This is a note to let you know that I've just added the patch titled
x86/alternatives: Fix optimize_nops() checking
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-alternatives-fix-optimize_nops-checking.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From 612e8e9350fd19cae6900cf36ea0c6892d1a0dca Mon Sep 17 00:00:00 2001
From: Borislav Petkov <bp(a)suse.de>
Date: Wed, 10 Jan 2018 12:28:16 +0100
Subject: x86/alternatives: Fix optimize_nops() checking
From: Borislav Petkov <bp(a)suse.de>
commit 612e8e9350fd19cae6900cf36ea0c6892d1a0dca upstream.
The alternatives code checks only the first byte whether it is a NOP, but
with NOPs in front of the payload and having actual instructions after it
breaks the "optimized' test.
Make sure to scan all bytes before deciding to optimize the NOPs in there.
Reported-by: David Woodhouse <dwmw2(a)infradead.org>
Signed-off-by: Borislav Petkov <bp(a)suse.de>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Tom Lendacky <thomas.lendacky(a)amd.com>
Cc: Andi Kleen <ak(a)linux.intel.com>
Cc: Tim Chen <tim.c.chen(a)linux.intel.com>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Jiri Kosina <jikos(a)kernel.org>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Andi Kleen <andi(a)firstfloor.org>
Cc: Andrew Lutomirski <luto(a)kernel.org>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Cc: Paul Turner <pjt(a)google.com>
Link: https://lkml.kernel.org/r/20180110112815.mgciyf5acwacphkq@pd.tnic
Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/kernel/alternative.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -339,9 +339,12 @@ done:
static void __init_or_module optimize_nops(struct alt_instr *a, u8 *instr)
{
unsigned long flags;
+ int i;
- if (instr[0] != 0x90)
- return;
+ for (i = 0; i < a->padlen; i++) {
+ if (instr[i] != 0x90)
+ return;
+ }
local_irq_save(flags);
add_nops(instr + (a->instrlen - a->padlen), a->padlen);
Patches currently in stable-queue which might be from bp(a)suse.de are
queue-4.4/x86-microcode-intel-extend-bdw-late-loading-with-a-revision-check.patch
queue-4.4/x86-alternatives-fix-optimize_nops-checking.patch
This is a note to let you know that I've just added the patch titled
x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From b9e705ef7cfaf22db0daab91ad3cd33b0fa32eb9 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw(a)amazon.co.uk>
Date: Thu, 4 Jan 2018 14:37:05 +0000
Subject: x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
From: David Woodhouse <dwmw(a)amazon.co.uk>
commit b9e705ef7cfaf22db0daab91ad3cd33b0fa32eb9 upstream.
Where an ALTERNATIVE is used in the middle of an inline asm block, this
would otherwise lead to the following instruction being appended directly
to the trailing ".popsection", and a failed compile.
Fixes: 9cebed423c84 ("x86, alternative: Use .pushsection/.popsection")
Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Cc: gnomes(a)lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel(a)redhat.com>
Cc: ak(a)linux.intel.com
Cc: Tim Chen <tim.c.chen(a)linux.intel.com>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Paul Turner <pjt(a)google.com>
Cc: Jiri Kosina <jikos(a)kernel.org>
Cc: Andy Lutomirski <luto(a)amacapital.net>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Kees Cook <keescook(a)google.com>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Cc: stable(a)vger.kernel.org
Link: https://lkml.kernel.org/r/20180104143710.8961-8-dwmw@amazon.co.uk
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/include/asm/alternative.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/arch/x86/include/asm/alternative.h
+++ b/arch/x86/include/asm/alternative.h
@@ -138,7 +138,7 @@ static inline int alternatives_text_rese
".popsection\n" \
".pushsection .altinstr_replacement, \"ax\"\n" \
ALTINSTR_REPLACEMENT(newinstr, feature, 1) \
- ".popsection"
+ ".popsection\n"
#define ALTERNATIVE_2(oldinstr, newinstr1, feature1, newinstr2, feature2)\
OLDINSTR_2(oldinstr, 1, 2) \
@@ -149,7 +149,7 @@ static inline int alternatives_text_rese
".pushsection .altinstr_replacement, \"ax\"\n" \
ALTINSTR_REPLACEMENT(newinstr1, feature1, 1) \
ALTINSTR_REPLACEMENT(newinstr2, feature2, 2) \
- ".popsection"
+ ".popsection\n"
/*
* This must be included *after* the definition of ALTERNATIVE due to
Patches currently in stable-queue which might be from dwmw(a)amazon.co.uk are
queue-4.4/x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch
queue-4.4/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.4/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.4/sysfs-cpu-add-vulnerability-folder.patch
queue-4.4/x86-alternatives-fix-optimize_nops-checking.patch
This is a note to let you know that I've just added the patch titled
sysfs/cpu: Fix typos in vulnerability documentation
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From 9ecccfaa7cb5249bd31bdceb93fcf5bedb8a24d8 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw(a)amazon.co.uk>
Date: Tue, 9 Jan 2018 15:02:51 +0000
Subject: sysfs/cpu: Fix typos in vulnerability documentation
From: David Woodhouse <dwmw(a)amazon.co.uk>
commit 9ecccfaa7cb5249bd31bdceb93fcf5bedb8a24d8 upstream.
