New architectural features and CPUID bits related to the Speculative Return Stack Overflow (SRSO) vulnerability.
Arnaldo Carvalho de Melo (1): tools headers cpufeatures: Sync with the kernel sources
Borislav Petkov (AMD) (7): x86/bugs: Increase the x86 bugs vector size to two u32s x86/srso: Add a Speculative RAS Overflow mitigation x86/srso: Add IBPB_BRTYPE support x86/srso: Add SRSO_NO support x86/srso: Add IBPB x86/srso: Add IBPB on VMEXIT x86/srso: Tie SBPB bit setting to microcode patch detection
Josh Poimboeuf (1): x86/srso: Fix return thunks in generated code
Kim Phillips (1): x86/cpu, kvm: Add support for CPUID_80000021_EAX
Documentation/admin-guide/hw-vuln/index.rst | 1 + Documentation/admin-guide/hw-vuln/srso.rst | 133 +++++++++++++ .../admin-guide/kernel-parameters.txt | 11 ++ arch/x86/Kconfig | 7 + arch/x86/include/asm/cpufeature.h | 7 +- arch/x86/include/asm/cpufeatures.h | 14 +- arch/x86/include/asm/disabled-features.h | 3 +- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/nospec-branch.h | 18 +- arch/x86/include/asm/processor.h | 2 + arch/x86/include/asm/required-features.h | 3 +- arch/x86/kernel/cpu/amd.c | 19 ++ arch/x86/kernel/cpu/bugs.c | 179 ++++++++++++++++++ arch/x86/kernel/cpu/common.c | 13 +- arch/x86/kernel/vmlinux.lds.S | 32 +++- arch/x86/kvm/cpuid.c | 3 + arch/x86/kvm/cpuid.h | 1 + arch/x86/kvm/svm/svm.c | 4 +- arch/x86/kvm/svm/vmenter.S | 3 + arch/x86/lib/retpoline.S | 81 +++++++- drivers/base/cpu.c | 8 + include/linux/cpu.h | 2 + tools/arch/x86/include/asm/cpufeatures.h | 18 +- tools/objtool/arch/x86/decode.c | 5 +- 24 files changed, 544 insertions(+), 24 deletions(-) create mode 100644 Documentation/admin-guide/hw-vuln/srso.rst