Here's a lightly tested backport of the Spectre v1 swapgs mitigation, for 4.9.
Ben.
On Fri, Aug 09, 2019 at 01:05:28AM +0100, Ben Hutchings wrote:
Here's a lightly tested backport of the Spectre v1 swapgs mitigation, for 4.9.
Hm, you backported 64dbc122b20f ("x86/entry/64: Use JMP instead of JMPQ") which is not in 4.14.y, yet you did not backport 4c92057661a3 ("Documentation: Add swapgs description to the Spectre v1 documentation") which should go to this kernel too, right?
thanks,
greg k-h
On Fri, Aug 09, 2019 at 10:44:44AM +0200, Greg Kroah-Hartman wrote:
On Fri, Aug 09, 2019 at 01:05:28AM +0100, Ben Hutchings wrote:
Here's a lightly tested backport of the Spectre v1 swapgs mitigation, for 4.9.
Hm, you backported 64dbc122b20f ("x86/entry/64: Use JMP instead of JMPQ") which is not in 4.14.y, yet you did not backport 4c92057661a3 ("Documentation: Add swapgs description to the Spectre v1 documentation") which should go to this kernel too, right?
Same questions on your 4.4 backport.
thanks,
greg k-h
On Fri, 2019-08-09 at 10:44 +0200, Greg Kroah-Hartman wrote:
On Fri, Aug 09, 2019 at 01:05:28AM +0100, Ben Hutchings wrote:
Here's a lightly tested backport of the Spectre v1 swapgs mitigation, for 4.9.
Hm, you backported 64dbc122b20f ("x86/entry/64: Use JMP instead of JMPQ") which is not in 4.14.y,
For 4.14, it was apparently folded into the backport of "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations".
yet you did not backport 4c92057661a3 ("Documentation: Add swapgs description to the Spectre v1 documentation") which should go to this kernel too, right?
That touches a file that doesn't exist. We'd first need a backport of commit 6e88559470f5 "Documentation: Add section about CPU vulnerabilities for Spectre".
Ben.
On Fri, Aug 09, 2019 at 12:46:37PM +0100, Ben Hutchings wrote:
On Fri, 2019-08-09 at 10:44 +0200, Greg Kroah-Hartman wrote:
On Fri, Aug 09, 2019 at 01:05:28AM +0100, Ben Hutchings wrote:
Here's a lightly tested backport of the Spectre v1 swapgs mitigation, for 4.9.
Hm, you backported 64dbc122b20f ("x86/entry/64: Use JMP instead of JMPQ") which is not in 4.14.y,
For 4.14, it was apparently folded into the backport of "x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations".
Ah, sneaky :(
yet you did not backport 4c92057661a3 ("Documentation: Add swapgs description to the Spectre v1 documentation") which should go to this kernel too, right?
That touches a file that doesn't exist. We'd first need a backport of commit 6e88559470f5 "Documentation: Add section about CPU vulnerabilities for Spectre".
Ok, that makes sense.
Let me go queue both of these series now, thank you so much for these.
Also, I would like to formally apologize that you had to do this work on no notice at all. I, and others, have been asking Intel to allow you to be involved in this type of thing for many many many months. Despite their assurance of "we got this", the obviously did not follow through at all, and you and all Debian users suffered as a result.
thanks,
greg k-h
On Fri, 2019-08-09 at 14:36 +0200, Greg Kroah-Hartman wrote: [...]
Also, I would like to formally apologize that you had to do this work on no notice at all. I, and others, have been asking Intel to allow you to be involved in this type of thing for many many many months. Despite their assurance of "we got this", the obviously did not follow through at all, and you and all Debian users suffered as a result.
No apology needed. Salvatore and I are now in regular contact with Intel and did get a few weeks' notice from them. We just didn't find the time to get this ready for the end of embargo.
Ben.
linux-stable-mirror@lists.linaro.org