On Mon, Oct 03, 2022 at 10:10:01AM -0300, Thadeu Lima de Souza Cascardo wrote:
This backport introduces IBRS support to 5.4.y in order to mitigate Retbleed on Intel parts. Though some very small pieces for AMD have been picked up as well, "UNRET" mitigations are not backported, nor IBPB. It is expected, though, that the backport will report AMD systems as vulnerable or not affected, depending on the parts and the BTC_NO bit.
One note here is that the PBRSB mitigation was backported previously to the 5.4 series, and this would have made things a little bit more complicated. So, I reverted it and applied it later on.
This has been boot-tested and smoke-tested on a bunch of AMD and Intel systems.
Thank you for these, I've queued them up now and will do a -rc release with them to get some testing.
greg k-h