From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:51334 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757360AbeD0FhC (ORCPT ); Fri, 27 Apr 2018 01:37:02 -0400 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w3R5auWo124167 for ; Fri, 27 Apr 2018 01:37:02 -0400 Received: from e06smtp12.uk.ibm.com (e06smtp12.uk.ibm.com [195.75.94.108]) by mx0a-001b2d01.pphosted.com with ESMTP id 2hkwdn8x0n-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Apr 2018 01:37:01 -0400 Received: from localhost by e06smtp12.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 27 Apr 2018 06:36:59 +0100 From: Martin Schwidefsky To: Greg Kroah-Hartman , stable@vger.kernel.org Cc: Martin Schwidefsky Subject: [PATCH 00/19] s390 spectre mititgation for 4.9 Date: Fri, 27 Apr 2018 07:36:38 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <20180427053657.56944-1-schwidefsky@de.ibm.com> Sender: stable-owner@vger.kernel.org List-ID: Greetings, this series is the backport of 19 upstream patches to add the current s390 spectre mitigation to kernel version 4.9. It follows the x86 approach with array_index_nospec for the v1 spectre attack and retpoline/expoline for v2. As a fallback there is the ppa-12/ppa-13 based defense which requires an micro-code update. Christian Borntraeger (3): KVM: s390: wire up bpb feature KVM: s390: force bp isolation for VSIE s390/entry.S: fix spurious zeroing of r0 Eugeniu Rosca (1): s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*) Heiko Carstens (1): s390: enable CPU alternatives unconditionally Martin Schwidefsky (13): s390: scrub registers on kernel entry and KVM exit s390: add optimized array_index_mask_nospec s390/alternative: use a copy of the facility bit mask s390: add options to change branch prediction behaviour for the kernel s390: run user space and KVM guests with modified branch prediction s390: introduce execute-trampolines for branches s390: do not bypass BPENTER for interrupt system calls s390: move nobp parameter functions to nospec-branch.c s390: add automatic detection of the spectre defense s390: report spectre mitigation via syslog s390: add sysfs attributes for spectre s390: correct nospec auto detection init order s390: correct module section names for expoline code revert Vasily Gorbik (1): s390: introduce CPU alternatives Documentation/kernel-parameters.txt | 3 + arch/s390/Kconfig | 47 +++++++ arch/s390/Makefile | 10 ++ arch/s390/include/asm/alternative.h | 149 ++++++++++++++++++++ arch/s390/include/asm/barrier.h | 24 ++++ arch/s390/include/asm/facility.h | 18 +++ arch/s390/include/asm/kvm_host.h | 3 +- arch/s390/include/asm/lowcore.h | 7 +- arch/s390/include/asm/nospec-branch.h | 17 +++ arch/s390/include/asm/processor.h | 4 + arch/s390/include/asm/thread_info.h | 4 + arch/s390/include/uapi/asm/kvm.h | 5 +- arch/s390/kernel/Makefile | 6 +- arch/s390/kernel/alternative.c | 112 +++++++++++++++ arch/s390/kernel/early.c | 5 + arch/s390/kernel/entry.S | 250 ++++++++++++++++++++++++++++++---- arch/s390/kernel/ipl.c | 1 + arch/s390/kernel/module.c | 65 ++++++++- arch/s390/kernel/nospec-branch.c | 169 +++++++++++++++++++++++ arch/s390/kernel/processor.c | 18 +++ arch/s390/kernel/setup.c | 14 +- arch/s390/kernel/smp.c | 7 +- arch/s390/kernel/vmlinux.lds.S | 37 +++++ arch/s390/kvm/kvm-s390.c | 13 +- arch/s390/kvm/vsie.c | 30 ++++ drivers/s390/char/Makefile | 2 + include/uapi/linux/kvm.h | 1 + 27 files changed, 984 insertions(+), 37 deletions(-) create mode 100644 arch/s390/include/asm/alternative.h create mode 100644 arch/s390/include/asm/nospec-branch.h create mode 100644 arch/s390/kernel/alternative.c create mode 100644 arch/s390/kernel/nospec-branch.c -- 2.13.5