mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/Documentation
History
Kim Phillips 34a81f5259 x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled 
commit fd470a8bee upstream.

Unlike Intel's Enhanced IBRS feature, AMD's Automatic IBRS does not
provide protection to processes running at CPL3/user mode, see section
"Extended Feature Enable Register (EFER)" in the APM v2 at
https://bugzilla.kernel.org/attachment.cgi?id=304652

Explicitly enable STIBP to protect against cross-thread CPL3
branch target injections on systems with Automatic IBRS enabled.

Also update the relevant documentation.

Fixes: e7862eda30 ("x86/cpu: Support AMD Automatic IBRS")
Reported-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20230720194727.67022-1-kim.phillips@amd.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2024-04-13 12:59:13 +02:00
..
ABI x86/rfds: Mitigate Register File Data Sampling (RFDS) 2024-04-13 12:58:59 +02:00
PCI
RCU
accounting psi: Fix uaf issue when psi trigger is destroyed while being polled 2022-02-05 12:37:55 +01:00
admin-guide x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled 2024-04-13 12:59:13 +02:00
arm ARM: 9012/1: move device tree mapping out of linear region 2021-05-19 10:13:18 +02:00
arm64 perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 2023-09-23 11:01:05 +02:00
block block: introduce zone_write_granularity limit 2024-04-13 12:58:07 +02:00
bpf
cdrom
core-api kernel.h: split out kstrtox() and simple_strtox() to a separate header 2023-06-21 15:45:35 +02:00
cpu-freq
crypto
dev-tools docs/scripts/gdb: add necessary make scripts_gdb step 2023-03-11 16:39:52 +01:00
devicetree dt-bindings: nvmem: mxs-ocotp: Document fsl,ocotp 2024-01-05 15:12:28 +01:00
doc-guide
driver-api spi: Update reference to struct spi_controller 2023-01-14 10:15:26 +01:00
fault-injection debugfs: fix error when writing negative value to atomic_t debugfs file 2023-01-14 10:15:19 +01:00
fb
features
filesystems rename(): fix the locking of subdirectories 2024-02-23 08:41:54 +01:00
firmware-guide Documentation: ACPI: EINJ: Fix obsolete example 2022-08-25 11:37:53 +02:00
firmware_class
fpga
gpu Revert "fbcon: Disable accelerated scrolling" 2022-02-08 18:30:40 +01:00
hid
hwmon hwmon: (lm90) Add basic support for TI TMP461 2021-12-29 12:25:59 +01:00
i2c
ia64
ide
iio
infiniband
input Input: iforce - add support for Boeder Force Feedback Wheel 2022-09-20 12:38:32 +02:00
isdn
kbuild Documentation/Kbuild: Remove references to gcc-plugin.sh 2021-12-14 11:32:46 +01:00
kernel-hacking docs: futex: Fix kernel-doc references after code split-up preparation 2023-04-26 11:27:40 +02:00
leds
litmus-tests
livepatch
locking Documentation/locking/locktypes: Update migrate_disable() bits. 2021-12-14 11:32:42 +01:00
m68k
maintainer
mhi
mips
misc-devices
netlabel
networking net: change accept_ra_min_rtr_lft to affect all RA lifetimes 2023-10-25 11:54:14 +02:00
nios2
nvdimm
openrisc
parisc
pcmcia
power
powerpc powerpc/doc: Fix htmldocs errors 2023-04-26 11:27:37 +02:00
process overflow: Implement size_t saturating arithmetic helpers 2023-11-20 11:06:44 +01:00
riscv
s390
scheduler
scsi scsi: core: Fix the scsi_set_resid() documentation 2023-09-19 12:20:21 +02:00
security watch_queue: Drop references to /dev/watch_queue 2021-03-04 11:37:59 +01:00
sh
sound ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument 2024-02-23 08:42:10 +01:00
sparc
sphinx docs: Fix the docs build with Sphinx 6.0 2023-01-18 11:44:53 +01:00
sphinx-static
spi
staging
target tweewide: Fix most Shebang lines 2021-05-22 11:40:55 +02:00
timers
trace attr: use consistent sgid stripping checks 2023-03-22 13:30:08 +01:00
translations docs: futex: Fix kernel-doc references after code split-up preparation 2023-04-26 11:27:40 +02:00
usb
userspace-api Remove DECnet support from kernel 2023-06-21 15:45:38 +02:00
virt KVM: s390: disable migration mode when dirty tracking is disabled 2023-03-11 16:39:58 +01:00
vm arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL 2022-05-15 20:00:09 +02:00
w1
watchdog
x86 x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key 2024-04-13 12:58:57 +02:00
xtensa
.gitignore
COPYING-logo
Changes
CodingStyle
Kconfig
Makefile
SubmittingPatches
asm-annotations.rst x86/entry: Emit a symbol for register restoring thunk 2021-02-03 23:28:40 +01:00
atomic_bitops.txt locking/atomic: Make test_and_*_bit() ordered on failure 2022-08-25 11:38:10 +02:00
atomic_t.txt
conf.py docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 2022-06-09 10:21:28 +02:00
docutils.conf
dontdiff kbuild: generate Module.symvers only when vmlinux exists 2021-05-19 10:12:59 +02:00
index.rst
logo.gif
memory-barriers.txt
watch_queue.rst