This backport adds support for Retbleed and PBRSB mitigations for Intel parts.
Some AMD parts are added to simplify context however support for IBPB or UNRET is not included in this series. The reporting of whether a cpu is affected should be correct however.
Most patches applied cleanly or required only context changes, the major difference between this series and upstream is the fact that the kvm entry path is in inline asm in the 4.14 tree and so this had to be accommodated in patches: - x86/speculation: Fill RSB on vmexit for IBRS - x86/speculation: Add RSB VM Exit protections
This series is unsurprisingly very similar to that for the 5.4 backport [1].
Boot tested on a variety of Intel and AMD systems.
Tested correct reporting of vulnerabilities and mitigation selection on Skylake, Cascade Lake, Ice Lake and Zen3 parts.
[1] https://lore.kernel.org/stable/20221003131038.12645-1-cascardo@canonical.com...
Alexandre Chartre (2): x86/bugs: Report AMD retbleed vulnerability x86/bugs: Add AMD retbleed= boot parameter
Andrew Cooper (1): x86/cpu/amd: Enumerate BTC_NO
Daniel Sneddon (1): x86/speculation: Add RSB VM Exit protections
Ingo Molnar (1): x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header
Josh Poimboeuf (8): x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n x86/speculation: Fix firmware entry SPEC_CTRL handling x86/speculation: Fix SPEC_CTRL write on SMT state change x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit x86/speculation: Remove x86_spec_ctrl_mask KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS KVM: VMX: Fix IBRS handling after vmexit x86/speculation: Fill RSB on vmexit for IBRS
Kan Liang (1): x86/cpufeature: Add facility to check for min microcode revisions
Mark Gross (1): x86/cpu: Add a steppings field to struct x86_cpu_id
Nathan Chancellor (1): x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
Pawan Gupta (5): x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS x86/speculation: Add LFENCE to RSB fill sequence x86/bugs: Add Cannon lake to RETBleed affected CPU list x86/speculation: Disable RRSBA behavior x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
Peter Zijlstra (9): x86/entry: Remove skip_r11rcx x86/cpufeatures: Move RETPOLINE flags to word 11 x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value x86/bugs: Optimize SPEC_CTRL MSR writes x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() x86/bugs: Report Intel retbleed vulnerability entel_idle: Disable IBRS during long idle x86/speculation: Change FILL_RETURN_BUFFER to work with objtool x86/common: Stamp out the stepping madness
Suraj Jitindar Singh (1): Revert "x86/cpu: Add a steppings field to struct x86_cpu_id"
Thadeu Lima de Souza Cascardo (1): x86/entry: Add kernel IBRS implementation
Thomas Gleixner (2): x86/devicetable: Move x86 specific macro out of generic code x86/cpu: Add consistent CPU match macros
Documentation/admin-guide/hw-vuln/spectre.rst | 8 + .../admin-guide/kernel-parameters.txt | 13 + arch/x86/entry/calling.h | 68 ++- arch/x86/entry/entry_32.S | 2 - arch/x86/entry/entry_64.S | 38 +- arch/x86/entry/entry_64_compat.S | 12 +- arch/x86/include/asm/cpu_device_id.h | 168 ++++++- arch/x86/include/asm/cpufeatures.h | 16 +- arch/x86/include/asm/intel-family.h | 6 + arch/x86/include/asm/msr-index.h | 14 + arch/x86/include/asm/nospec-branch.h | 48 +- arch/x86/kernel/cpu/amd.c | 21 +- arch/x86/kernel/cpu/bugs.c | 415 +++++++++++++++--- arch/x86/kernel/cpu/common.c | 68 ++- arch/x86/kernel/cpu/match.c | 44 +- arch/x86/kernel/cpu/scattered.c | 1 + arch/x86/kernel/process.c | 2 +- arch/x86/kvm/svm.c | 1 + arch/x86/kvm/vmx.c | 51 ++- drivers/base/cpu.c | 8 + drivers/cpufreq/acpi-cpufreq.c | 1 + drivers/cpufreq/amd_freq_sensitivity.c | 1 + drivers/idle/intel_idle.c | 45 +- include/linux/cpu.h | 2 + include/linux/mod_devicetable.h | 4 +- tools/arch/x86/include/asm/cpufeatures.h | 1 + 26 files changed, 897 insertions(+), 161 deletions(-)