mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-26 20:38:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/arch/x86
History
Peter Zijlstra d43490d0ab x86/cpu: Clean up SRSO return thunk mess 
Use the existing configurable return thunk. There is absolute no
justification for having created this __x86_return_thunk alternative.

To clarify, the whole thing looks like:

Zen3/4 does:

  srso_alias_untrain_ret:
	  nop2
	  lfence
	  jmp srso_alias_return_thunk
	  int3

  srso_alias_safe_ret: // aliasses srso_alias_untrain_ret just so
	  add $8, %rsp
	  ret
	  int3

  srso_alias_return_thunk:
	  call srso_alias_safe_ret
	  ud2

While Zen1/2 does:

  srso_untrain_ret:
	  movabs $foo, %rax
	  lfence
	  call srso_safe_ret           (jmp srso_return_thunk ?)
	  int3

  srso_safe_ret: // embedded in movabs instruction
	  add $8,%rsp
          ret
          int3

  srso_return_thunk:
	  call srso_safe_ret
	  ud2

While retbleed does:

  zen_untrain_ret:
	  test $0xcc, %bl
	  lfence
	  jmp zen_return_thunk
          int3

  zen_return_thunk: // embedded in the test instruction
	  ret
          int3

Where Zen1/2 flush the BTB entry using the instruction decoder trick
(test,movabs) Zen3/4 use BTB aliasing. SRSO adds a return sequence
(srso_safe_ret()) which forces the function return instruction to
speculate into a trap (UD2).  This RET will then mispredict and
execution will continue at the return site read from the top of the
stack.

Pick one of three options at boot (evey function can only ever return
once).

  [ bp: Fixup commit message uarch details and add them in a comment in
    the code too. Add a comment about the srso_select_mitigation()
    dependency on retbleed_select_mitigation(). Add moar ifdeffery for
    32-bit builds. Add a dummy srso_untrain_ret_alias() definition for
    32-bit alternatives needing the symbol. ]

Fixes: fb3bd914b3 ("x86/srso: Add a Speculative RAS Overflow mitigation")
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230814121148.842775684@infradead.org
2023-08-16 21:47:24 +02:00
..
boot x86/sev: Do not try to parse for the CC blob on non-AMD hardware 2023-08-07 18:05:13 +02:00
coco
configs arch/*/configs/*defconfig: Replace AUTOFS4_FS by AUTOFS_FS 2023-07-29 14:08:22 -07:00
crypto
entry x86/mm: Fix VDSO and VVAR placement on 5-level paging machines 2023-08-09 13:38:48 -07:00
events perf/x86: Fix lockdep warning in for_each_sibling_event() on SPR 2023-07-10 09:52:20 +02:00
hyperv hyperv-fixes for 6.5-rc5 2023-08-04 17:16:14 -07:00
ia32
include x86/cpu: Clean up SRSO return thunk mess 2023-08-16 21:47:24 +02:00
kernel x86/cpu: Clean up SRSO return thunk mess 2023-08-16 21:47:24 +02:00
kvm x86/CPU/AMD: Fix the DIV(0) initial fix attempt 2023-08-14 11:02:50 +02:00
lib x86/cpu: Clean up SRSO return thunk mess 2023-08-16 21:47:24 +02:00
math-emu
mm Merge branch 'expand-stack' 2023-06-28 20:35:21 -07:00
net
pci
platform A single regression fix for x86: 2023-07-01 11:40:01 -07:00
power
purgatory hardening updates for v6.5-rc1 2023-06-27 21:24:18 -07:00
ras
realmode
tools
um
video drm changes for 6.5-rc1: 2023-06-29 11:00:17 -07:00
virt/vmx/tdx
xen xen: branch for v6.5-rc2 2023-07-13 13:39:36 -07:00
.gitignore
Kbuild
Kconfig Mitigate Gather Data Sampling issue 2023-08-07 17:03:54 -07:00
Kconfig.assembler
Kconfig.cpu
Kconfig.debug
Makefile
Makefile.postlink
Makefile.um
Makefile_32.cpu