Start using the newly-added microcode features for speculation control on both
Intel and AMD CPUs to protect against Spectre v2.
This patch series covers interrupts, system calls, context switching between
processes, and context switching between VMs. It also exposes Indirect Branch
Prediction Barrier MSR, aka IBPB MSR, to KVM guests.
TODO:
- Introduce a microcode blacklist to disable the feature for broken microcodes.
- Restrict/Unrestrict the speculation (by toggling IBRS) around VMExit and
VMEnter for KVM and expose IBRS to guests.
Ashok Raj (1):
x86/kvm: Add IBPB support
David Woodhouse (1):
x86/speculation: Add basic IBRS support infrastructure
KarimAllah Ahmed (1):
x86: Simplify spectre_v2 command line parsing
Thomas Gleixner (4):
x86/speculation: Add basic support for IBPB
x86/speculation: Use Indirect Branch Prediction Barrier in context
switch
x86/speculation: Add inlines to control Indirect Branch Speculation
x86/idle: Control Indirect Branch Speculation in idle
Tim Chen (3):
x86/mm: Only flush indirect branches when switching into non dumpable
process
x86/enter: Create macros to restrict/unrestrict Indirect Branch
Speculation
x86/enter: Use IBRS on syscall and interrupts
Documentation/admin-guide/kernel-parameters.txt | 1 +
arch/x86/entry/calling.h | 73 ++++++++++
arch/x86/entry/entry_64.S | 35 ++++-
arch/x86/entry/entry_64_compat.S | 21 ++-
arch/x86/include/asm/cpufeatures.h | 2 +
arch/x86/include/asm/mwait.h | 14 ++
arch/x86/include/asm/nospec-branch.h | 54 ++++++-
arch/x86/kernel/cpu/bugs.c | 183 +++++++++++++++---------
arch/x86/kernel/process.c | 14 ++
arch/x86/kvm/svm.c | 14 ++
arch/x86/kvm/vmx.c | 4 +
arch/x86/mm/tlb.c | 21 ++-
12 files changed, 359 insertions(+), 77 deletions(-)
Cc: Andi Kleen <[email protected]>
Cc: Andrea Arcangeli <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Arjan van de Ven <[email protected]>
Cc: Ashok Raj <[email protected]>
Cc: Asit Mallick <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: Dan Williams <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: David Woodhouse <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: H. Peter Anvin <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Janakarajan Natarajan <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Jun Nakajima <[email protected]>
Cc: Laura Abbott <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Masami Hiramatsu <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Radim Krčmář <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Tim Chen <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
--
2.7.4
