On 6/11/20 9:42 PM, Florian Fainelli wrote:
From: Will Deacon will.deacon@arm.com
commit 679db70801da9fda91d26caf13bf5b5ccc74e8e8 upstream
Some CPUs can speculate past an ERET instruction and potentially perform speculative accesses to memory before processing the exception return. Since the register state is often controlled by a lower privilege level at the point of an ERET, this could potentially be used as part of a side-channel attack.
This patch emits an SB sequence after each ERET so that speculation is held up on exception return.
Signed-off-by: Will Deacon will.deacon@arm.com [florian: Adjust hyp-entry.S to account for the label] Signed-off-by: Florian Fainelli f.fainelli@gmail.com
Will,
Can you confirm that for 4.9 these are the only places that require patching? Thank you!
Hi Will, Catalin,
Does this look good to you for a 4.9 backport? I would like to see this included at some point since this pertains to CVE-2020-13844.
Thanks!