v2: - Dropped already backported patch "x86/bugs: Add asm helpers for executing VERW". https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v... - Boot tested with KASLR and KPTI enabled. - Rebased to v6.7.8
v1: https://lore.kernel.org/r/20240226-delay-verw-backport-6-7-y-v1-0-ab25f64317...
This is the backport of recently upstreamed series that moves VERW execution to a later point in exit-to-user path. This is needed because in some cases it may be possible for data accessed after VERW executions may end into MDS affected CPU buffers. Moving VERW closer to ring transition reduces the attack surface.
Patch 2/7: A conflict was resolved for the hunk swapgs_restore_regs_and_return_to_usermode.
Signed-off-by: Pawan Gupta pawan.kumar.gupta@linux.intel.com --- Pawan Gupta (4): x86/entry_64: Add VERW just before userspace transition x86/entry_32: Add VERW just before userspace transition x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key KVM/VMX: Move VERW closer to VMentry for MDS mitigation
Sean Christopherson (1): KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
Documentation/arch/x86/mds.rst | 38 +++++++++++++++++++++++++----------- arch/x86/entry/entry_32.S | 3 +++ arch/x86/entry/entry_64.S | 11 +++++++++++ arch/x86/entry/entry_64_compat.S | 1 + arch/x86/include/asm/entry-common.h | 1 - arch/x86/include/asm/nospec-branch.h | 12 ------------ arch/x86/kernel/cpu/bugs.c | 15 ++++++-------- arch/x86/kernel/nmi.c | 3 --- arch/x86/kvm/vmx/run_flags.h | 7 +++++-- arch/x86/kvm/vmx/vmenter.S | 9 ++++++--- arch/x86/kvm/vmx/vmx.c | 20 +++++++++++++++---- 11 files changed, 75 insertions(+), 45 deletions(-) --- base-commit: d6d6c49dbf4512f1421f5e42896e2d70dc121f9a change-id: 20240226-delay-verw-backport-6-7-y-a2cb3f26bb90
Best regards,