[PATCH 0/5] x86/bugs: more BHI fixes
From: Josh Poimboeuf
Date: Fri Apr 19 2024 - 17:10:11 EST
Patch 1 is another iteration of reducing the scope of syscall hardening
in order to improve performance on some CPUs. The feature bit has a new
name, and the commit log and comments are much improved.
The rest of the patches are new:
- Patch 2 fixes the default mitigations for !x86 (reimplementation of
Sean's fix).
- Patch 3 fixes some objtool warnings found by Paul.
- Patch 4 is a documentation cleanup and prep for patch 5.
- Patch 5 adds a requested spectre_bhi=vmexit option.
Josh Poimboeuf (5):
x86/bugs: Only harden syscalls when needed
cpu/speculation: Fix CPU mitigation defaults for !x86
x86/syscall: Mark exit[_group] syscall handlers __noreturn
x86/bugs: Remove duplicate Spectre cmdline option descriptions
x86/bugs: Add 'spectre_bhi=vmexit' cmdline option
Documentation/admin-guide/hw-vuln/spectre.rst | 84 ++-----------------
.../admin-guide/kernel-parameters.txt | 12 ++-
arch/Kconfig | 10 +++
arch/x86/Kconfig | 15 +---
arch/x86/entry/common.c | 15 +++-
arch/x86/entry/syscall_32.c | 11 +--
arch/x86/entry/syscall_64.c | 10 +--
arch/x86/entry/syscall_x32.c | 11 ++-
arch/x86/entry/syscalls/syscall_64.tbl | 6 +-
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/syscall.h | 8 +-
arch/x86/kernel/cpu/bugs.c | 51 +++++++++--
arch/x86/um/sys_call_table_32.c | 1 +
arch/x86/um/sys_call_table_64.c | 1 +
kernel/cpu.c | 4 +-
scripts/syscalltbl.sh | 6 +-
tools/objtool/noreturns.h | 4 +
17 files changed, 126 insertions(+), 124 deletions(-)
--
2.44.0