From: "Srivatsa S. Bhat" <srivatsa@csail.mit.edu>
To: Jiri Kosina <jikos@kernel.org>
Cc: gregkh@linuxfoundation.org, stable@vger.kernel.org,
"Denys Vlasenko" <dvlasenk@redhat.com>,
"Bo Gan" <ganb@vmware.com>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"Borislav Petkov" <bp@suse.de>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ricardo Neri" <ricardo.neri-calderon@linux.intel.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
"Andi Kleen" <ak@linux.intel.com>,
linux-tip-commits@vger.kernel.org,
"Jia Zhang" <qianyue.zj@alibaba-inc.com>,
"Josh Poimboeuf" <jpoimboe@redhat.com>,
xen-devel@lists.xenproject.org, Krčmář <rkrcmar@redhat.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Andy Lutomirski" <luto@amacapital.net>,
"Arnaldo Carvalho de Melo" <acme@redhat.com>,
"Sherry Hurwitz" <sherry.hurwitz@amd.com>,
"Kees Cook" <keescook@chromium.org>,
linux-kernel@vger.kernel.org,
"Shuah Khan" <shuahkh@osg.samsung.com>,
"Oleg Nesterov" <oleg@redhat.com>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"David Woodhouse" <dwmw@amazon.co.uk>,
"KarimAllah Ahmed" <karahmed@amazon.de>,
"Borislav Petkov" <bp@alien8.de>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
linux@dominikbrodowski.net,
"Quentin Casasnovas" <quentin.casasnovas@oracle.com>,
"Joerg Roedel" <joro@8bytes.org>,
"Alexander Shishkin" <alexander.shishkin@linux.intel.com>,
"Kyle Huey" <me@kylehuey.com>, "Will Drewry" <wad@chromium.org>,
"Andrey Ryabinin" <ryabinin.a.a@gmail.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Brian Gerst" <brgerst@gmail.com>,
"Kristen Carlson Accardi" <kristen@linux.intel.com>,
"Thomas Garnier" <thgarnie@google.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Joe Konno" <joe.konno@linux.intel.com>,
kvm <kvm@vger.kernel.org>, "Piotr Luc" <piotr.luc@intel.com>,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Jan Beulich" <jbeulich@suse.com>,
"Arjan van de Ven" <arjan@linux.intel.com>,
"Alexander Kuleshov" <kuleshovmail@gmail.com>,
"Juergen Gross" <jgross@suse.com>,
"Ross Zwisler" <ross.zwisler@linux.intel.com>,
"Jörg Otte" <jrg.otte@gmail.com>,
"Tim Chen" <tim.c.chen@linux.intel.com>,
"Alexander Sergeyev" <sergeev917@gmail.com>,
"Josh Triplett" <josh@joshtriplett.org>,
gnomes@lxorguk.ukuu.org.uk, "Tony Luck" <tony.luck@intel.com>,
"Laura Abbott" <labbott@fedoraproject.org>,
"Dave Hansen" <dave.hansen@intel.com>,
"Ingo Molnar" <mingo@kernel.org>,
"Mike Galbraith" <efault@gmx.de>,
"Rik van Riel" <riel@redhat.com>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
"Alexey Makhalov" <amakhalov@vmware.com>,
"Dave Hansen" <dave@sr71.net>,
ashok.raj@intel.com, "Mel Gorman" <mgorman@suse.de>,
MickaëlSalaün <mic@digikod.net>,
"Fenghua Yu" <fenghua.yu@intel.com>,
"Matt Helsley (VMware)" <matt.helsley@gmail.com>,
"Vince Weaver" <vincent.weaver@maine.edu>,
"Prarit Bhargava" <prarit@redhat.com>,
