mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-28 21:33:52 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86/lib
History
Linus Torvalds 7001052160 Add support for Intel CET-IBT, available since Tigerlake (11th gen), which is a 
coarse grained, hardware based, forward edge Control-Flow-Integrity mechanism
 where any indirect CALL/JMP must target an ENDBR instruction or suffer #CP.
 
 Additionally, since Alderlake (12th gen)/Sapphire-Rapids, speculation is
 limited to 2 instructions (and typically fewer) on branch targets not starting
 with ENDBR. CET-IBT also limits speculation of the next sequential instruction
 after the indirect CALL/JMP [1].
 
 CET-IBT is fundamentally incompatible with retpolines, but provides, as
 described above, speculation limits itself.
 
 [1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html
 -----BEGIN PGP SIGNATURE-----
 
 iQJJBAABCgAzFiEEv3OU3/byMaA0LqWJdkfhpEvA5LoFAmI/LI8VHHBldGVyekBp
 bmZyYWRlYWQub3JnAAoJEHZH4aRLwOS6ZnkP/2QCgQLTu6oRxv9O020CHwlaSEeD
 1Hoy3loum5q5hAi1Ik3dR9p0H5u64c9qbrBVxaFoNKaLt5GKrtHaDSHNk2L/CFHX
 urpH65uvTLxbyZzcahkAahoJ71XU+m7PcrHLWMunw9sy10rExYVsUOlFyoyG6XCF
 BDCNZpdkC09ZM3vwlWGMZd5Pp+6HcZNPyoV9tpvWAS2l+WYFWAID7mflbpQ+tA8b
 y/hM6b3Ud0rT2ubuG1iUpopgNdwqQZ+HisMPGprh+wKZkYwS2l8pUTrz0MaBkFde
 go7fW16kFy2HQzGm6aIEBmfcg0palP/mFVaWP0zS62LwhJSWTn5G6xWBr3yxSsht
 9gWCiI0oDZuTg698MedWmomdG2SK6yAuZuqmdKtLLoWfWgviPEi7TDFG/cKtZdAW
 ag8GM8T4iyYZzpCEcWO9GWbjo6TTGq30JBQefCBG47GjD0csv2ubXXx0Iey+jOwT
 x3E8wnv9dl8V9FSd/tMpTFmje8ges23yGrWtNpb5BRBuWTeuGiBPZED2BNyyIf+T
 dmewi2ufNMONgyNp27bDKopY81CPAQq9cVxqNm9Cg3eWPFnpOq2KGYEvisZ/rpEL
 EjMQeUBsy/C3AUFAleu1vwNnkwP/7JfKYpN00gnSyeQNZpqwxXBCKnHNgOMTXyJz
 beB/7u2KIUbKEkSN
 =jZfK
 -----END PGP SIGNATURE-----

Merge tag 'x86_core_for_5.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 CET-IBT (Control-Flow-Integrity) support from Peter Zijlstra:
 "Add support for Intel CET-IBT, available since Tigerlake (11th gen),
  which is a coarse grained, hardware based, forward edge
  Control-Flow-Integrity mechanism where any indirect CALL/JMP must
  target an ENDBR instruction or suffer #CP.

  Additionally, since Alderlake (12th gen)/Sapphire-Rapids, speculation
  is limited to 2 instructions (and typically fewer) on branch targets
  not starting with ENDBR. CET-IBT also limits speculation of the next
  sequential instruction after the indirect CALL/JMP [1].

  CET-IBT is fundamentally incompatible with retpolines, but provides,
  as described above, speculation limits itself"

