On Tue, 2022-09-06 at 14:20 -0700, Pawan Gupta wrote: > Hi Ben, > > On Tue, Sep 06, 2022 at 07:07:57PM +0200, Ben Hutchings wrote: > > On Tue, 2022-09-06 at 14:07 +0200, Greg KH wrote: > > > On Fri, Sep 02, 2022 at 04:26:57PM +0200, Ben Hutchings wrote: > > > > On Thu, 2022-09-01 at 11:43 +0200, Greg KH wrote: > > > > > On Mon, Aug 29, 2022 at 04:04:58PM +0200, Ben Hutchings wrote: > > > > > > On Mon, 2022-08-29 at 10:30 +0200, gregkh@linuxfoundation.org wrote: > > > > > > > The patch below does not apply to the 5.10-stable tree. > > > > > > > If someone wants it applied there, or to any other stable or longterm > > > > > > > tree, then please email the backport, including the original git commit > > > > > > > id to . > > > > > > > > > > > > > > > > > > > You need commit 4e3aa9238277 "x86/nospec: Unwreck the RSB stuffing" > > > > > > before this one. I've attached the backport of that for 5.10. I > > > > > > haven't checked the older branches. > > > > > > > > > > Great, thanks, this worked. But the backport did not apply to 4.19, so > > > > > I will need that in order to take this one as well. > > > > > > > > I've had a look at 5.4, and it's sufficiently different from upstream > > > > that I don't see how to move forward. > > > > > > > > However, I also found that the PBRSB mitigation seems broken, as commit > > > > fc02735b14ff "KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS" > > > > was not backported (and would be hard to add). > > > > > > > > So, perhaps it would be best to revert the backports of: > > > > > > > > 2b1299322016 x86/speculation: Add RSB VM Exit protections > > > > ba6e31af2be9 x86/speculation: Add LFENCE to RSB fill sequence > > > > > > > > in stable branches older than 5.10. > > > > > > Why? Is it because they do not work at all there, or are they causing > > > problems? > > > > - They both add unconditional LFENCE instructions, which are not > > implemented on older 32-bit CPUs and will therefore result in a crash. > > Backporting commit 332924973725 ("x86/nospec: Fix i386 RSB stuffing") should > fix this? That's where this thread started. The problem is that it seems to depend on a lot of other changes. > https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=332924973725e8cdcc783c175f68cf7e162cb9e5 > > > - The added mitigation, for PBRSB, requires removing any RET > > instructions executed between VM exit and the RSB filling. In these > > older branches that hasn't been done, so the mitigation doesn't work. > > I checked 4.19 and 5.4, I don't see any RET between VM-exit and RSB > filling. Could you please point me to any specific instance you are > seeing? Yes, you're right. The backported versions avoid this problem. They are quite different from the upstream commit - and I would have appreciated some explanation of this in their commit messages. So, let's try again to move forward. I've attached a backport for 4.19 and 5.4 (only tested with the latter so far). Ben. -- Ben Hutchings Hoare's Law of Large Problems: Inside every large problem is a small problem struggling to get out.