mirror of https://github.com/torvalds/linux.git
ce114c8668
solved and the nightmare is complete, here's the next one: speculating
after RET instructions and leaking privileged information using the now
pretty much classical covert channels.
It is called RETBleed and the mitigation effort and controlling
functionality has been modelled similar to what already existing
mitigations provide.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmLKqAgACgkQEsHwGGHe
VUoM5w/8CSvwPZ3otkhmu8MrJPtWc7eLDPjYN4qQP+19e+bt094MoozxeeWG2wmp
hkDJAYHT2Oik/qDuEdhFgNYwS7XGgbV3Py3B8syO4//5SD5dkOSG+QqFXvXMdFri
YsVqqNkjJOWk/YL9Ql5RS/xQewsrr0OqEyWWocuI6XAvfWV4kKvlRSd+6oPqtZEO
qYlAHTXElyIrA/gjmxChk1HTt5HZtK3uJLf4twNlUfzw7LYFf3+sw3bdNuiXlyMr
WcLXMwGpS0idURwP3mJa7JRuiVBzb4+kt8mWwWqA02FkKV45FRRRFhFUsy667r00
cdZBaWdy+b7dvXeliO3FN/x1bZwIEUxmaNy1iAClph4Ifh0ySPUkxAr8EIER7YBy
bstDJEaIqgYg8NIaD4oF1UrG0ZbL0ImuxVaFdhG1hopQsh4IwLSTLgmZYDhfn/0i
oSqU0Le+A7QW9s2A2j6qi7BoAbRW+gmBuCgg8f8ECYRkFX1ZF6mkUtnQxYrU7RTq
rJWGW9nhwM9nRxwgntZiTjUUJ2HtyXEgYyCNjLFCbEBfeG5QTg7XSGFhqDbgoymH
85vsmSXYxgTgQ/kTW7Fs26tOqnP2h1OtLJZDL8rg49KijLAnISClEgohYW01CWQf
ZKMHtz3DM0WBiLvSAmfGifScgSrLB5AjtvFHT0hF+5/okEkinVk=
=09fW
-----END PGP SIGNATURE-----
Merge tag 'x86_bugs_retbleed' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 retbleed fixes from Borislav Petkov:
"Just when you thought that all the speculation bugs were addressed and
solved and the nightmare is complete, here's the next one: speculating
after RET instructions and leaking privileged information using the
now pretty much classical covert channels.
It is called RETBleed and the mitigation effort and controlling
functionality has been modelled similar to what already existing
mitigations provide"
* tag 'x86_bugs_retbleed' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (54 commits)
x86/speculation: Disable RRSBA behavior
x86/kexec: Disable RET on kexec
x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
x86/bugs: Add Cannon lake to RETBleed affected CPU list
x86/retbleed: Add fine grained Kconfig knobs
x86/cpu/amd: Enumerate BTC_NO
x86/common: Stamp out the stepping madness
KVM: VMX: Prevent RSB underflow before vmenter
x86/speculation: Fill RSB on vmexit for IBRS
KVM: VMX: Fix IBRS handling after vmexit
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
KVM: VMX: Convert launched argument to flags
KVM: VMX: Flatten __vmx_vcpu_run()
objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
x86/speculation: Remove x86_spec_ctrl_mask
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
x86/speculation: Fix SPEC_CTRL write on SMT state change
x86/speculation: Fix firmware entry SPEC_CTRL handling
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
...
|
||
|---|---|---|
| .. | ||
| atomic | ||
| basic | ||
| clang-tools | ||
| coccinelle | ||
| dtc | ||
| dummy-tools | ||
| gcc-plugins | ||
| gdb | ||
| genksyms | ||
| kconfig | ||
| ksymoops | ||
| mod | ||
| package | ||
| selinux | ||
| tracing | ||
| .gitignore | ||
| Kbuild.include | ||
| Kconfig.include | ||
| Lindent | ||
| Makefile | ||
| Makefile.asm-generic | ||
| Makefile.build | ||
| Makefile.clang | ||
| Makefile.clean | ||
| Makefile.compiler | ||
| Makefile.debug | ||
| Makefile.dtbinst | ||
| Makefile.extrawarn | ||
| Makefile.gcc-plugins | ||
| Makefile.headersinst | ||
| Makefile.host | ||
| Makefile.kasan | ||
| Makefile.kcov | ||
| Makefile.kcsan | ||
| Makefile.lib | ||
| Makefile.modfinal | ||
| Makefile.modinst | ||
| Makefile.modpost | ||
| Makefile.package | ||
| Makefile.randstruct | ||
| Makefile.ubsan | ||
| Makefile.userprogs | ||
| Makefile.vmlinux | ||
| Makefile.vmlinux_o | ||
| adjust_autoksyms.sh | ||
| as-version.sh | ||
| asn1_compiler.c | ||
| bin2c.c | ||
| bloat-o-meter | ||
| bootgraph.pl | ||
| bpf_doc.py | ||
| cc-can-link.sh | ||
| cc-version.sh | ||
| check-blacklist-hashes.awk | ||
| check-local-export | ||
| check-sysctl-docs | ||
| check_extable.sh | ||
| checkdeclares.pl | ||
| checkincludes.pl | ||
| checkkconfigsymbols.py | ||
| checkpatch.pl | ||
| checkstack.pl | ||
| checksyscalls.sh | ||
| checkversion.pl | ||
| cleanfile | ||
| cleanpatch | ||
| coccicheck | ||
| config | ||
| const_structs.checkpatch | ||
| decode_stacktrace.sh | ||
| decodecode | ||
| depmod.sh | ||
| dev-needs.sh | ||
| diffconfig | ||
| documentation-file-ref-check | ||
| export_report.pl | ||
| extract-ikconfig | ||
| extract-module-sig.pl | ||
| extract-sys-certs.pl | ||
| extract-vmlinux | ||
| extract_xc3028.pl | ||
| faddr2line | ||
| file-size.sh | ||
| find-unused-docs.sh | ||
| gcc-goto.sh | ||
| gcc-ld | ||
| gcc-x86_32-has-stack-protector.sh | ||
| gcc-x86_64-has-stack-protector.sh | ||
| gen-randstruct-seed.sh | ||
| gen_autoksyms.sh | ||
| gen_ksymdeps.sh | ||
| generate_initcall_order.pl | ||
| get_abi.pl | ||
| get_dvb_firmware | ||
| get_feat.pl | ||
| get_maintainer.pl | ||
| gfp-translate | ||
| headerdep.pl | ||
| headers_install.sh | ||
| insert-sys-cert.c | ||
| install.sh | ||
| jobserver-exec | ||
| kallsyms.c | ||
| kernel-doc | ||
| ld-version.sh | ||
| leaking_addresses.pl | ||
| link-vmlinux.sh | ||
| makelst | ||
| markup_oops.pl | ||
| min-tool-version.sh | ||
| mkcompile_h | ||
| mksysmap | ||
| mkuboot.sh | ||
| module.lds.S | ||
| modules-check.sh | ||
| nsdeps | ||
| objdiff | ||
| objdump-func | ||
| pahole-flags.sh | ||
| pahole-version.sh | ||
| parse-maintainers.pl | ||
| patch-kernel | ||
| profile2linkerlist.pl | ||
| prune-kernel | ||
| recordmcount.c | ||
| recordmcount.h | ||
| recordmcount.pl | ||
| remove-stale-files | ||
| setlocalversion | ||
| show_delta | ||
| sign-file.c | ||
| sorttable.c | ||
| sorttable.h | ||
| spdxcheck-test.sh | ||
| spdxcheck.py | ||
| spdxexclude | ||
| spelling.txt | ||
| sphinx-pre-install | ||
| split-man.pl | ||
| stackdelta | ||
| stackusage | ||
| subarch.include | ||
| syscallhdr.sh | ||
| syscallnr.sh | ||
| syscalltbl.sh | ||
| tags.sh | ||
| test_fortify.sh | ||
| tools-support-relr.sh | ||
| unifdef.c | ||
| ver_linux | ||
| xen-hypercalls.sh | ||
| xz_wrap.sh | ||