"Steven Rostedt" <rostedt@goodmis.org>,
"Dan Williams" <dan.j.williams@intel.com>,
"Jim Mattson" <jmattson@google.com>,
gregkh@linux-foundation.org, "Dave Young" <dyoung@redhat.com>,
linux-edac <linux-edac@vger.kernel.org>,
"Jon Masters" <jcm@redhat.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Arnd Bergmann" <arnd@arndb.de>,
linux-mm@kvack.org, "Jiri Olsa" <jolsa@redhat.com>,
arjan.van.de.ven@intel.com, sironi@amazon.de,
"Frederic Weisbecker" <fweisbec@gmail.com>,
"Kyle Huey" <khuey@kylehuey.com>,
"Alexander Popov" <alpopov@ptsecurity.com>,
"Andy Shevchenko" <andriy.shevchenko@linux.intel.com>,
"Nadav Amit" <nadav.amit@gmail.com>,
"Yazen Ghannam" <Yazen.Ghannam@amd.com>,
"Wanpeng Li" <kernellwp@gmail.com>,
"Stephane Eranian" <eranian@google.com>,
"David Woodhouse" <dwmw2@infradead.org>,
srivatsab@vmware.com
Subject: Re: [RESEND] Spectre-v2 (IBPB/IBRS) and SSBD fixes for 4.4.y
Date: Tue, 24 Jul 2018 13:13:18 -0700 [thread overview]
Message-ID: <e57d5ac9-68d7-8ccf-6117-5a2f9d9e1112@csail.mit.edu> (raw)
In-Reply-To: <nycvar.YFH.7.76.1807232357440.997@cbobk.fhfr.pm>
On 7/23/18 3:06 PM, Jiri Kosina wrote:
> On Sat, 14 Jul 2018, Srivatsa S. Bhat wrote:
>
>> This patch series is a backport of the Spectre-v2 fixes (IBPB/IBRS)
>> and patches for the Speculative Store Bypass vulnerability to 4.4.y
>> (they apply cleanly on top of 4.4.140).
>
> FWIW -- not sure how much inspiration you took from our SLE 4.4-based
> tree, but most of the stuff is already there for quite some time
> (including the non-upstream IBRS on kernel boundary on SKL+, trampoline
> stack for PTI (which the original port didn't have), etc).
>
> The IBRS SKL+ stuff has not been picked up by Greg, as it's non-upstream,
> and the trampoline stack I believe was pointed out to stable@, but noone
> really sat down and did the port (our codebase is different than 4.4.x
> stable base), but it definitely should be done if someone has to put 100%
> trust into the PTI port (either that, or at least zeroing out the kernel
> thread thread stack ... we used to have temporarily that before we
> switched over to proper entry trampoline in this version as well).
>
I did glance at the SLES 4.4 kernel sometime ago, but there seemed to
be way too many custom patches and I wasn't sure in what ways your
PTI/Spectre fixes depended on the other (x86) patches in your tree. So
I decided to backport entirely from the 4.9 stable tree instead. My
reasoning was that, since the 4.9 stable patches were trusted to work
well, their 4.4 backports should work well too, as long as they are
backported correctly.
However, if you are proposing that you'd like to contribute the
enhanced PTI/Spectre (upstream) patches from the SLES 4.4 tree to 4.4
stable, and have them merged instead of this patch series, then I
would certainly welcome it!
