This is a note to let you know that I've just added the patch titled
x86/srso: Correct the mitigation status when SMT is disabled
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
x86-srso-correct-the-mitigation-status-when-smt-is-disabled.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 6405b72e8d17bd1875a56ae52d23ec3cd51b9d66 Mon Sep 17 00:00:00 2001
From: "Borislav Petkov (AMD)" <bp@xxxxxxxxx>
Date: Tue, 15 Aug 2023 11:53:13 +0200
Subject: x86/srso: Correct the mitigation status when SMT is disabled
From: Borislav Petkov (AMD) <bp@xxxxxxxxx>
commit 6405b72e8d17bd1875a56ae52d23ec3cd51b9d66 upstream.
Specify how is SRSO mitigated when SMT is disabled. Also, correct the
SMT check for that.
Fixes: e9fbc47b818b ("x86/srso: Disable the mitigation on unaffected configurations")
Suggested-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Signed-off-by: Borislav Petkov (AMD) <bp@xxxxxxxxx>
Acked-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Link: https://lore.kernel.org/r/20230814200813.p5czl47zssuej7nv@treble
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/kernel/cpu/bugs.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -2398,8 +2398,7 @@ static void __init srso_select_mitigatio
* Zen1/2 with SMT off aren't vulnerable after the right
* IBPB microcode has been applied.
*/
- if ((boot_cpu_data.x86 < 0x19) &&
- (!cpu_smt_possible() || (cpu_smt_control == CPU_SMT_DISABLED))) {
+ if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) {
setup_force_cpu_cap(X86_FEATURE_SRSO_NO);
return;
}
@@ -2689,7 +2688,7 @@ static ssize_t gds_show_state(char *buf)
static ssize_t srso_show_state(char *buf)
{
if (boot_cpu_has(X86_FEATURE_SRSO_NO))
- return sysfs_emit(buf, "Not affected\n");
+ return sysfs_emit(buf, "Mitigation: SMT disabled\n");
return sysfs_emit(buf, "%s%s\n",
srso_strings[srso_mitigation],
Patches currently in stable-queue which might be from bp@xxxxxxxxx are
queue-5.15/x86-cpu-fix-up-srso_safe_ret-and-__x86_return_thunk.patch
queue-5.15/x86-cpu-cleanup-the-untrain-mess.patch
queue-5.15/objtool-x86-fixup-frame-pointer-vs-rethunk.patch
queue-5.15/x86-srso-correct-the-mitigation-status-when-smt-is-disabled.patch
queue-5.15/x86-retpoline-don-t-clobber-rflags-during-srso_safe_ret.patch
queue-5.15/x86-retpoline-kprobes-fix-position-of-thunk-sections-with-config_lto_clang.patch
queue-5.15/x86-cpu-amd-fix-the-div-0-initial-fix-attempt.patch
queue-5.15/x86-cpu-rename-srso_-.-_alias-to-srso_alias_-1.patch
queue-5.15/x86-srso-explain-the-untraining-sequences-a-bit-more.patch
queue-5.15/x86-alternative-make-custom-return-thunk-unconditional.patch
queue-5.15/x86-cpu-rename-original-retbleed-methods.patch
queue-5.15/x86-cpu-clean-up-srso-return-thunk-mess.patch
queue-5.15/x86-srso-disable-the-mitigation-on-unaffected-configurations.patch
queue-5.15/x86-cpu-fix-__x86_return_thunk-symbol-type.patch
