This is the start of the stable review cycle for the 5.16.14 release. There are 37 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 11 Mar 2022 15:58:48 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.16.14-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 5.16.14-rc1 Emmanuel Gil Peyrot <linkmauve@xxxxxxxxxxxx> ARM: fix build error when BPF_SYSCALL is disabled James Morse <james.morse@xxxxxxx> arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting James Morse <james.morse@xxxxxxx> arm64: Use the clearbhb instruction in mitigations James Morse <james.morse@xxxxxxx> KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated James Morse <james.morse@xxxxxxx> arm64: Mitigate spectre style branch history side channels James Morse <james.morse@xxxxxxx> arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 James Morse <james.morse@xxxxxxx> arm64: Add percpu vectors for EL1 James Morse <james.morse@xxxxxxx> arm64: entry: Add macro for reading symbol addresses from the trampoline James Morse <james.morse@xxxxxxx> arm64: entry: Add vectors that have the bhb mitigation sequences James Morse <james.morse@xxxxxxx> arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations James Morse <james.morse@xxxxxxx> arm64: entry: Allow the trampoline text to occupy multiple pages James Morse <james.morse@xxxxxxx> arm64: entry: Make the kpti trampoline's kpti sequence optional James Morse <james.morse@xxxxxxx> arm64: entry: Move trampoline macros out of ifdef'd section James Morse <james.morse@xxxxxxx> arm64: entry: Don't assume tramp_vectors is the start of the vectors James Morse <james.morse@xxxxxxx> arm64: entry: Allow tramp_alias to access symbols after the 4K boundary James Morse <james.morse@xxxxxxx> arm64: entry: Move the trampoline data page before the text page James Morse <james.morse@xxxxxxx> arm64: entry: Free up another register on kpti's tramp_exit path James Morse <james.morse@xxxxxxx> arm64: entry: Make the trampoline cleanup optional James Morse <james.morse@xxxxxxx> KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A James Morse <james.morse@xxxxxxx> arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit James Morse <james.morse@xxxxxxx> arm64: entry.S: Add ventry overflow sanity checks Joey Gouly <joey.gouly@xxxxxxx> arm64: cpufeature: add HWCAP for FEAT_RPRES Joey Gouly <joey.gouly@xxxxxxx> arm64: cpufeature: add HWCAP for FEAT_AFP Joey Gouly <joey.gouly@xxxxxxx> arm64: add ID_AA64ISAR2_EL1 sys register Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> ARM: include unprivileged BPF status in Spectre V2 reporting Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> ARM: Spectre-BHB workaround Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> ARM: use LOADADDR() to get load address of sections Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> ARM: early traps initialisation Russell King (Oracle) <rmk+kernel@xxxxxxxxxxxxxxx> ARM: report Spectre v2 status through sysfs Josh Poimboeuf <jpoimboe@xxxxxxxxxx> x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT Josh Poimboeuf <jpoimboe@xxxxxxxxxx> x86/speculation: Warn about Spectre v2 LFENCE mitigation Kim Phillips <kim.phillips@xxxxxxx> x86/speculation: Update link to AMD speculation whitepaper Kim Phillips <kim.phillips@xxxxxxx> x86/speculation: Use generic retpoline by default on AMD Josh Poimboeuf <jpoimboe@xxxxxxxxxx> x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting Peter Zijlstra <peterz@xxxxxxxxxxxxx> Documentation/hw-vuln: Update spectre doc Peter Zijlstra <peterz@xxxxxxxxxxxxx> x86/speculation: Add eIBRS + Retpoline options Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx> x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE ------------- Diffstat: Documentation/admin-guide/hw-vuln/spectre.rst | 50 +-- Documentation/admin-guide/kernel-parameters.txt | 8 +- Documentation/arm64/cpu-feature-registers.rst | 17 ++ Documentation/arm64/elf_hwcaps.rst | 8 + Makefile | 4 +- arch/arm/include/asm/assembler.h | 10 + arch/arm/include/asm/spectre.h | 32 ++ arch/arm/include/asm/vmlinux.lds.h | 35 ++- arch/arm/kernel/Makefile | 2 + arch/arm/kernel/entry-armv.S | 79 ++++- arch/arm/kernel/entry-common.S | 24 ++ arch/arm/kernel/spectre.c | 71 +++++ arch/arm/kernel/traps.c | 65 +++- arch/arm/mm/Kconfig | 11 + arch/arm/mm/proc-v7-bugs.c | 207 ++++++++++--- arch/arm64/Kconfig | 9 + arch/arm64/include/asm/assembler.h | 53 ++++ arch/arm64/include/asm/cpu.h | 1 + arch/arm64/include/asm/cpufeature.h | 29 ++ arch/arm64/include/asm/cputype.h | 8 + arch/arm64/include/asm/fixmap.h | 6 +- arch/arm64/include/asm/hwcap.h | 2 + arch/arm64/include/asm/insn.h | 1 + arch/arm64/include/asm/kvm_host.h | 5 + arch/arm64/include/asm/sections.h | 5 + arch/arm64/include/asm/spectre.h | 4 + arch/arm64/include/asm/sysreg.h | 18 ++ arch/arm64/include/asm/vectors.h | 73 +++++ arch/arm64/include/uapi/asm/hwcap.h | 2 + arch/arm64/include/uapi/asm/kvm.h | 5 + arch/arm64/kernel/cpu_errata.c | 7 + arch/arm64/kernel/cpufeature.c | 25 ++ arch/arm64/kernel/cpuinfo.c | 3 + arch/arm64/kernel/entry.S | 214 +++++++++---- arch/arm64/kernel/image-vars.h | 4 + arch/arm64/kernel/proton-pack.c | 391 +++++++++++++++++++++++- arch/arm64/kernel/vmlinux.lds.S | 2 +- arch/arm64/kvm/arm.c | 5 +- arch/arm64/kvm/hyp/hyp-entry.S | 9 + arch/arm64/kvm/hyp/nvhe/mm.c | 4 +- arch/arm64/kvm/hyp/vhe/switch.c | 9 +- arch/arm64/kvm/hypercalls.c | 12 + arch/arm64/kvm/psci.c | 18 +- arch/arm64/kvm/sys_regs.c | 2 +- arch/arm64/mm/mmu.c | 12 +- arch/arm64/tools/cpucaps | 1 + arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/nospec-branch.h | 16 +- arch/x86/kernel/alternative.c | 8 +- arch/x86/kernel/cpu/bugs.c | 204 ++++++++++--- arch/x86/lib/retpoline.S | 2 +- arch/x86/net/bpf_jit_comp.c | 2 +- include/linux/arm-smccc.h | 5 + include/linux/bpf.h | 12 + kernel/sysctl.c | 7 + tools/arch/x86/include/asm/cpufeatures.h | 2 +- 56 files changed, 1606 insertions(+), 216 deletions(-)