This is a backport of recently upstreamed mitigation of a CPU vulnerability Register File Data Sampling (RFDS) (CVE-2023-28746). It has a dependency on "Delay VERW" series which is already backported and merged in linux-6.7.y. There were no hiccups in backporting this. Cc: Sasha Levin <sashal@xxxxxxxxxx> To: stable@xxxxxxxxxxxxxxx Signed-off-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx> --- Pawan Gupta (4): x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set Documentation/hw-vuln: Add documentation for RFDS x86/rfds: Mitigate Register File Data Sampling (RFDS) KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/admin-guide/hw-vuln/index.rst | 1 + .../admin-guide/hw-vuln/reg-file-data-sampling.rst | 104 +++++++++++++++++++++ Documentation/admin-guide/kernel-parameters.txt | 21 +++++ arch/x86/Kconfig | 11 +++ arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/msr-index.h | 8 ++ arch/x86/kernel/cpu/bugs.c | 92 +++++++++++++++++- arch/x86/kernel/cpu/common.c | 38 +++++++- arch/x86/kvm/x86.c | 5 +- drivers/base/cpu.c | 3 + include/linux/cpu.h | 2 + 12 files changed, 278 insertions(+), 9 deletions(-) --- base-commit: 2e7cdd29fc42c410eab52fffe5710bf656619222 change-id: 20240312-rfds-backport-6-7-y-4fbe3fc5366a Best regards, -- Thanks, Pawan