This is a note to let you know that I've just added the patch titled
x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
x86-cpufeatures-add-x86_bug_spectre_v.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 99c6fa2511d8a683e61468be91b83f85452115fa Mon Sep 17 00:00:00 2001
From: David Woodhouse <dwmw@xxxxxxxxxxxx>
Date: Sat, 6 Jan 2018 11:49:23 +0000
Subject: x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
From: David Woodhouse <dwmw@xxxxxxxxxxxx>
commit 99c6fa2511d8a683e61468be91b83f85452115fa upstream.
Add the bug bits for spectre v1/2 and force them unconditionally for all
cpus.
Signed-off-by: David Woodhouse <dwmw@xxxxxxxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: gnomes@xxxxxxxxxxxxxxxxxxx
Cc: Rik van Riel <riel@xxxxxxxxxx>
Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cc: Jiri Kosina <jikos@xxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Dave Hansen <dave.hansen@xxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxx>
Cc: Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxxx>
Cc: Paul Turner <pjt@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Link: https://lkml.kernel.org/r/1515239374-23361-2-git-send-email-dwmw@xxxxxxxxxxxx
Signed-off-by: Razvan Ghitulete <rga@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/include/asm/cpufeature.h | 2 ++
arch/x86/kernel/cpu/common.c | 3 +++
2 files changed, 5 insertions(+)
--- a/arch/x86/include/asm/cpufeature.h
+++ b/arch/x86/include/asm/cpufeature.h
@@ -278,6 +278,8 @@
#define X86_BUG_CLFLUSH_MONITOR X86_BUG(7) /* AAI65, CLFLUSH required before MONITOR */
#define X86_BUG_SYSRET_SS_ATTRS X86_BUG(8) /* SYSRET doesn't fix up SS attrs */
#define X86_BUG_CPU_MELTDOWN X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
+#define X86_BUG_SPECTRE_V1 X86_BUG(15) /* CPU is affected by Spectre variant 1 attack with conditional branches */
+#define X86_BUG_SPECTRE_V2 X86_BUG(16) /* CPU is affected by Spectre variant 2 attack with indirect branches */
#if defined(__KERNEL__) && !defined(__ASSEMBLY__)
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -834,6 +834,9 @@ static void __init early_identify_cpu(st
/* Assume for now that ALL x86 CPUs are insecure */
setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+ setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
+ setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
+
fpu__init_system(c);
}
Patches currently in stable-queue which might be from dwmw@xxxxxxxxxxxx are
queue-4.4/x86-cpufeatures-add-x86_bug_spectre_v.patch
queue-4.4/x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch
queue-4.4/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.4/x86-cpufeatures-add-x86_bug_cpu_insecure.patch
queue-4.4/x86-cpufeatures-make-cpu-bugs-sticky.patch
queue-4.4/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.4/x86-cpu-factor-out-application-of-forced-cpu-caps.patch
queue-4.4/sysfs-cpu-add-vulnerability-folder.patch
queue-4.4/x86-pti-rename-bug_cpu_insecure-to-bug_cpu_meltdown.patch
queue-4.4/x86-alternatives-fix-optimize_nops-checking.patch