[1] https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html

* tag 'x86_core_for_5.18_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (53 commits)
  kvm/emulate: Fix SETcc emulation for ENDBR
  x86/Kconfig: Only allow CONFIG_X86_KERNEL_IBT with ld.lld >= 14.0.0
  x86/Kconfig: Only enable CONFIG_CC_HAS_IBT for clang >= 14.0.0
  kbuild: Fixup the IBT kbuild changes
  x86/Kconfig: Do not allow CONFIG_X86_X32_ABI=y with llvm-objcopy
  x86: Remove toolchain check for X32 ABI capability
  x86/alternative: Use .ibt_endbr_seal to seal indirect calls
  objtool: Find unused ENDBR instructions
  objtool: Validate IBT assumptions
  objtool: Add IBT/ENDBR decoding
  objtool: Read the NOENDBR annotation
  x86: Annotate idtentry_df()
  x86,objtool: Move the ASM_REACHABLE annotation to objtool.h
  x86: Annotate call_on_stack()
  objtool: Rework ASM_REACHABLE
  x86: Mark __invalid_creds() __noreturn
  exit: Mark do_group_exit() __noreturn
  x86: Mark stop_this_cpu() __noreturn
  objtool: Ignore extra-symbol code
  objtool: Rename --duplicate to --lto
  ...
2022-03-27 10:17:23 -07:00
..
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
atomic64_32.c
atomic64_386_32.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
atomic64_cx8_32.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
cache-smp.c smp: Remove smp_call_function() and on_each_cpu() return values 2019-06-23 14:26:26 +02:00
checksum_32.S x86/checksum_32: Remove .fixup usage 2021-12-11 09:09:49 +01:00
clear_page_64.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
cmdline.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
cmpxchg8b_emu.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
cmpxchg16b_emu.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
copy_mc.c x86, libnvdimm/test: Remove COPY_MC_TEST 2020-10-26 18:08:35 +01:00
copy_mc_64.S x86/copy_mc_64: Remove .fixup usage 2021-12-11 09:09:46 +01:00
copy_page_64.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
copy_user_64.S - Get rid of all the .fixup sections because this generates 2022-01-12 16:31:19 -08:00
cpu.c x86/lib/cpu: Address missing prototypes warning 2019-08-08 08:25:53 +02:00
csum-copy_64.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
csum-partial_64.c x86/csum: Rewrite/optimize csum_partial() 2021-12-08 11:26:09 +01:00
csum-wrappers_64.c amd64: switch csum_partial_copy_generic() to new calling conventions 2020-08-20 15:45:22 -04:00
delay.c x86/delay: Introduce TPAUSE delay 2020-05-07 16:06:20 +02:00
error-inject.c x86/ibt: Annotate text references 2022-03-15 10:32:40 +01:00
getuser.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
hweight.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
inat.c x86/insn: Add a __ignore_sync_check__ marker 2021-03-15 11:00:57 +01:00
insn-eval.c - Get rid of all the .fixup sections because this generates 2022-01-12 16:31:19 -08:00
insn.c x86/insn: Use get_unaligned() instead of memcpy() 2021-10-06 11:56:37 +02:00
iomap_copy_64.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
iomem.c x86: explicitly align IO accesses in memcpy_{to,from}io 2019-02-01 09:07:48 -08:00
kaslr.c x86/boot: Allow a "silent" kaslr random byte fetch 2021-10-27 11:07:58 +02:00
Makefile x86/mmx_32: Remove X86_USE_3DNOW 2021-12-11 09:09:45 +01:00
memcpy_32.c fortify: Detect struct member overflows in memmove() at compile-time 2022-02-13 16:50:06 -08:00
memcpy_64.S x86: clean up symbol aliasing 2022-02-22 16:21:34 +00:00
memmove_64.S x86: clean up symbol aliasing 2022-02-22 16:21:34 +00:00
memset_64.S x86: clean up symbol aliasing 2022-02-22 16:21:34 +00:00
misc.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mmx_32.c x86/mmx_32: Remove X86_USE_3DNOW 2021-12-11 09:09:45 +01:00
msr-reg-export.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
msr-reg.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
msr-smp.c x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes 2021-03-22 21:37:03 +01:00
msr.c x86/msr: Make locally used functions static 2021-04-08 11:57:40 +02:00
pc-conf-reg.c x86: Add support for 0x22/0x23 port I/O configuration space 2021-08-10 23:31:43 +02:00
putuser.S x86: Prepare asm files for straight-line-speculation 2021-12-08 12:25:37 +01:00
retpoline.S x86/ibt: Annotate text references 2022-03-15 10:32:40 +01:00
string_32.c lib/string: Move helper functions out of string.c 2021-09-25 08:20:49 -07:00
strstr_32.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
usercopy.c x86: remove __range_not_ok() 2022-02-25 09:36:05 +01:00
usercopy_32.c x86/usercopy: Remove .fixup usage 2021-12-11 09:09:50 +01:00
usercopy_64.c x86/usercopy: Remove .fixup usage 2021-12-11 09:09:50 +01:00
x86-opcode-map.txt x86/insn: Add AVX512-FP16 instructions to the x86 instruction decoder 2022-01-23 20:38:01 +01:00