Fixes: 87590ce6e ("sysfs/cpu: Add vulnerability folder")
Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
Documentation/ABI/testing/sysfs-devices-system-cpu | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/Documentation/ABI/testing/sysfs-devices-system-cpu
+++ b/Documentation/ABI/testing/sysfs-devices-system-cpu
@@ -276,7 +276,7 @@ What: /sys/devices/system/cpu/vulnerabi
/sys/devices/system/cpu/vulnerabilities/meltdown
/sys/devices/system/cpu/vulnerabilities/spectre_v1
/sys/devices/system/cpu/vulnerabilities/spectre_v2
-Date: Januar 2018
+Date: January 2018
Contact: Linux kernel mailing list <linux-kernel(a)vger.kernel.org>
Description: Information about CPU vulnerabilities
@@ -286,4 +286,4 @@ Description: Information about CPU vulne
"Not affected" CPU is not affected by the vulnerability
"Vulnerable" CPU is affected and no mitigation in effect
- "Mitigation: $M" CPU is affetcted and mitigation $M is in effect
+ "Mitigation: $M" CPU is affected and mitigation $M is in effect
Patches currently in stable-queue which might be from dwmw(a)amazon.co.uk are
queue-4.4/x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch
queue-4.4/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.4/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.4/sysfs-cpu-add-vulnerability-folder.patch
queue-4.4/x86-alternatives-fix-optimize_nops-checking.patch
This is a note to let you know that I've just added the patch titled
x86/retpoline/xen: Convert Xen hypercall indirect jumps
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From ea08816d5b185ab3d09e95e393f265af54560350 Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw(a)amazon.co.uk>
Date: Thu, 11 Jan 2018 21:46:31 +0000
Subject: x86/retpoline/xen: Convert Xen hypercall indirect jumps
From: David Woodhouse <dwmw(a)amazon.co.uk>
commit ea08816d5b185ab3d09e95e393f265af54560350 upstream.
Convert indirect call in Xen hypercall to use non-speculative sequence,
when CONFIG_RETPOLINE is enabled.
Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Acked-by: Arjan van de Ven <arjan(a)linux.intel.com>
Acked-by: Ingo Molnar <mingo(a)kernel.org>
Reviewed-by: Juergen Gross <jgross(a)suse.com>
Cc: gnomes(a)lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel(a)redhat.com>
Cc: Andi Kleen <ak(a)linux.intel.com>
Cc: Josh Poimboeuf <jpoimboe(a)redhat.com>
Cc: thomas.lendacky(a)amd.com
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Jiri Kosina <jikos(a)kernel.org>
Cc: Andy Lutomirski <luto(a)amacapital.net>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Kees Cook <keescook(a)google.com>
Cc: Tim Chen <tim.c.chen(a)linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Cc: Paul Turner <pjt(a)google.com>
Link: https://lkml.kernel.org/r/1515707194-20531-10-git-send-email-dwmw@amazon.co…
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/include/asm/xen/hypercall.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/arch/x86/include/asm/xen/hypercall.h
+++ b/arch/x86/include/asm/xen/hypercall.h
@@ -44,6 +44,7 @@
#include <asm/page.h>
#include <asm/pgtable.h>
#include <asm/smap.h>
+#include <asm/nospec-branch.h>
#include <xen/interface/xen.h>
#include <xen/interface/sched.h>
@@ -217,9 +218,9 @@ privcmd_call(unsigned call,
__HYPERCALL_5ARG(a1, a2, a3, a4, a5);
stac();
- asm volatile("call *%[call]"
+ asm volatile(CALL_NOSPEC
: __HYPERCALL_5PARAM
- : [call] "a" (&hypercall_page[call])
+ : [thunk_target] "a" (&hypercall_page[call])
: __HYPERCALL_CLOBBER5);
clac();
Patches currently in stable-queue which might be from dwmw(a)amazon.co.uk are
queue-4.14/x86-spectre-add-boot-time-option-to-select-spectre-v2-mitigation.patch
queue-4.14/x86-retpoline-irq32-convert-assembler-indirect-jumps.patch
queue-4.14/objtool-detect-jumps-to-retpoline-thunks.patch
queue-4.14/x86-cpufeatures-add-x86_bug_spectre_v.patch
