[PATCH 6.1.y 0/6] Delay VERW - 6.1.y backport

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is the backport of recently upstreamed series that moves VERW
execution to a later point in exit-to-user path. This is needed because
in some cases it may be possible for data accessed after VERW executions
may end into MDS affected CPU buffers. Moving VERW closer to ring
transition reduces the attack surface.

Patch 1/6 includes a minor fix that is queued for upstream:
https://lore.kernel.org/lkml/170899674562.398.6398007479766564897.tip-bot2@tip-bot2/

Patch 1,2,5 and 6 needed conflict resolution.

I saw a few new warnings:

  arch/x86/entry/entry.o: warning: objtool: mds_verw_sel+0x0: unreachable instruction

I tried using REACHABLE, but that did not fix the warning.

For the below warning:

  vmlinux.o: warning: objtool: .altinstr_replacement+0x17: unsupported relocation in alternatives section

not sure if this is related to this series or a pre-existing warning, I
will check later without this series.

I am not too concerned because the alternative did substitute verw
correctly:

entry_SYSCALL_64:
...
   0xffffffff8200013d <+253>:   swapgs
   0xffffffff82000140 <+256>:   verw   0xffffffff82000000
   0xffffffff82000148 <+264>:   sysretq
   0xffffffff8200014b <+267>:   int3

---
Pawan Gupta (5):
      x86/bugs: Add asm helpers for executing VERW
      x86/entry_64: Add VERW just before userspace transition
      x86/entry_32: Add VERW just before userspace transition
      x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key
      KVM/VMX: Move VERW closer to VMentry for MDS mitigation

Sean Christopherson (1):
      KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH

 Documentation/x86/mds.rst            | 38 +++++++++++++++++++++++++-----------
 arch/x86/entry/entry.S               | 22 +++++++++++++++++++++
 arch/x86/entry/entry_32.S            |  3 +++
 arch/x86/entry/entry_64.S            | 11 +++++++++++
 arch/x86/entry/entry_64_compat.S     |  1 +
 arch/x86/include/asm/cpufeatures.h   |  2 +-
 arch/x86/include/asm/entry-common.h  |  1 -
 arch/x86/include/asm/nospec-branch.h | 25 ++++++++++++------------
 arch/x86/kernel/cpu/bugs.c           | 15 ++++++--------
 arch/x86/kernel/nmi.c                |  3 ---
 arch/x86/kvm/vmx/run_flags.h         |  7 +++++--
 arch/x86/kvm/vmx/vmenter.S           |  9 ++++++---
 arch/x86/kvm/vmx/vmx.c               | 12 ++++++++----
 13 files changed, 103 insertions(+), 46 deletions(-)
---
base-commit: 81e1dc2f70014b9523dd02ca763788e4f81e5bac
change-id: 20240226-delay-verw-backport-6-1-y-4b0cec84087c
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux