mirror of https://github.com/torvalds/linux.git
35277995e1
Pull spectre/meltdown updates from Thomas Gleixner:
"The next round of updates related to melted spectrum:
- The initial set of spectre V1 mitigations:
- Array index speculation blocker and its usage for syscall,
fdtable and the n180211 driver.
- Speculation barrier and its usage in user access functions
- Make indirect calls in KVM speculation safe
- Blacklisting of known to be broken microcodes so IPBP/IBSR are not
touched.
- The initial IBPB support and its usage in context switch
- The exposure of the new speculation MSRs to KVM guests.
- A fix for a regression in x86/32 related to the cpu entry area
- Proper whitelisting for known to be safe CPUs from the mitigations.
- objtool fixes to deal proper with retpolines and alternatives
- Exclude __init functions from retpolines which speeds up the boot
process.
- Removal of the syscall64 fast path and related cleanups and
simplifications
- Removal of the unpatched paravirt mode which is yet another source
of indirect unproteced calls.
- A new and undisputed version of the module mismatch warning
- A couple of cleanup and correctness fixes all over the place
Yet another step towards full mitigation. There are a few things still
missing like the RBS underflow mitigation for Skylake and other small
details, but that's being worked on.
That said, I'm taking a belated christmas vacation for a week and hope
that everything is magically solved when I'm back on Feb 12th"
* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (37 commits)
KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
KVM/x86: Add IBPB support
KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX
x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
x86/pti: Mark constant arrays as __initconst
x86/spectre: Simplify spectre_v2 command line parsing
x86/retpoline: Avoid retpolines for built-in __init functions
x86/kvm: Update spectre-v1 mitigation
KVM: VMX: make MSR bitmaps per-VCPU
x86/paravirt: Remove 'noreplace-paravirt' cmdline option
x86/speculation: Use Indirect Branch Prediction Barrier in context switch
x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
x86/spectre: Report get_user mitigation for spectre_v1
nl80211: Sanitize array index in parse_txq_params
vfs, fdtable: Prevent bounds-check bypass via speculative execution
x86/syscall: Sanitize syscall table de-references under speculation
x86/get_user: Use pointer masking to limit speculation
...
|
||
|---|---|---|
| .. | ||
| .gitignore | ||
| Makefile | ||
| atomic64_32.c | ||
| atomic64_386_32.S | ||
| atomic64_cx8_32.S | ||
| cache-smp.c | ||
| checksum_32.S | ||
| clear_page_64.S | ||
| cmdline.c | ||
| cmpxchg8b_emu.S | ||
| cmpxchg16b_emu.S | ||
| copy_page_64.S | ||
| copy_user_64.S | ||
| cpu.c | ||
| csum-copy_64.S | ||
| csum-partial_64.c | ||
| csum-wrappers_64.c | ||
| delay.c | ||
| error-inject.c | ||
| getuser.S | ||
| hweight.S | ||
| inat.c | ||
| insn-eval.c | ||
| insn.c | ||
| iomap_copy_64.S | ||
| kaslr.c | ||
| memcpy_32.c | ||
| memcpy_64.S | ||
| memmove_64.S | ||
| memset_64.S | ||
| misc.c | ||
| mmx_32.c | ||
| msr-reg-export.c | ||
| msr-reg.S | ||
| msr-smp.c | ||
| msr.c | ||
| putuser.S | ||
| retpoline.S | ||
| rwsem.S | ||
| string_32.c | ||
| strstr_32.c | ||
| usercopy.c | ||
| usercopy_32.c | ||
| usercopy_64.c | ||
| x86-opcode-map.txt | ||