case ==

TBD.

*** BLURB HERE ***

Signed-off-by: Juerg Haefliger <juergh at canonical.com>
---

The following changes since commit cefa65a1685282dcbadad7c914d4d8e89428a5eb:

  UBUNTU: Ubuntu-3.13.0-161.211 (2018-10-03 16:41:43 +0200)

are available in the Git repository at:

  git://git.launchpad.net/~juergh/+git/trusty-linux lp1779848

for you to fetch changes up to 8cccec097d1fb83c610f9dddd47827fb6d3237aa:

  UBUNTU: SAUCE: x86/speculation: Cleanup IBRS runtime control handling (2018-10-09 10:46:55 +0200)

----------------------------------------------------------------
Arnd Bergmann (1):
      x86/pti: Mark constant arrays as __initconst

Ben Hutchings (1):
      xen: Add xen_arch_suspend()

Borislav Petkov (2):
      x86/nospec: Fix header guards names
      x86/bugs: Drop one "mitigation" from dmesg

Dan Carpenter (1):
      x86/spectre: Fix an error message

Dave Hansen (1):
      x86/Documentation: Add PTI description

David Woodhouse (5):
      x86/cpufeatures: Add AMD feature bits for Speculation Control
      x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
      x86/cpufeatures: Clean up Spectre v2 related CPUID flags
      x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
      x86/speculation: Use IBRS if available before calling into firmware

Dou Liyang (1):
      x86/spectre: Check CONFIG_RETPOLINE in command line parser

Ingo Molnar (1):
      x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP

Juerg Haefliger (14):
      Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
      UBUNTU: SAUCE: x86/cpufeatures: Reorder spectre-related feature bits
      UBUNTU: SAUCE: x86/msr: Fix formatting of msr-index.h
      UBUNTU: SAUCE: x86/msr: Rename MSR spec control feature bits
      UBUNTU: SAUCE: x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
      UBUNTU: SAUCE: x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
      UBUNTU: SAUCE: x86/bugs: Fix re-use of SPEC_CTRL MSR boot value
      UBUNTU: SAUCE: Move SSBD feature detection to common code
      UBUNTU: SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
      UBUNTU: SAUCE: x86/speculation: Query individual feature flags when reloading microcode
      UBUNTU: SAUCE: x86/pti: Evaluate X86_BUG_CPU_MELTDOWN when pti=auto
      UBUNTU: SAUCE: x86/speculation: Make use of indirect_branch_prediction_barrier()
      UBUNTU: SAUCE: x86/speculation: Cleanup IBPB runtime control handling
      UBUNTU: SAUCE: x86/speculation: Cleanup IBRS runtime control handling

Juergen Gross (1):
      x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend

KarimAllah Ahmed (1):
      x86/spectre: Simplify spectre_v2 command line parsing

Tom Lendacky (2):
      x86/cpu/AMD: Make LFENCE a serializing instruction
      x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC

zhenwei.pi (1):
      x86/pti: Document fix wrong index

 Documentation/kernel-parameters.txt   |  21 ++--
 Documentation/x86/pti.txt             | 186 +++++++++++++++++++++++++++++++++
 arch/x86/include/asm/apm.h            |   6 ++
 arch/x86/include/asm/cpufeature.h     |  31 ++++--
 arch/x86/include/asm/efi.h            |   7 ++
 arch/x86/include/asm/nospec-branch.h  |  62 ++++++++++-
 arch/x86/include/asm/spec_ctrl.h      |  13 ++-
 arch/x86/include/uapi/asm/msr-index.h |  34 +++---
 arch/x86/kernel/acpi/cstate.c         |   6 +-
 arch/x86/kernel/cpu/amd.c             |  92 ++++++++--------
 arch/x86/kernel/cpu/bugs.c            | 169 ++++++++++++++++++++----------
 arch/x86/kernel/cpu/common.c          |  40 ++++++-
 arch/x86/kernel/cpu/intel.c           |  19 ----
 arch/x86/kernel/microcode_core.c      |  20 ----
 arch/x86/kernel/process.c             |  11 +-
 arch/x86/kernel/smpboot.c             |   6 +-
 arch/x86/kvm/svm.c                    |  11 +-
 arch/x86/kvm/vmx.c                    |   3 +-
 arch/x86/mm/kaiser.c                  |   7 +-
 arch/x86/mm/tlb.c                     |   5 +-
 arch/x86/xen/suspend.c                |  24 +++++
 drivers/xen/manage.c                  |   9 +-
 include/linux/smp.h                   |  87 ----------------
 include/xen/xen-ops.h                 |   1 +
 kernel/smp.c                          |  46 --------
 kernel/sysctl.c                       | 191 ++++++++++++++++++++--------------
 26 files changed, 672 insertions(+), 435 deletions(-)
 create mode 100644 Documentation/x86/pti.txt

More information about the kernel-team mailing list