Patch "x86: set SPECTRE_BHI_ON as default" has been added to the 6.6-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    x86: set SPECTRE_BHI_ON as default

to the 6.6-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     x86-set-spectre_bhi_on-as-default.patch
and it can be found in the queue-6.6 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Tue Apr  9 07:32:41 PM CEST 2024
Date: Tue, 09 Apr 2024 19:32:41 +0200
To: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Subject: x86: set SPECTRE_BHI_ON as default

commit 2bb69f5fc72183e1c62547d900f560d0e9334925 upstream.

Part of a merge commit from Linus that adjusted the default setting of
SPECTRE_BHI_ON.

Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 arch/x86/Kconfig |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2569,7 +2569,7 @@ config MITIGATION_RFDS
 choice
 	prompt "Clear branch history"
 	depends on CPU_SUP_INTEL
-	default SPECTRE_BHI_AUTO
+	default SPECTRE_BHI_ON
 	help
 	  Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks
 	  where the branch history buffer is poisoned to speculatively steer


Patches currently in stable-queue which might be from gregkh@xxxxxxxxxxxxxxxxxxx are

queue-6.6/x86-bpf-fix-ip-after-emitting-call-depth-accounting.patch
queue-6.6/ipv6-fix-infinite-recursion-in-fib6_dump_done.patch
queue-6.6/netfilter-nf_tables-release-batch-on-table-validation-from-abort-path.patch
queue-6.6/x86-head-64-move-the-__head-definition-to-asm-init.h.patch
queue-6.6/r8169-skip-dash-fw-status-checks-when-dash-is-disabled.patch
queue-6.6/x86-bhi-define-spec_ctrl_bhi_dis_s.patch
queue-6.6/bpf-sockmap-prevent-lock-inversion-deadlock-in-map-delete-elem.patch
queue-6.6/vboxsf-avoid-an-spurious-warning-if-load_nls_xxx-fails.patch
queue-6.6/i40e-fix-vf-mac-filter-removal.patch
queue-6.6/x86-retpoline-add-noendbr-annotation-to-the-srso-dummy-return-thunk.patch
queue-6.6/net-dsa-mv88e6xxx-fix-usable-ports-on-88e6020.patch
queue-6.6/ksmbd-don-t-send-oplock-break-if-rename-fails.patch
queue-6.6/io_uring-use-private-workqueue-for-exit-work.patch
queue-6.6/of-dynamic-synchronize-of_changeset_destroy-with-the-devlink-removals.patch
queue-6.6/gpio-cdev-fix-missed-label-sanitizing-in-debounce_setup.patch
queue-6.6/riscv-process-fix-kernel-gp-leakage.patch
queue-6.6/selftests-mm-include-strings.h-for-ffsl.patch
queue-6.6/udp-prevent-local-udp-tunnel-packets-from-being-groed.patch
queue-6.6/selftests-net-gro-fwd-update-vxlan-gro-test-expectations.patch
queue-6.6/netfilter-nf_tables-discard-table-flag-update-with-pending-basechain-deletion.patch
queue-6.6/bpf-support-deferring-bpf_link-dealloc-to-after-rcu-grace-period.patch
queue-6.6/arm64-ptrace-use-saved-floating-point-state-type-to-determine-sve-layout.patch
queue-6.6/smb-client-fix-potential-uaf-in-cifs_stats_proc_write.patch
queue-6.6/smb-client-fix-potential-uaf-in-is_valid_oplock_break.patch
queue-6.6/x86-cpufeatures-add-cpuid_lnx_5-to-track-recently-added-linux-defined-word.patch
queue-6.6/netfilter-nf_tables-reject-new-basechain-after-table-flag-update.patch
queue-6.6/net-phy-micrel-fix-potential-null-pointer-dereference.patch
queue-6.6/octeontx2-af-fix-issue-with-loading-coalesced-kpu-profiles.patch
queue-6.6/netfilter-nf_tables-release-mutex-after-nft_gc_seq_end-from-abort-path.patch
queue-6.6/bluetooth-fix-toctou-in-hci-debugfs-implementation.patch
queue-6.6/smb-client-serialise-cifs_construct_tcon-with-cifs_mount_mutex.patch