queue-4.14/x86-retpoline-hyperv-convert-assembler-indirect-jumps.patch
queue-4.14/x86-mm-pti-remove-dead-logic-in-pti_user_pagetable_walk.patch
queue-4.14/x86-retpoline-entry-convert-entry-assembler-indirect-jumps.patch
queue-4.14/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.14/x86-pti-fix-pcid-and-sanitize-defines.patch
queue-4.14/x86-cpu-amd-make-lfence-a-serializing-instruction.patch
queue-4.14/x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch
queue-4.14/objtool-allow-alternatives-to-be-ignored.patch
queue-4.14/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.14/x86-retpoline-crypto-convert-crypto-assembler-indirect-jumps.patch
queue-4.14/x86-tboot-unbreak-tboot-with-pti-enabled.patch
queue-4.14/x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch
queue-4.14/x86-retpoline-checksum32-convert-assembler-indirect-jumps.patch
queue-4.14/x86-pti-make-unpoison-of-pgd-for-trusted-boot-work-for-real.patch
queue-4.14/sysfs-cpu-add-vulnerability-folder.patch
queue-4.14/x86-retpoline-fill-return-stack-buffer-on-vmexit.patch
queue-4.14/x86-retpoline-remove-compile-time-warning.patch
queue-4.14/x86-cpu-amd-use-lfence_rdtsc-in-preference-to-mfence_rdtsc.patch
queue-4.14/x86-retpoline-add-initial-retpoline-support.patch
This is a note to let you know that I've just added the patch titled
x86/retpoline: Remove compile time warning
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-retpoline-remove-compile-time-warning.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From b8b9ce4b5aec8de9e23cabb0a26b78641f9ab1d6 Mon Sep 17 00:00:00 2001
From: Thomas Gleixner <tglx(a)linutronix.de>
Date: Sun, 14 Jan 2018 22:13:29 +0100
Subject: x86/retpoline: Remove compile time warning
From: Thomas Gleixner <tglx(a)linutronix.de>
commit b8b9ce4b5aec8de9e23cabb0a26b78641f9ab1d6 upstream.
Remove the compile time warning when CONFIG_RETPOLINE=y and the compiler
does not have retpoline support. Linus rationale for this is:
It's wrong because it will just make people turn off RETPOLINE, and the
asm updates - and return stack clearing - that are independent of the
compiler are likely the most important parts because they are likely the
ones easiest to target.
And it's annoying because most people won't be able to do anything about
it. The number of people building their own compiler? Very small. So if
their distro hasn't got a compiler yet (and pretty much nobody does), the
warning is just annoying crap.
It is already properly reported as part of the sysfs interface. The
compile-time warning only encourages bad things.
Fixes: 76b043848fd2 ("x86/retpoline: Add initial retpoline support")
Requested-by: Linus Torvalds <torvalds(a)linux-foundation.org>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Cc: David Woodhouse <dwmw(a)amazon.co.uk>
Cc: Peter Zijlstra (Intel) <peterz(a)infradead.org>
Cc: gnomes(a)lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel(a)redhat.com>
Cc: Andi Kleen <ak(a)linux.intel.com>
Cc: Josh Poimboeuf <jpoimboe(a)redhat.com>
Cc: thomas.lendacky(a)amd.com
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Jiri Kosina <jikos(a)kernel.org>
Cc: Andy Lutomirski <luto(a)amacapital.net>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Kees Cook <keescook(a)google.com>
Cc: Tim Chen <tim.c.chen(a)linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Link: https://lkml.kernel.org/r/CA+55aFzWgquv4i6Mab6bASqYXg3ErV3XDFEYf=GEcCDQg5uA…
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/Makefile | 2 --
1 file changed, 2 deletions(-)
--- a/arch/x86/Makefile
+++ b/arch/x86/Makefile
@@ -240,8 +240,6 @@ ifdef CONFIG_RETPOLINE
RETPOLINE_CFLAGS += $(call cc-option,-mindirect-branch=thunk-extern -mindirect-branch-register)
ifneq ($(RETPOLINE_CFLAGS),)
KBUILD_CFLAGS += $(RETPOLINE_CFLAGS) -DRETPOLINE
- else
- $(warning CONFIG_RETPOLINE=y, but not supported by the compiler. Toolchain update recommended.)
