On Thu, Oct 27, 2022 at 01:48:01PM -0700, Suraj Jitindar Singh wrote:
This backport adds support for Retbleed and PBRSB mitigations for Intel parts.
Some AMD parts are added to simplify context however support for IBPB or UNRET is not included in this series. The reporting of whether a cpu is affected should be correct however.
Most patches applied cleanly or required only context changes, the major difference between this series and upstream is the fact that the kvm entry path is in inline asm in the 4.14 tree and so this had to be accommodated in patches:
- x86/speculation: Fill RSB on vmexit for IBRS
- x86/speculation: Add RSB VM Exit protections
This series is unsurprisingly very similar to that for the 5.4 backport [1].
Boot tested on a variety of Intel and AMD systems.
Tested correct reporting of vulnerabilities and mitigation selection on Skylake, Cascade Lake, Ice Lake and Zen3 parts.
[1] https://lore.kernel.org/stable/20221003131038.12645-1-cascardo@canonical.com...
Note, you forgot to sign off on a lot of these patches. Whenever you submit a patch, you need to also do that as the patch came through you.
I've queued these up now, and will go do a 4.14.y-rc release with just these in it to get some testing separate from other changes.
thanks,
greg k-h