On Tue, Sep 16, 2025 at 08:41:33PM +0000, Jitindar Singh, Suraj wrote:
On Thu, 2025-09-04 at 14:00 +0200, Greg KH wrote:
On Wed, Sep 03, 2025 at 03:49:59PM -0700, Suraj Jitindar Singh wrote:
The 4 patches in this series make the JMP_NOSPEC and CALL_NOSPEC macros used in the kernel consistent with what is generated by the compiler.
("x86,nospec: Simplify {JMP,CALL}_NOSPEC") was merged in v6.0 and the remaining 3 patches in this series were merged in v6.15. All 4 were included in kernels v5.15+ as prerequisites for the backport of the ITS mitigations [1].
None of these patches were included in the backport of the ITS mitigations to the 5.10 kernel [2]. They all apply cleanly and are applicable to the 5.10 kernel. Thus I see no reason that they weren't applied here, unless someone can correct me?
Do they actually fix anything?
They do not, no.
I am sending them for inclusion in the 5.10 kernel as this kernel is still actively maintained for these kind of vulnerability mitigations and as such having these patches will unify the handling of these cases with subsequent kernel versions easing code understanding and the ease of backports in the future.
Does this actually allow this to happen? I think there are a few speculation fixes that have not been backported to this kernel tree, so why not just make this as a part of that work instead? Just adding infastructure that doesn't do anything isn't usually a good idea.
In my case at least, it does. I had to spend time working out why this code was different compared to newer stable and upstream, and determining if this required special handling - which would not have been necessary if this code was the same. Other speculation fixes don't touch this path which is why it was included in the ITS mitigation patch series for other stable versions. It does do something, any where the macros are used this does something and is then rewritten by the alternatives code.
Trying to save my own (and anyone elses) sanity for having to work out why this is different in the future in an area which does still get regularly touched for these old kernels. Understand it doesn't fit the regular stable patch mold but wanted to help in case these were just unintentionally missed in this stable stream. But I acknowledge as you point out that they are not fixing anything.
If you want to include this as part of a patch series that does add additional speculation bugfixes, as it would make that series work easier, that's great, but on its own, it wouldn't make much sense to do this for no reason.
good luck with keeping this alive, that's not an easy task.
greg k-h