Query regarding Spectre fixes - IBRS/IBPB/SSB...

From: Arackal, Paulose Kuriakose (STSD)
Date: Mon Jul 09 2018 - 00:29:04 EST

Next message: Kishon Vijay Abraham I: "Re: [PATCH v2 7/9] phy: allwinner: add phy driver for USB3 PHY on Allwinner H6 SoC"
Previous message: Greg KH: "Re: [PATCH v2] devres: Really align data field to unsigned long long"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I have been tracking Spectre related fixes at Linux kernel 4.4.x LTS branch, for some of our products on this kernel version.

One thing I noted is, some kernel fixes are added at upstream kernels 4.16 and 4.17, related to IBRS/IBPB capabilities and SSB fix.
Few of the related commits listed below:

    x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.16.y&id=df35c3e66e6da210fed4a011722644cf1de590dd

    x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
    Expose indirect_branch_prediction_barrier() for use in subsequent patches.
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=20ffa1caecca4db8f79fe665acdeaa5af815a24d

    x86/speculation: Use IBRS if available before calling into firmware
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=dd84441a797150dcc49298ec95c459a8891d8bb1

These changes are not seen backported to 4.4.* LTS. Have few related queries:

1. Is a microcode update of IBRS/IBPB/SSB fixes alone good enough for cover from the vulnerabilities.
2. Are the kernel changes as above a must to utilize IBRS/IBPB against Spectre vulnerabilities.?
3. Is there a plan to back port above fixes to 4.4.* LTS branch?.

Thanks,
Paulose.

Next message: Kishon Vijay Abraham I: "Re: [PATCH v2 7/9] phy: allwinner: add phy driver for USB3 PHY on Allwinner H6 SoC"
Previous message: Greg KH: "Re: [PATCH v2] devres: Really align data field to unsigned long long"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]