[PATCH OLK-5.10 00/28] fix CVE-2023-20569

7 Oct 2023

      New architectural features and CPUID bits related to the
Speculative Return Stack Overflow (SRSO) vulnerability.

Arnaldo Carvalho de Melo (2):
  tools headers cpufeatures: Sync with the kernel sources
  tools arch x86: Sync the msr-index.h copy with the kernel sources

Borislav Petkov (AMD) (9):
  x86/bugs: Increase the x86 bugs vector size to two u32s
  x86/srso: Add a Speculative RAS Overflow mitigation
  x86/srso: Add IBPB_BRTYPE support
  x86/srso: Add SRSO_NO support
  x86/srso: Add IBPB
  x86/srso: Add IBPB on VMEXIT
  x86/srso: Tie SBPB bit setting to microcode patch detection
  x86/srso: Disable the mitigation on unaffected configurations
  x86/srso: Correct the mitigation status when SMT is disabled

Jialin Zhang (1):
  x86/cpufeatures: Fix abi breakage caused by NCAPINTS in cpufeature
    header file.

Josh Poimboeuf (2):
  x86/srso: Fix return thunks in generated code
  objtool: Add frame-pointer-specific function ignore

Kim Phillips (1):
  x86/cpu, kvm: Add support for CPUID_80000021_EAX

Nick Desaulniers (1):
  x86/srso: Fix build breakage with the LLVM linker

Nikolay Borisov (1):
  kabi: Allow extra bugsints (bsc#1213927).

Peter Zijlstra (10):
  x86/ibt: Add ANNOTATE_NOENDBR
  x86/cpu: Fix __x86_return_thunk symbol type
  x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
  x86/alternative: Make custom return thunk unconditional
  x86/cpu: Clean up SRSO return thunk mess
  x86/cpu: Rename original retbleed methods
  x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
  x86/cpu: Cleanup the untrain mess
  objtool/x86: Fixup frame-pointer vs rethunk
  objtool/x86: Fix SRSO mess

Sean Christopherson (1):
  x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()

 Documentation/admin-guide/hw-vuln/index.rst   |   1 +
 Documentation/admin-guide/hw-vuln/srso.rst    | 133 ++++++++++++
 .../admin-guide/kernel-parameters.txt         |  11 +
 arch/x86/Kconfig                              |   7 +
 arch/x86/include/asm/cpufeature.h             |  23 +-
 arch/x86/include/asm/cpufeatures.h            |  15 +-
 arch/x86/include/asm/msr-index.h              |   1 +
 arch/x86/include/asm/nospec-branch.h          |  34 ++-
 arch/x86/include/asm/processor.h              |   7 +-
 arch/x86/kernel/alternative.c                 |   2 +-
 arch/x86/kernel/cpu/amd.c                     |  19 ++
 arch/x86/kernel/cpu/bugs.c                    | 197 ++++++++++++++++++
 arch/x86/kernel/cpu/common.c                  |  17 +-
 arch/x86/kernel/cpu/mkcapflags.sh             |   2 +-
 arch/x86/kernel/cpu/proc.c                    |   2 +-
 arch/x86/kernel/cpu/scattered.c               |   3 +
 arch/x86/kernel/vmlinux.lds.S                 |  38 +++-
 arch/x86/kvm/cpuid.c                          |   3 +
 arch/x86/kvm/svm/svm.c                        |   4 +-
 arch/x86/kvm/svm/vmenter.S                    |   3 +
 arch/x86/lib/retpoline.S                      | 135 ++++++++++--
 drivers/base/cpu.c                            |   8 +
 include/linux/cpu.h                           |   2 +
 include/linux/objtool.h                       |  28 +++
 tools/arch/x86/include/asm/cpufeatures.h      |  16 +-
 tools/arch/x86/include/asm/msr-index.h        |   1 +
 tools/include/linux/objtool.h                 |  28 +++
 tools/objtool/arch.h                          |   1 +
 tools/objtool/arch/x86/decode.c               |   6 +
 tools/objtool/check.c                         |  41 +++-
 tools/objtool/elf.h                           |   1 +
 .../perf/trace/beauty/tracepoints/x86_msr.sh  |   2 +-
 32 files changed, 740 insertions(+), 51 deletions(-)
 create mode 100644 Documentation/admin-guide/hw-vuln/srso.rst

-- 
2.25.1