| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Oct 2023 13:03:16 +0200
From: Borislav Petkov <bp@...en8.de>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: x86-ml <x86@...nel.org>, lkml <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] x86/bugs for v6.7
Hi Linus,
please pull the current pile of hw mitigations improvements and fixes
for 6.7.
Thx.
---
The following changes since commit 58720809f52779dc0f08e53e54b014209d13eebb:
Linux 6.6-rc6 (2023-10-15 13:34:39 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_bugs_for_6.7_rc1
for you to fetch changes up to 9d9c22cc444af01ce254872b729af26864c43a3a:
x86/retpoline: Document some thunk handling aspects (2023-10-20 13:17:14 +0200)
----------------------------------------------------------------
- A bunch of improvements, cleanups and fixlets to the SRSO mitigation
machinery and other, general cleanups to the hw mitigations code,
by Josh Poimboeuf
- Improve the return thunk detection by objtool as it is absolutely
important that the default return thunk is not used after returns
have been patched. Future work to detect and report this better is
pending
- Other misc cleanups and fixes
----------------------------------------------------------------
Alexey Dobriyan (1):
x86/callthunks: Delete unused "struct thunk_desc"
Borislav Petkov (AMD) (1):
x86/retpoline: Document some thunk handling aspects
David Kaplan (1):
x86/vdso: Run objtool on vdso32-setup.o
Jo Van Bulck (1):
x86/pti: Fix kernel warnings for pti= and nopti cmdline options
Josh Poimboeuf (16):
x86/srso: Fix SBPB enablement for (possible) future fixed HW
x86/srso: Print actual mitigation if requested mitigation isn't possible
x86/srso: Print mitigation for retbleed IBPB case
x86/srso: Fix vulnerability reporting for missing microcode
x86/srso: Fix unret validation dependencies
x86/srso: Improve i-cache locality for alias mitigation
x86/srso: Unexport untraining functions
x86/srso: Remove 'pred_cmd' label
x86/bugs: Remove default case for fully switched enums
x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block
x86/srso: Disentangle rethunk-dependent options
x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros
x86/nospec: Refactor UNTRAIN_RET[_*]
x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk()
objtool: Fix return thunk patching in retpolines
x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN
Yang Li (1):
x86/srso: Remove unnecessary semicolon
Documentation/admin-guide/hw-vuln/srso.rst | 24 ++--
arch/x86/entry/vdso/Makefile | 3 +-
arch/x86/include/asm/nospec-branch.h | 67 +++++------
arch/x86/kernel/callthunks.c | 5 -
arch/x86/kernel/cpu/bugs.c | 95 ++++++++-------
arch/x86/kernel/vmlinux.lds.S | 7 +-
arch/x86/lib/retpoline.S | 186 +++++++++++++++++------------
arch/x86/mm/pti.c | 58 ++++-----
include/linux/objtool.h | 3 +-
init/Makefile | 1 +
scripts/Makefile.vmlinux | 1 +
scripts/Makefile.vmlinux_o | 3 +-
tools/objtool/check.c | 16 +++
13 files changed, 258 insertions(+), 211 deletions(-)
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists