Bug-report: https://lore.kernel.org/all/915c0e00-b92d-4e37-9d4b-0f6a4580da97@oracle.com/
Summary: While backporting commit: 7c62c442b6eb ("x86/vmscape: Enumerate VMSCAPE bug") to 6.12.y --> VULNBL_AMD(0x1a, SRSO | VMSCAPE) was added even when 6.12.y doesn't have commit: 877818802c3e ("x86/bugs: Add SRSO_USER_KERNEL_NO support").
Boris Ostrovsky suggested backporting three commits to 6.12.y: 1. commit: 877818802c3e ("x86/bugs: Add SRSO_USER_KERNEL_NO support") 2. commit: 8442df2b49ed ("x86/bugs: KVM: Add support for SRSO_MSR_FIX") and its fix 3. commit: e3417ab75ab2 ("KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions") -- Maybe optional
Which changes current mitigation status on turin for 6.12.48 from Safe RET to Reduced Speculation, leaving it with Safe RET liely causes heavy performance regressions.
This three patches together change mitigation status from Safe RET to Reduced Speculation
Tested on Turin: [ 3.188134] Speculative Return Stack Overflow: Mitigation: Reduced Speculation
Backports: 1. Patch 1 had minor conflict as VMSCAPE commit added VULNBL_AMD(0x1a, SRSO | VMSCAPE), and resolution is to skip that line. 2. Patch 2 and 3 are clean cherry-picks, 3 is a fix for 2.
Note: I verified if this problem is also on other stable trees like (6.6 --> 5.10, no they don't have this backport problem)
Thanks, Harshit
Borislav Petkov (1): x86/bugs: KVM: Add support for SRSO_MSR_FIX
Borislav Petkov (AMD) (1): x86/bugs: Add SRSO_USER_KERNEL_NO support
Sean Christopherson (1): KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions
Documentation/admin-guide/hw-vuln/srso.rst | 13 +++++ arch/x86/include/asm/cpufeatures.h | 5 ++ arch/x86/include/asm/msr-index.h | 1 + arch/x86/kernel/cpu/bugs.c | 28 ++++++++-- arch/x86/kvm/svm/svm.c | 65 ++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 2 + arch/x86/lib/msr.c | 2 + 7 files changed, 112 insertions(+), 4 deletions(-)