queue-6.6/netfilter-nf_tables-flush-pending-destroy-work-before-exit_net-release.patch
queue-6.6/net-txgbe-fix-i2c-dev-name-cannot-match-clkdev.patch
queue-6.6/x86-srso-improve-i-cache-locality-for-alias-mitigation.patch
queue-6.6/smb-client-fix-potential-uaf-in-cifs_dump_full_key.patch
queue-6.6/x86-bhi-add-support-for-clearing-branch-history-at-syscall-entry.patch
queue-6.6/net-usb-ax88179_178a-avoid-the-interface-always-configured-as-random-address.patch
queue-6.6/alsa-hda-realtek-fix-inactive-headset-mic-jack.patch
queue-6.6/net-fec-set-mac_managed_pm-during-probe.patch
queue-6.6/x86-efistub-remap-kernel-text-read-only-before-dropping-nx-attribute.patch
queue-6.6/mptcp-don-t-account-accept-of-non-mpc-client-as-fallback-to-tcp.patch
queue-6.6/driver-core-introduce-device_link_wait_removal.patch
queue-6.6/selftests-reuseaddr_conflict-add-missing-new-line-at-the-end-of-the-output.patch
queue-6.6/selftests-mptcp-connect-fix-shellcheck-warnings.patch
queue-6.6/bluetooth-qca-fix-device-address-endianness.patch
queue-6.6/drm-i915-gt-enable-only-one-ccs-for-compute-workload.patch
queue-6.6/x86-sme-move-early-sme-kernel-encryption-handling-into-.head.text.patch
queue-6.6/arm64-dts-qcom-sc7180-trogdor-mark-bluetooth-address-as-broken.patch
queue-6.6/mlxbf_gige-stop-interface-during-shutdown.patch
queue-6.6/io_uring-kbuf-protect-io_buffer_list-teardown-with-a-reference.patch
queue-6.6/smb-client-fix-potential-uaf-in-smb2_is_network_name_deleted.patch
queue-6.6/i40e-fix-vf-may-be-used-uninitialized-in-this-function-warning.patch
queue-6.6/x86-bugs-fix-the-srso-mitigation-on-zen3-4.patch
queue-6.6/x86-mce-make-sure-to-grab-mce_sysfs_mutex-in-set_bank.patch
queue-6.6/x86-retpoline-do-the-necessary-fixup-to-the-zen3-4-srso-return-thunk-for-srso.patch
queue-6.6/x86-srso-disentangle-rethunk-dependent-options.patch
queue-6.6/bluetooth-hci_event-set-the-conn-encrypted-before-conn-establishes.patch
queue-6.6/smb-client-fix-potential-uaf-in-cifs_debug_files_proc_show.patch
queue-6.6/drm-i915-gt-disable-hw-load-balancing-for-ccs.patch
queue-6.6/net-sched-act_skbmod-prevent-kernel-infoleak.patch
queue-6.6/x86-nospec-refactor-untrain_ret.patch
queue-6.6/net-stmmac-fix-rx-queue-priority-assignment.patch
queue-6.6/selinux-avoid-dereference-of-garbage-after-mount-failure.patch
queue-6.6/bpf-put-uprobe-link-s-path-and-task-in-release-callback.patch
queue-6.6/x86-bhi-mitigate-kvm-by-default.patch
queue-6.6/smb-client-handle-dfs-tcons-in-cifs_construct_tcon.patch
queue-6.6/erspan-make-sure-erspan_base_hdr-is-present-in-skb-head.patch
queue-6.6/smb3-retrying-on-failed-server-close.patch
queue-6.6/gro-fix-ownership-transfer.patch
queue-6.6/x86-set-spectre_bhi_on-as-default.patch
queue-6.6/x86-sev-move-early-startup-code-into-.head.text-section.patch
queue-6.6/alsa-hda-realtek-update-panasonic-cf-sz6-quirk-to-support-headset-with-microphone.patch
queue-6.6/udp-do-not-transition-udp-gro-fraglist-partial-checksums-to-unnecessary.patch
queue-6.6/net-mana-fix-rx-dma-datasize-and-skb_over_panic.patch
queue-6.6/net-rds-fix-possible-cp-null-dereference.patch
queue-6.6/mm-secretmem-fix-gup-fast-succeeding-on-secretmem-folios.patch
queue-6.6/net-sched-fix-lockdep-splat-in-qdisc_tree_reduce_backlog.patch
queue-6.6/x86-boot-move-mem_encrypt-parsing-to-the-decompressor.patch
queue-6.6/ice-fix-typo-in-assignment.patch
queue-6.6/net-phy-micrel-lan8814-fix-when-enabling-disabling-1-step-timestamping.patch
queue-6.6/selftests-mptcp-join-fix-dev-in-check_endpoint.patch
queue-6.6/revert-x86-mpparse-register-apic-address-only-once.patch
queue-6.6/efi-libstub-add-generic-support-for-parsing-mem_encrypt.patch
queue-6.6/ksmbd-do-not-set-smb2_global_cap_encryption-for-smb-3.1.1.patch
queue-6.6/x86-bhi-enumerate-branch-history-injection-bhi-bug.patch
queue-6.6/netfilter-validate-user-input-for-expected-length.patch
queue-6.6/of-module-prevent-null-pointer-dereference-in-vsnprintf.patch
queue-6.6/risc-v-kvm-fix-aplic-in_clrip-read-emulation.patch
queue-6.6/x86-syscall-don-t-force-use-of-indirect-calls-for-system-calls.patch
queue-6.6/io_uring-kbuf-hold-io_buffer_list-reference-over-mmap.patch
queue-6.6/ice-fix-enabling-rx-vlan-filtering.patch
queue-6.6/usb-typec-ucsi-fix-race-between-typec_switch-and-rol.patch
queue-6.6/risc-v-kvm-fix-aplic-setipnum_le-be-write-emulation.patch
queue-6.6/gpio-cdev-check-for-null-labels-when-sanitizing-them-for-irqs.patch
queue-6.6/octeontx2-pf-check-negative-error-code-in-otx2_open.patch
queue-6.6/ax25-fix-use-after-free-bugs-caused-by-ax25_ds_del_timer.patch
queue-6.6/tcp-fix-bind-regression-for-v6-only-wildcard-and-v4-mapped-v6-non-wildcard-addresses-again.patch
queue-6.6/i40e-fix-i40e_count_filters-to-count-only-active-new-filters.patch
queue-6.6/perf-x86-intel-ds-don-t-clear-pebs_data_cfg-for-the-last-pebs-event.patch
queue-6.6/kvm-arm64-fix-host-programmed-guest-events-in-nvhe.patch
queue-6.6/x86-mm-pat-fix-vm_pat-handling-in-cow-mappings.patch
queue-6.6/revert-bluetooth-hci_qca-set-bda-quirk-bit-if-fwnode-exists-in-dt.patch
queue-6.6/io_uring-kbuf-get-rid-of-lower-bgid-lists.patch
queue-6.6/smb-client-fix-potential-uaf-in-smb2_is_valid_lease_break.patch
queue-6.6/vsock-virtio-fix-packet-delivery-to-tap-device.patch
queue-6.6/s390-entry-align-system-call-table-on-8-bytes.patch
queue-6.6/x86-bugs-change-commas-to-semicolons-in-spectre_v2-sysfs-file.patch
queue-6.6/gpio-cdev-sanitize-the-label-before-requesting-the-interrupt.patch
queue-6.6/smb-client-fix-potential-uaf-in-cifs_signal_cifsd_for_reconnect.patch
queue-6.6/octeontx2-af-add-array-index-check.patch
queue-6.6/drm-i915-gt-do-not-generate-the-command-streamer-for-all-the-ccs.patch
queue-6.6/xen-netfront-add-missing-skb_mark_for_recycle.patch
queue-6.6/bluetooth-add-quirk-for-broken-address-properties.patch
queue-6.6/mptcp-don-t-overwrite-sock_ops-in-mptcp_is_tcpsk.patch
queue-6.6/x86-coco-require-seeding-rng-with-rdrand-on-coco-systems.patch
queue-6.6/net-dsa-sja1105-fix-parameters-order-in-sja1110_pcs_mdio_write_c45.patch
queue-6.6/ksmbd-validate-payload-size-in-ipc-response.patch
queue-6.6/r8169-fix-issue-caused-by-buggy-bios-on-certain-boards-with-rtl8168d.patch
queue-6.6/io_uring-kbuf-get-rid-of-bl-is_ready.patch
queue-6.6/x86-bhi-add-bhi-mitigation-knob.patch
queue-6.6/smb-client-fix-potential-uaf-in-cifs_stats_proc_show.patch
queue-6.6/netfilter-nf_tables-fix-potential-data-race-in-__nft_flowtable_type_get.patch
queue-6.6/udp-do-not-accept-non-tunnel-gso-skbs-landing-in-a-tunnel.patch
queue-6.6/smb-client-fix-potential-uaf-in-smb2_is_valid_oplock_break.patch
queue-6.6/kvm-arm64-ensure-target-address-is-granule-aligned-for-range-tlbi.patch
queue-6.6/kvm-x86-add-bhi_no.patch
queue-6.6/riscv-fix-spurious-errors-from-__get-put_kernel_nofault.patch
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux