[Linux-stable-mirror] Patch "x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]" has been added to the 4.9-stable tree - Linux-stable-mirror

15 Jan 2018

This is a note to let you know that I've just added the patch titled
x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is:
     x86-cpufeatures-add-x86_bug_spectre_v.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let stable@vger.kernel.org know about it.
...
From 99c6fa2511d8a683e61468be91b83f85452115fa Mon Sep 17 00:00:00 2001
From: David Woodhouse dwmw@amazon.co.uk
Date: Sat, 6 Jan 2018 11:49:23 +0000
Subject: x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
From: David Woodhouse dwmw@amazon.co.uk
commit 99c6fa2511d8a683e61468be91b83f85452115fa upstream.
Add the bug bits for spectre v1/2 and force them unconditionally for all
cpus.
Signed-off-by: David Woodhouse dwmw@amazon.co.uk
Signed-off-by: Thomas Gleixner tglx@linutronix.de
Cc: gnomes@lxorguk.ukuu.org.uk
Cc: Rik van Riel riel@redhat.com
Cc: Andi Kleen ak@linux.intel.com
Cc: Peter Zijlstra peterz@infradead.org
Cc: Linus Torvalds torvalds@linux-foundation.org
Cc: Jiri Kosina jikos@kernel.org
Cc: Andy Lutomirski luto@amacapital.net
Cc: Dave Hansen dave.hansen@intel.com
Cc: Kees Cook keescook@google.com
Cc: Tim Chen tim.c.chen@linux.intel.com
Cc: Greg Kroah-Hartman gregkh@linux-foundation.org
Cc: Paul Turner pjt@google.com
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/1515239374-23361-2-git-send-email-dwmw@amazon.co.u...
Signed-off-by: Razvan Ghitulete rga@amazon.de
Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
---
 arch/x86/include/asm/cpufeatures.h |    2 ++
 arch/x86/kernel/cpu/common.c       |    3 +++
 2 files changed, 5 insertions(+)

--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -317,5 +317,7 @@
 #define X86_BUG_MONITOR		X86_BUG(12) /* IPI required to wake up remote CPU */
 #define X86_BUG_AMD_E400	X86_BUG(13) /* CPU is among the affected by Erratum 400 */
 #define X86_BUG_CPU_MELTDOWN	X86_BUG(14) /* CPU is affected by meltdown attack and needs kernel page table isolation */
+#define X86_BUG_SPECTRE_V1	X86_BUG(15) /* CPU is affected by Spectre variant 1 attack with conditional branches */
+#define X86_BUG_SPECTRE_V2	X86_BUG(16) /* CPU is affected by Spectre variant 2 attack with indirect branches */
#endif /* _ASM_X86_CPUFEATURES_H */
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -886,6 +886,9 @@ static void __init early_identify_cpu(st
    /* Assume for now that ALL x86 CPUs are insecure */
    setup_force_cpu_bug(X86_BUG_CPU_MELTDOWN);
+	setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
+	setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
+
    fpu__init_system(c);
 }
Patches currently in stable-queue which might be from dwmw@amazon.co.uk are
queue-4.9/x86-spectre-add-boot-time-option-to-select-spectre-v2-mitigation.patch
queue-4.9/x86-retpoline-irq32-convert-assembler-indirect-jumps.patch
queue-4.9/objtool-detect-jumps-to-retpoline-thunks.patch
queue-4.9/x86-cpufeatures-add-x86_bug_spectre_v.patch
queue-4.9/x86-alternatives-add-missing-n-at-end-of-alternative-inline-asm.patch
queue-4.9/x86-retpoline-hyperv-convert-assembler-indirect-jumps.patch
queue-4.9/x86-retpoline-entry-convert-entry-assembler-indirect-jumps.patch
queue-4.9/sysfs-cpu-fix-typos-in-vulnerability-documentation.patch
queue-4.9/x86-cpufeatures-add-x86_bug_cpu_insecure.patch
queue-4.9/x86-cpufeatures-make-cpu-bugs-sticky.patch
queue-4.9/x86-cpu-amd-make-lfence-a-serializing-instruction.patch
queue-4.9/x86-retpoline-ftrace-convert-ftrace-assembler-indirect-jumps.patch
queue-4.9/objtool-allow-alternatives-to-be-ignored.patch
queue-4.9/x86-cpu-implement-cpu-vulnerabilites-sysfs-functions.patch
queue-4.9/x86-retpoline-crypto-convert-crypto-assembler-indirect-jumps.patch
queue-4.9/x86-cpu-factor-out-application-of-forced-cpu-caps.patch
queue-4.9/x86-retpoline-xen-convert-xen-hypercall-indirect-jumps.patch
queue-4.9/x86-retpoline-checksum32-convert-assembler-indirect-jumps.patch
queue-4.9/x86-mm-32-move-setup_clear_cpu_cap-x86_feature_pcid-earlier.patch
queue-4.9/sysfs-cpu-add-vulnerability-folder.patch
queue-4.9/x86-retpoline-fill-return-stack-buffer-on-vmexit.patch
queue-4.9/x86-pti-rename-bug_cpu_insecure-to-bug_cpu_meltdown.patch
queue-4.9/x86-retpoline-remove-compile-time-warning.patch
queue-4.9/x86-alternatives-fix-optimize_nops-checking.patch
queue-4.9/x86-cpu-amd-use-lfence_rdtsc-in-preference-to-mfence_rdtsc.patch
queue-4.9/x86-retpoline-add-initial-retpoline-support.patch

    