This is a note to let you know that I've just added the patch titled
x86/speculation/srbds: Update SRBDS mitigation selection
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
x86-speculation-srbds-update-srbds-mitigation-selection.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Tue Jun 14 07:10:28 PM CEST 2022
From: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
Date: Thu, 19 May 2022 20:33:13 -0700
Subject: x86/speculation/srbds: Update SRBDS mitigation selection
From: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
commit 22cac9c677c95f3ac5c9244f8ca0afdc7c8afb19 upstream
Currently, Linux disables SRBDS mitigation on CPUs not affected by
MDS and have the TSX feature disabled. On such CPUs, secrets cannot
be extracted from CPU fill buffers using MDS or TAA. Without SRBDS
mitigation, Processor MMIO Stale Data vulnerabilities can be used to
extract RDRAND, RDSEED, and EGETKEY data.
Do not disable SRBDS mitigation by default when CPU is also affected by
Processor MMIO Stale Data vulnerabilities.
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
Signed-off-by: Borislav Petkov <bp@xxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/kernel/cpu/bugs.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -577,11 +577,13 @@ static void __init srbds_select_mitigati
return;
/*
- * Check to see if this is one of the MDS_NO systems supporting
- * TSX that are only exposed to SRBDS when TSX is enabled.
+ * Check to see if this is one of the MDS_NO systems supporting TSX that
+ * are only exposed to SRBDS when TSX is enabled or when CPU is affected
+ * by Processor MMIO Stale Data vulnerability.
*/
ia32_cap = x86_read_arch_cap_msr();
- if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM))
+ if ((ia32_cap & ARCH_CAP_MDS_NO) && !boot_cpu_has(X86_FEATURE_RTM) &&
+ !boot_cpu_has_bug(X86_BUG_MMIO_STALE_DATA))
srbds_mitigation = SRBDS_MITIGATION_TSX_OFF;
else if (boot_cpu_has(X86_FEATURE_HYPERVISOR))
srbds_mitigation = SRBDS_MITIGATION_HYPERVISOR;
Patches currently in stable-queue which might be from pawan.kumar.gupta@xxxxxxxxxxxxxxx are
queue-4.9/x86-speculation-add-a-common-function-for-md_clear-mitigation-update.patch
queue-4.9/x86-speculation-mmio-reuse-srbds-mitigation-for-sbds.patch
queue-4.9/x86-speculation-mmio-add-sysfs-reporting-for-processor-mmio-stale-data.patch
queue-4.9/x86-speculation-srbds-update-srbds-mitigation-selection.patch
queue-4.9/x86-speculation-mmio-enable-cpu-fill-buffer-clearing-on-idle.patch
queue-4.9/x86-bugs-group-mds-taa-processor-mmio-stale-data-mitigations.patch
queue-4.9/x86-speculation-mmio-enumerate-processor-mmio-stale-data-bug.patch
queue-4.9/documentation-add-documentation-for-processor-mmio-stale-data.patch
queue-4.9/kvm-x86-speculation-disable-fill-buffer-clear-within-guests.patch
queue-4.9/x86-speculation-mmio-add-mitigation-for-processor-mmio-stale-data.patch
