On Sat, Jul 14, 2018 at 02:25:43AM -0700, Srivatsa S. Bhat wrote: > Hi Greg, > > This patch series is a backport of the Spectre-v2 fixes (IBPB/IBRS) > and patches for the Speculative Store Bypass vulnerability to 4.4.y > (they apply cleanly on top of 4.4.140). > > I used 4.9.y as my reference when backporting to 4.4.y (as I thought > that would minimize the amount of fixing up necessary). Unfortunately > I had to skip the KVM fixes for these vulnerabilities, as the KVM > codebase is drastically different in 4.4 as compared to 4.9. (I tried > my best to backport them initially, but wasn't confident that they > were correct, so I decided to drop them from this series). > > You'll notice that the initial few patches in this series include > cleanups etc., that are non-critical to IBPB/IBRS/SSBD. Most of these > patches are aimed at getting the cpufeature.h vs cpufeatures.h split > into 4.4, since a lot of the subsequent patches update these headers. > On my first attempt to backport these patches to 4.4.y, I had actually > tried to do all the updates on the cpufeature.h file itself, but it > started getting very cumbersome, so I resorted to backporting the > cpufeature.h vs cpufeatures.h split and their dependencies as well. I > think apart from these initial patches, the rest of the patchset > doesn't have all that much noise. > > This patchset has been tested on both Intel and AMD machines (Intel > Xeon CPU E5-2660 v4 and AMD EPYC 7281 16-Core Processor, respectively) > with updated microcode. All the patch backports have been > independently reviewed by Matt Helsley, Alexey Makhalov and Bo Gan. > > I would appreciate if you could kindly consider these patches for > review and inclusion in a future 4.4.y release. Given no one has complained about these yet, I've queued them all up, including the 2 extra ones you sent afterward. Let's see what breaks :) thanks, greg k-h
