[PATCH 00/18] s390 spectre mititgation for 4.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Greetings,

this series is the backport of 18 upstream patches to add the
current s390 spectre mitigation to kernel version 4.14. One
less patch than 4.14 and 4.9 as there is no nested KVM guest
support (aka vsie) in 4.4.

It follows the x86 approach with array_index_nospec for the v1
spectre attack and retpoline/expoline for v2. As a fallback
there is the ppa-12/ppa-13 based defense which requires an
micro-code update.

Christian Borntraeger (2):
  KVM: s390: wire up bpb feature
  s390/entry.S: fix spurious zeroing of r0

Eugeniu Rosca (1):
  s390: Replace IS_ENABLED(EXPOLINE_*) with
    IS_ENABLED(CONFIG_EXPOLINE_*)

Heiko Carstens (1):
  s390: enable CPU alternatives unconditionally

Martin Schwidefsky (13):
  s390: scrub registers on kernel entry and KVM exit
  s390: add optimized array_index_mask_nospec
  s390/alternative: use a copy of the facility bit mask
  s390: add options to change branch prediction behaviour for the kernel
  s390: run user space and KVM guests with modified branch prediction
  s390: introduce execute-trampolines for branches
  s390: do not bypass BPENTER for interrupt system calls
  s390: move nobp parameter functions to nospec-branch.c
  s390: add automatic detection of the spectre defense
  s390: report spectre mitigation via syslog
  s390: add sysfs attributes for spectre
  s390: correct nospec auto detection init order
  s390: correct module section names for expoline code revert

Vasily Gorbik (1):
  s390: introduce CPU alternatives

 Documentation/kernel-parameters.txt   |   3 +
 arch/s390/Kconfig                     |  47 +++++++
 arch/s390/Makefile                    |  10 ++
 arch/s390/include/asm/alternative.h   | 149 ++++++++++++++++++++
 arch/s390/include/asm/barrier.h       |  24 ++++
 arch/s390/include/asm/facility.h      |  18 +++
 arch/s390/include/asm/kvm_host.h      |   3 +-
 arch/s390/include/asm/lowcore.h       |   7 +-
 arch/s390/include/asm/nospec-branch.h |  17 +++
 arch/s390/include/asm/processor.h     |   4 +
 arch/s390/include/asm/thread_info.h   |   4 +
 arch/s390/include/uapi/asm/kvm.h      |   3 +
 arch/s390/kernel/Makefile             |   5 +-
 arch/s390/kernel/alternative.c        | 112 +++++++++++++++
 arch/s390/kernel/early.c              |   5 +
 arch/s390/kernel/entry.S              | 250 ++++++++++++++++++++++++++++++----
 arch/s390/kernel/ipl.c                |   1 +
 arch/s390/kernel/module.c             |  65 ++++++++-
 arch/s390/kernel/nospec-branch.c      | 169 +++++++++++++++++++++++
 arch/s390/kernel/processor.c          |  18 +++
 arch/s390/kernel/setup.c              |  14 +-
 arch/s390/kernel/smp.c                |   7 +-
 arch/s390/kernel/vmlinux.lds.S        |  37 +++++
 arch/s390/kvm/kvm-s390.c              |  13 +-
 drivers/s390/char/Makefile            |   2 +
 include/uapi/linux/kvm.h              |   1 +
 26 files changed, 952 insertions(+), 36 deletions(-)
 create mode 100644 arch/s390/include/asm/alternative.h
 create mode 100644 arch/s390/include/asm/nospec-branch.h
 create mode 100644 arch/s390/kernel/alternative.c
 create mode 100644 arch/s390/kernel/nospec-branch.c

-- 
2.13.5
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]