| Message ID | 20220404201643.87121-1-cascardo@canonical.com |
|---|---|
| Headers | show |
| Series | Spectre-BHB followups | expand |
On 04.04.22 22:16, Thadeu Lima de Souza Cascardo wrote: > [Impact] > The LFENCE mitigation was found out not to be sufficient on AMD systems. And > unprivileged eBPF was considered in the mitigation status for Spectre v2. > > [Fixes] > "x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation > reporting" need to be backported from close upstream stable branches. > > [Potential regression] > Mitigations may not be applied correctly and changing unprivileged eBPF > setting may cause surprising effects. Mitigations may be reported incorrectly > or incompletely. > > Josh Poimboeuf (3): > x86/speculation: Include unprivileged eBPF status in Spectre v2 > mitigation reporting > x86/speculation: Warn about Spectre v2 LFENCE mitigation > x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT > > Kim Phillips (2): > x86/speculation: Use generic retpoline by default on AMD > x86/speculation: Update link to AMD speculation whitepaper > > Documentation/admin-guide/hw-vuln/spectre.rst | 6 +- > arch/x86/kernel/cpu/bugs.c | 71 +++++++++++++++---- > include/linux/bpf.h | 11 +++ > kernel/sysctl.c | 8 +++ > 4 files changed, 79 insertions(+), 17 deletions(-) > The s-o-b for Focal and Bionic sometimes has cherry picked from some upstream stable and then looks like from upstream directly. Just to double check that this is correct. Generally Acked-by: Stefan Bader <stefan.bader@canonical.com>
On Tue, Apr 05, 2022 at 10:22:08AM +0200, Stefan Bader wrote: > On 04.04.22 22:16, Thadeu Lima de Souza Cascardo wrote: > > [Impact] > > The LFENCE mitigation was found out not to be sufficient on AMD systems. And > > unprivileged eBPF was considered in the mitigation status for Spectre v2. > > > > [Fixes] > > "x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation > > reporting" need to be backported from close upstream stable branches. > > > > [Potential regression] > > Mitigations may not be applied correctly and changing unprivileged eBPF > > setting may cause surprising effects. Mitigations may be reported incorrectly > > or incompletely. > > Josh Poimboeuf (3): > > x86/speculation: Include unprivileged eBPF status in Spectre v2 > > mitigation reporting > > x86/speculation: Warn about Spectre v2 LFENCE mitigation > > x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT > > > > Kim Phillips (2): > > x86/speculation: Use generic retpoline by default on AMD > > x86/speculation: Update link to AMD speculation whitepaper > > > > Documentation/admin-guide/hw-vuln/spectre.rst | 6 +- > > arch/x86/kernel/cpu/bugs.c | 71 +++++++++++++++---- > > include/linux/bpf.h | 11 +++ > > kernel/sysctl.c | 8 +++ > > 4 files changed, 79 insertions(+), 17 deletions(-) > > > > The s-o-b for Focal and Bionic sometimes has cherry picked from some > upstream stable and then looks like from upstream directly. Just to double > check that this is correct. Generally > > Acked-by: Stefan Bader <stefan.bader@canonical.com> Double checking here, it seems only the first patch for bionic is missing the provenance, which would also be linux-4.19.y. The others have been clean cherry-picks, though I noticed that for Impish, I ended up using the 5.15 backports that were used for Jammy. Aside from the first patch, which required the backport, all the other ones are clean cherry-picks as well. Cascardo.
Acked-by: Tim Gardner <tim.gardner@canonical.com> On 4/4/22 14:16, Thadeu Lima de Souza Cascardo wrote: > [Impact] > The LFENCE mitigation was found out not to be sufficient on AMD systems. And > unprivileged eBPF was considered in the mitigation status for Spectre v2. > > [Fixes] > "x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation > reporting" need to be backported from close upstream stable branches. > > [Potential regression] > Mitigations may not be applied correctly and changing unprivileged eBPF > setting may cause surprising effects. Mitigations may be reported incorrectly > or incompletely. > > Josh Poimboeuf (3): > x86/speculation: Include unprivileged eBPF status in Spectre v2 > mitigation reporting > x86/speculation: Warn about Spectre v2 LFENCE mitigation > x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT > > Kim Phillips (2): > x86/speculation: Use generic retpoline by default on AMD > x86/speculation: Update link to AMD speculation whitepaper > > Documentation/admin-guide/hw-vuln/spectre.rst | 6 +- > arch/x86/kernel/cpu/bugs.c | 71 +++++++++++++++---- > include/linux/bpf.h | 11 +++ > kernel/sysctl.c | 8 +++ > 4 files changed, 79 insertions(+), 17 deletions(-) >
On 04.04.22 22:16, Thadeu Lima de Souza Cascardo wrote: > [Impact] > The LFENCE mitigation was found out not to be sufficient on AMD systems. And > unprivileged eBPF was considered in the mitigation status for Spectre v2. > > [Fixes] > "x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation > reporting" need to be backported from close upstream stable branches. > > [Potential regression] > Mitigations may not be applied correctly and changing unprivileged eBPF > setting may cause surprising effects. Mitigations may be reported incorrectly > or incompletely. > > Josh Poimboeuf (3): > x86/speculation: Include unprivileged eBPF status in Spectre v2 > mitigation reporting > x86/speculation: Warn about Spectre v2 LFENCE mitigation > x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT > > Kim Phillips (2): > x86/speculation: Use generic retpoline by default on AMD > x86/speculation: Update link to AMD speculation whitepaper > > Documentation/admin-guide/hw-vuln/spectre.rst | 6 +- > arch/x86/kernel/cpu/bugs.c | 71 +++++++++++++++---- > include/linux/bpf.h | 11 +++ > kernel/sysctl.c | 8 +++ > 4 files changed, 79 insertions(+), 17 deletions(-) > Applied to impish,focal,bionic:linux/master-next with updated s-o-b references. Thanks. -Stefan
[Impact] The LFENCE mitigation was found out not to be sufficient on AMD systems. And unprivileged eBPF was considered in the mitigation status for Spectre v2. [Fixes] "x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting" need to be backported from close upstream stable branches. [Potential regression] Mitigations may not be applied correctly and changing unprivileged eBPF setting may cause surprising effects. Mitigations may be reported incorrectly or incompletely. Josh Poimboeuf (3): x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting x86/speculation: Warn about Spectre v2 LFENCE mitigation x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT Kim Phillips (2): x86/speculation: Use generic retpoline by default on AMD x86/speculation: Update link to AMD speculation whitepaper Documentation/admin-guide/hw-vuln/spectre.rst | 6 +- arch/x86/kernel/cpu/bugs.c | 71 +++++++++++++++---- include/linux/bpf.h | 11 +++ kernel/sysctl.c | 8 +++ 4 files changed, 79 insertions(+), 17 deletions(-)