| Message ID | 20191008153930.15386-1-ard.biesheuvel@linaro.org |
|---|---|
| Headers | show |
| Series | arm64 spec mitigation backports | expand |
On Tue, Oct 08, 2019 at 05:39:14PM +0200, Ard Biesheuvel wrote: > This is a backport to v4.19 of the arm64 patches that exists in mainline > to support CPUs that implement the SSBS capability, which gives the OS > and user space control over whether Speculative Store Bypass is > permitted in certain contexts. This gives a substantial performance > boost on hardware that implements it. > > At the same time, this series backports arm64 support for reporting > of vulnerabilities via syfs. This is covered by the same series since > it produces a much cleaner backport, where none of the patches required > any changes beyond some manual mangling of the context to make them apply. > > Build tested using a fair number of randconfig builds. Boot tested > under KVM and on ThunderX2. All now queued up, thanks. greg k-h
On Wed, 9 Oct 2019 at 10:04, Greg KH <greg@kroah.com> wrote: > > On Tue, Oct 08, 2019 at 05:39:14PM +0200, Ard Biesheuvel wrote: > > This is a backport to v4.19 of the arm64 patches that exists in mainline > > to support CPUs that implement the SSBS capability, which gives the OS > > and user space control over whether Speculative Store Bypass is > > permitted in certain contexts. This gives a substantial performance > > boost on hardware that implements it. > > > > At the same time, this series backports arm64 support for reporting > > of vulnerabilities via syfs. This is covered by the same series since > > it produces a much cleaner backport, where none of the patches required > > any changes beyond some manual mangling of the context to make them apply. > > > > Build tested using a fair number of randconfig builds. Boot tested > > under KVM and on ThunderX2. > > All now queued up, thanks. > Thanks Greg.
This is a backport to v4.19 of the arm64 patches that exists in mainline to support CPUs that implement the SSBS capability, which gives the OS and user space control over whether Speculative Store Bypass is permitted in certain contexts. This gives a substantial performance boost on hardware that implements it. At the same time, this series backports arm64 support for reporting of vulnerabilities via syfs. This is covered by the same series since it produces a much cleaner backport, where none of the patches required any changes beyond some manual mangling of the context to make them apply. Build tested using a fair number of randconfig builds. Boot tested under KVM and on ThunderX2. Cc: Will Deacon <will@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Marc Zyngier <maz@kernel.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: Jeremy Linton <jeremy.linton@arm.com> Cc: Andre Przywara <andre.przywara@arm.com> Jeremy Linton (6): arm64: add sysfs vulnerability show for meltdown arm64: Always enable ssb vulnerability detection arm64: Provide a command line to disable spectre_v2 mitigation arm64: Always enable spectre-v2 vulnerability detection arm64: add sysfs vulnerability show for spectre-v2 arm64: add sysfs vulnerability show for speculative store bypass Marc Zyngier (2): arm64: Advertise mitigation of Spectre-v2, or lack thereof arm64: Force SSBS on context switch Mark Rutland (1): arm64: fix SSBS sanitization Mian Yousaf Kaukab (2): arm64: Add sysfs vulnerability show for spectre-v1 arm64: enable generic CPU vulnerabilites support Will Deacon (5): arm64: cpufeature: Detect SSBS and advertise to userspace arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3 KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe arm64: docs: Document SSBS HWCAP arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB Documentation/admin-guide/kernel-parameters.txt | 8 +- Documentation/arm64/elf_hwcaps.txt | 4 + arch/arm64/Kconfig | 1 + arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/include/asm/cpufeature.h | 4 - arch/arm64/include/asm/kvm_host.h | 11 + arch/arm64/include/asm/processor.h | 17 ++ arch/arm64/include/asm/ptrace.h | 1 + arch/arm64/include/asm/sysreg.h | 19 +- arch/arm64/include/uapi/asm/hwcap.h | 1 + arch/arm64/include/uapi/asm/ptrace.h | 1 + arch/arm64/kernel/cpu_errata.c | 235 +++++++++++++++----- arch/arm64/kernel/cpufeature.c | 122 ++++++++-- arch/arm64/kernel/cpuinfo.c | 1 + arch/arm64/kernel/process.c | 31 +++ arch/arm64/kernel/ptrace.c | 15 +- arch/arm64/kernel/ssbd.c | 21 ++ arch/arm64/kvm/hyp/sysreg-sr.c | 11 + 18 files changed, 410 insertions(+), 96 deletions(-) -- 2.20.1