This is a note to let you know that I've just added the patch titled

x86/cpufeatures: Make CPU bugs sticky

to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...

The filename of the patch is: x86-cpufeatures-make-cpu-bugs-sticky.patch and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.

From 6cbd2171e89b13377261d15e64384df60ecb530e Mon Sep 17 00:00:00 2001

From: Thomas Gleixner tglx@linutronix.de Date: Mon, 4 Dec 2017 15:07:32 +0100 Subject: x86/cpufeatures: Make CPU bugs sticky

From: Thomas Gleixner tglx@linutronix.de

commit 6cbd2171e89b13377261d15e64384df60ecb530e upstream.

There is currently no way to force CPU bug bits like CPU feature bits. That makes it impossible to set a bug bit once at boot and have it stick for all upcoming CPUs.

Extend the force set/clear arrays to handle bug bits as well.

Signed-off-by: Thomas Gleixner tglx@linutronix.de Reviewed-by: Borislav Petkov bp@suse.de Cc: Andy Lutomirski luto@kernel.org Cc: Boris Ostrovsky boris.ostrovsky@oracle.com Cc: Borislav Petkov bp@alien8.de Cc: Borislav Petkov bpetkov@suse.de Cc: Brian Gerst brgerst@gmail.com Cc: Dave Hansen dave.hansen@intel.com Cc: Dave Hansen dave.hansen@linux.intel.com Cc: David Laight David.Laight@aculab.com Cc: Denys Vlasenko dvlasenk@redhat.com Cc: Eduardo Valentin eduval@amazon.com Cc: Greg KH gregkh@linuxfoundation.org Cc: H. Peter Anvin hpa@zytor.com Cc: Josh Poimboeuf jpoimboe@redhat.com Cc: Juergen Gross jgross@suse.com Cc: Linus Torvalds torvalds@linux-foundation.org Cc: Peter Zijlstra peterz@infradead.org Cc: Rik van Riel riel@redhat.com Cc: Will Deacon will.deacon@arm.com Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Link: https://lkml.kernel.org/r/20171204150606.992156574@linutronix.de Signed-off-by: Ingo Molnar mingo@kernel.org Signed-off-by: David Woodhouse dwmw@amazon.co.uk Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org

--- arch/x86/include/asm/cpufeature.h | 2 ++ arch/x86/include/asm/processor.h | 4 ++-- arch/x86/kernel/cpu/common.c | 6 +++--- 3 files changed, 7 insertions(+), 5 deletions(-)

--- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -135,6 +135,8 @@ extern const char * const x86_bug_flags[ set_bit(bit, (unsigned long *)cpu_caps_set); \ } while (0)

+#define setup_force_cpu_bug(bit) setup_force_cpu_cap(bit) + #if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_X86_FAST_FEATURE_TESTS) /* * Static testing of CPU features. Used the same as boot_cpu_has(). --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -156,8 +156,8 @@ extern struct cpuinfo_x86 boot_cpu_data; extern struct cpuinfo_x86 new_cpu_data;

extern struct tss_struct doublefault_tss; -extern __u32 cpu_caps_cleared[NCAPINTS]; -extern __u32 cpu_caps_set[NCAPINTS]; +extern __u32 cpu_caps_cleared[NCAPINTS + NBUGINTS]; +extern __u32 cpu_caps_set[NCAPINTS + NBUGINTS];

#ifdef CONFIG_SMP DECLARE_PER_CPU_READ_MOSTLY(struct cpuinfo_x86, cpu_info); --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -480,8 +480,8 @@ static const char *table_lookup_model(st return NULL; /* Not found */ }

-__u32 cpu_caps_cleared[NCAPINTS]; -__u32 cpu_caps_set[NCAPINTS]; +__u32 cpu_caps_cleared[NCAPINTS + NBUGINTS]; +__u32 cpu_caps_set[NCAPINTS + NBUGINTS];

void load_percpu_segment(int cpu) { @@ -710,7 +710,7 @@ static void apply_forced_caps(struct cpu { int i;

- for (i = 0; i < NCAPINTS; i++) { + for (i = 0; i < NCAPINTS + NBUGINTS; i++) { c->x86_capability[i] &= ~cpu_caps_cleared[i]; c->x86_capability[i] |= cpu_caps_set[i]; }

Patches currently in stable-queue which might be from tglx@linutronix.de are

queue-4.9/x86-spectre-add-boot-time-option-to-select-spectre-v2-mitigation.patch queue-4.9/x86-retpoline-irq32-convert-assembler-indirect-jumps.patch queue-4.9/objtool-detect-jumps-to-retpoline-thunks.patch queue-4.9/x86-cpufeatures-add-x86_bug_spectre_v.patch queue-4.9/x86-microcode-intel-extend-bdw-late-loading-with-a-revision-check.patch queue-4.9/x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch queue-4.9/x86-retpoline-hyperv-convert-assembler-indirect-jumps.patch queue-4.9/x86-retpoline-entry-convert-entry-assembler-indirect-jumps.patch queue-4.9/x86-asm-use-register-variable-to-get-stack-pointer-value.patch queue-4.9/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch queue-4.9/x86-cpufeatures-add-x86_bug_cpu_insecure.patch queue-4.9/objtool-modules-discard-objtool-annotation-sections-for-modules.patch queue-4.9/x86-cpufeatures-make-cpu-bugs-sticky.patch queue-4.9/x86-cpu-amd-make-lfence-a-serializing-instruction.patch queue-4.9/x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch queue-4.9/x86-documentation-add-pti-description.patch queue-4.9/x86-acpi-handle-sci-interrupts-above-legacy-space-gracefully.patch queue-4.9/objtool-allow-alternatives-to-be-ignored.patch queue-4.9/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch queue-4.9/x86-retpoline-crypto-convert-crypto-assembler-indirect-jumps.patch queue-4.9/x86-cpu-factor-out-application-of-forced-cpu-caps.patch queue-4.9/selftests-x86-add-test_vsyscall.patch queue-4.9/x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch queue-4.9/x86-cpu-merge-bugs.c-and-bugs_64.c.patch queue-4.9/x86-retpoline-checksum32-convert-assembler-indirect-jumps.patch queue-4.9/x86-mm-32-move-setup_clear_cpu_cap-x86_feature_pcid-earlier.patch queue-4.9/sysfs-cpu-add-vulnerability-folder.patch queue-4.9/x86-retpoline-fill-return-stack-buffer-on-vmexit.patch queue-4.9/x86-pti-rename-bug_cpu_insecure-to-bug_cpu_meltdown.patch queue-4.9/x86-acpi-reduce-code-duplication-in-mp_override_legacy_irq.patch queue-4.9/x86-retpoline-remove-compile-time-warning.patch queue-4.9/x86-alternatives-fix-optimize_nops-checking.patch queue-4.9/x86-cpu-amd-use-lfence_rdtsc-in-preference-to-mfence_rdtsc.patch queue-4.9/x86-retpoline-add-initial-retpoline-support.patch