Regards,
Srivatsa
VMware Photon OS
next prev parent reply other threads:[~2018-07-24 20:14 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-14 9:25 Srivatsa S. Bhat
2018-07-14 9:28 ` [PATCH 4.4.y 015/101] x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions Srivatsa S. Bhat
2018-07-15 11:04 ` Patch "[PATCH 4.4.y 015/101] x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions" has been added to the 4.4-stable tree gregkh
2018-07-14 9:31 ` [PATCH 4.4.y 041/101] x86/mm: Factor out LDT init from context init Srivatsa S. Bhat
2018-07-23 9:22 ` Patch "x86/mm: Factor out LDT init from context init" has been added to the 4.4-stable tree gregkh
2018-07-14 9:32 ` [PATCH 4.4.y 042/101] x86/mm: Give each mm TLB flush generation a unique ID Srivatsa S. Bhat
2018-07-23 9:22 ` Patch "x86/mm: Give each mm TLB flush generation a unique ID" has been added to the 4.4-stable tree gregkh
2018-07-15 11:26 ` [RESEND] Spectre-v2 (IBPB/IBRS) and SSBD fixes for 4.4.y Greg KH
2018-07-16 8:02 ` Srivatsa S. Bhat
2018-07-23 11:26 ` Greg KH
2018-07-23 17:27 ` Srivatsa S. Bhat
2018-07-23 22:06 ` Jiri Kosina
2018-07-24 20:13 ` Srivatsa S. Bhat [this message]
2018-07-24 22:02 ` Jiri Kosina
2018-07-26 23:09 ` Kees Cook
2018-08-02 19:22 ` Srivatsa S. Bhat
2018-08-02 22:22 ` Kees Cook
2018-08-03 23:20 ` Srivatsa S. Bhat
2018-08-07 13:49 ` Greg KH
2018-08-07 19:08 ` Srivatsa S. Bhat
2018-08-07 19:15 ` Greg KH
2018-08-07 19:19 ` Srivatsa S. Bhat
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e57d5ac9-68d7-8ccf-6117-5a2f9d9e1112@csail.mit.edu \
--to=srivatsa@csail.mit.edu \
--cc=Yazen.Ghannam@amd.com \
--cc=acme@redhat.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=alpopov@ptsecurity.com \
--cc=amakhalov@vmware.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=arjan.van.de.ven@intel.com \
--cc=arjan@linux.intel.com \
--cc=arnd@arndb.de \
--cc=ashok.raj@intel.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dave@sr71.net \
--cc=dvlasenk@redhat.com \
--cc=dwmw2@infradead.org \
--cc=dwmw@amazon.co.uk \
--cc=dyoung@redhat.com \
--cc=efault@gmx.de \
--cc=eranian@google.com \
--cc=fenghua.yu@intel.com \
--cc=fweisbec@gmail.com \
--cc=ganb@vmware.com \
--cc=gnomes@lxorguk.ukuu.org.uk \
--cc=gregkh@linux-foundation.org \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=jbeulich@suse.com \
--cc=jcm@redhat.com \
--cc=jgross@suse.com \
--cc=jikos@kernel.org \
--cc=jmattson@google.com \
--cc=joe.konno@linux.intel.com \
--cc=jolsa@redhat.com \
--cc=joro@8bytes.org \
--cc=josh@joshtriplett.org \
--cc=jpoimboe@redhat.com \
--cc=jrg.otte@gmail.com \
--cc=karahmed@amazon.de \
--cc=keescook@chromium.org \
--cc=kernellwp@gmail.com \
--cc=khuey@kylehuey.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=konrad.wilk@oracle.com \
--cc=kristen@linux.intel.com \
--cc=kuleshovmail@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=labbott@fedoraproject.org \
--cc=linux-edac@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=matt.helsley@gmail.com \
--cc=me@kylehuey.com \
--cc=mgorman@suse.de \
--cc=mic@digikod.net \
--cc=mingo@kernel.org \
--cc=nadav.amit@gmail.com \
--cc=oleg@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=piotr.luc@intel.com \
--cc=prarit@redhat.com \
--cc=qianyue.zj@alibaba-inc.com \
--cc=quentin.casasnovas@oracle.com \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=riel@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=ross.zwisler@linux.intel.com \
--cc=rostedt@goodmis.org \
--cc=ryabinin.a.a@gmail.com \
--cc=sergeev917@gmail.com \
--cc=sherry.hurwitz@amd.com \
--cc=shuahkh@osg.samsung.com \
--cc=sironi@amazon.de \
--cc=srivatsab@vmware.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=thgarnie@google.com \
--cc=thomas.lendacky@amd.com \
--cc=tim.c.chen@linux.intel.com \
--cc=tony.luck@intel.com \
--cc=torvalds@linux-foundation.org \
--cc=vincent.weaver@maine.edu \
--cc=wad@chromium.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox