On Wed, 2022-09-07 at 23:09 -0700, Pawan Gupta wrote: > On Wed, Sep 07, 2022 at 02:23:58AM +0200, Ben Hutchings wrote: > > > > - The added mitigation, for PBRSB, requires removing any RET > > > > instructions executed between VM exit and the RSB filling. In these > > > > older branches that hasn't been done, so the mitigation doesn't work. > > > > > > I checked 4.19 and 5.4, I don't see any RET between VM-exit and RSB > > > filling. Could you please point me to any specific instance you are > > > seeing? > > > > Yes, you're right. The backported versions avoid this problem. They > > are quite different from the upstream commit - and I would have > > appreciated some explanation of this in their commit messages. > > Ahh right, I will keep in mind next time. > > > So, let's try again to move forward. I've attached a backport for 4.19 > > and 5.4 (only tested with the latter so far). > > I am not understanding why lfence in single-entry-fill sequence is okay > on 32-bit kernels? > > #define __FILL_ONE_RETURN \ > __FILL_RETURN_SLOT \ > add $(BITS_PER_LONG/8), %_ASM_SP; \ > lfence; This isn't exactly about whether the kernel is 32-bit vs 64-bit, it's about whether the code may run on a processor that lacks support for LFENCE (part of SSE2). - SSE2 is architectural on x86_64, so 64-bit kernels can use LFENCE unconditionally. - PBRSB doesn't affect any of those old processors, so its mitigation can use LFENCE unconditionally. (Those procesors don't support VMX either.) Ben. -- Ben Hutchings For every action, there is an equal and opposite criticism. - Harrison
Attachment:
signature.asc
Description: This is a digitally signed message part