endif
endif
Patches currently in stable-queue which might be from tglx(a)linutronix.de are
queue-4.14/x86-spectre-add-boot-time-option-to-select-spectre-v2-mitigation.patch
queue-4.14/x86-retpoline-irq32-convert-assembler-indirect-jumps.patch
queue-4.14/objtool-detect-jumps-to-retpoline-thunks.patch
queue-4.14/security-kconfig-correct-the-documentation-reference-for-pti.patch
queue-4.14/x86-pti-unbreak-efi-old_memmap.patch
queue-4.14/x86-cpufeatures-add-x86_bug_spectre_v.patch
queue-4.14/x86-microcode-intel-extend-bdw-late-loading-with-a-revision-check.patch
queue-4.14/x86-retpoline-hyperv-convert-assembler-indirect-jumps.patch
queue-4.14/membarrier-disable-preemption-when-calling-smp_call_function_many.patch
queue-4.14/x86-mm-pti-remove-dead-logic-in-pti_user_pagetable_walk.patch
queue-4.14/x86-retpoline-entry-convert-entry-assembler-indirect-jumps.patch
queue-4.14/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.14/x86-pti-fix-pcid-and-sanitize-defines.patch
queue-4.14/x86-cpu-amd-make-lfence-a-serializing-instruction.patch
queue-4.14/x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch
queue-4.14/x86-documentation-add-pti-description.patch
queue-4.14/x86-acpi-handle-sci-interrupts-above-legacy-space-gracefully.patch
queue-4.14/objtool-allow-alternatives-to-be-ignored.patch
queue-4.14/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.14/x86-retpoline-crypto-convert-crypto-assembler-indirect-jumps.patch
queue-4.14/selftests-x86-add-test_vsyscall.patch
queue-4.14/x86-tboot-unbreak-tboot-with-pti-enabled.patch
queue-4.14/x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch
queue-4.14/x86-retpoline-checksum32-convert-assembler-indirect-jumps.patch
queue-4.14/x86-pti-make-unpoison-of-pgd-for-trusted-boot-work-for-real.patch
queue-4.14/sysfs-cpu-add-vulnerability-folder.patch
queue-4.14/x86-retpoline-fill-return-stack-buffer-on-vmexit.patch
queue-4.14/x86-acpi-reduce-code-duplication-in-mp_override_legacy_irq.patch
queue-4.14/x86-retpoline-remove-compile-time-warning.patch
queue-4.14/x86-alternatives-fix-optimize_nops-checking.patch
queue-4.14/x86-cpu-amd-use-lfence_rdtsc-in-preference-to-mfence_rdtsc.patch
queue-4.14/x86-retpoline-add-initial-retpoline-support.patch
queue-4.14/kdump-write-correct-address-of-mem_section-into-vmcoreinfo.patch
queue-4.14/x86-perf-disable-intel_bts-when-pti.patch
This is a note to let you know that I've just added the patch titled
x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
to the 4.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
The filename of the patch is:
x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch
and it can be found in the queue-4.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable(a)vger.kernel.org> know about it.
>From 9351803bd803cdbeb9b5a7850b7b6f464806e3db Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw(a)amazon.co.uk>
Date: Thu, 11 Jan 2018 21:46:29 +0000
Subject: x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
From: David Woodhouse <dwmw(a)amazon.co.uk>
commit 9351803bd803cdbeb9b5a7850b7b6f464806e3db upstream.
Convert all indirect jumps in ftrace assembler code to use non-speculative
sequences when CONFIG_RETPOLINE is enabled.
Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de>
Acked-by: Arjan van de Ven <arjan(a)linux.intel.com>
Acked-by: Ingo Molnar <mingo(a)kernel.org>
Cc: gnomes(a)lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel(a)redhat.com>
Cc: Andi Kleen <ak(a)linux.intel.com>
Cc: Josh Poimboeuf <jpoimboe(a)redhat.com>
Cc: thomas.lendacky(a)amd.com
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Jiri Kosina <jikos(a)kernel.org>
Cc: Andy Lutomirski <luto(a)amacapital.net>
Cc: Dave Hansen <dave.hansen(a)intel.com>
Cc: Kees Cook <keescook(a)google.com>
Cc: Tim Chen <tim.c.chen(a)linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org>
Cc: Paul Turner <pjt(a)google.com>
Link: https://lkml.kernel.org/r/1515707194-20531-8-git-send-email-dwmw@amazon.co.…
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
---
arch/x86/kernel/ftrace_32.S | 6 ++++--
arch/x86/kernel/ftrace_64.S | 8 ++++----
2 files changed, 8 insertions(+), 6 deletions(-)
--- a/arch/x86/kernel/ftrace_32.S
+++ b/arch/x86/kernel/ftrace_32.S
@@ -8,6 +8,7 @@
#include <asm/segment.h>
#include <asm/export.h>
#include <asm/ftrace.h>
+#include <asm/nospec-branch.h>
#ifdef CC_USING_FENTRY
# define function_hook __fentry__
@@ -197,7 +198,8 @@ ftrace_stub:
movl 0x4(%ebp), %edx
subl $MCOUNT_INSN_SIZE, %eax
- call *ftrace_trace_function
+ movl ftrace_trace_function, %ecx
+ CALL_NOSPEC %ecx
popl %edx
popl %ecx
@@ -241,5 +243,5 @@ return_to_handler:
movl %eax, %ecx
popl %edx
popl %eax
- jmp *%ecx
+ JMP_NOSPEC %ecx
#endif
--- a/arch/x86/kernel/ftrace_64.S
+++ b/arch/x86/kernel/ftrace_64.S
@@ -7,7 +7,7 @@
#include <asm/ptrace.h>
#include <asm/ftrace.h>
#include <asm/export.h>
-
+#include <asm/nospec-branch.h>
.code64
.section .entry.text, "ax"
@@ -286,8 +286,8 @@ trace:
* ip and parent ip are used and the list function is called when
* function tracing is enabled.
*/
- call *ftrace_trace_function
-
+ movq ftrace_trace_function, %r8
+ CALL_NOSPEC %r8
restore_mcount_regs
jmp fgraph_trace
@@ -329,5 +329,5 @@ GLOBAL(return_to_handler)
movq 8(%rsp), %rdx
movq (%rsp), %rax
addq $24, %rsp
- jmp *%rdi
+ JMP_NOSPEC %rdi
#endif
Patches currently in stable-queue which might be from dwmw(a)amazon.co.uk are
queue-4.14/x86-spectre-add-boot-time-option-to-select-spectre-v2-mitigation.patch
queue-4.14/x86-retpoline-irq32-convert-assembler-indirect-jumps.patch
queue-4.14/objtool-detect-jumps-to-retpoline-thunks.patch
queue-4.14/x86-cpufeatures-add-x86_bug_spectre_v.patch
queue-4.14/x86-retpoline-hyperv-convert-assembler-indirect-jumps.patch
queue-4.14/x86-mm-pti-remove-dead-logic-in-pti_user_pagetable_walk.patch
queue-4.14/x86-retpoline-entry-convert-entry-assembler-indirect-jumps.patch
queue-4.14/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.14/x86-pti-fix-pcid-and-sanitize-defines.patch
queue-4.14/x86-cpu-amd-make-lfence-a-serializing-instruction.patch
queue-4.14/x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch
queue-4.14/objtool-allow-alternatives-to-be-ignored.patch
queue-4.14/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.14/x86-retpoline-crypto-convert-crypto-assembler-indirect-jumps.patch
queue-4.14/x86-tboot-unbreak-tboot-with-pti-enabled.patch
queue-4.14/x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch
queue-4.14/x86-retpoline-checksum32-convert-assembler-indirect-jumps.patch
queue-4.14/x86-pti-make-unpoison-of-pgd-for-trusted-boot-work-for-real.patch
queue-4.14/sysfs-cpu-add-vulnerability-folder.patch
queue-4.14/x86-retpoline-fill-return-stack-buffer-on-vmexit.patch
queue-4.14/x86-retpoline-remove-compile-time-warning.patch
queue-4.14/x86-cpu-amd-use-lfence_rdtsc-in-preference-to-mfence_rdtsc.patch
queue-4.14/x86-retpoline-add-initial-retpoline-support.patch