lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240412182049.r234qj2h2nuzqfxy@treble>
Date: Fri, 12 Apr 2024 11:20:49 -0700
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: x86@...nel.org
Cc: linux-kernel@...r.kernel.org,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
	Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Alexandre Chartre <alexandre.chartre@...cle.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Sean Christopherson <seanjc@...gle.com>,
	Andrew Cooper <andrew.cooper3@...rix.com>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Nikolay Borisov <nik.borisov@...e.com>,
	KP Singh <kpsingh@...nel.org>, Waiman Long <longman@...hat.com>,
	Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...nel.org>
Subject: Re: [PATCH 3/3] x86/bugs: Remove support for Spectre v2 LFENCE
 "retpolines"

On Fri, Apr 12, 2024 at 11:10:34AM -0700, Josh Poimboeuf wrote:
> ---
>  arch/x86/Makefile                             |  1 -
>  arch/x86/include/asm/cpufeatures.h            |  1 -
>  arch/x86/include/asm/disabled-features.h      |  3 +-
>  arch/x86/include/asm/nospec-branch.h          | 18 ++---
>  arch/x86/kernel/alternative.c                 | 17 +----
>  arch/x86/kernel/cpu/bugs.c                    | 66 +------------------
>  arch/x86/kernel/cpu/cpu.h                     |  3 +-
>  arch/x86/lib/retpoline.S                      |  5 +-
>  arch/x86/net/bpf_jit_comp.c                   |  5 +-
>  tools/arch/x86/include/asm/cpufeatures.h      |  1 -
>  .../arch/x86/include/asm/disabled-features.h  |  3 +-

Forgot the documentation updates:

diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index 25a04cda4c2c..de780db82cd8 100644
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -380,10 +380,8 @@ The possible values in this file are:
   'Not affected'                            The processor is not vulnerable
   'Mitigation: None'                        Vulnerable, no mitigation
   'Mitigation: Retpolines'                  Use Retpoline thunks
-  'Mitigation: LFENCE'                      Use LFENCE instructions
   'Mitigation: Enhanced IBRS'               Hardware-focused mitigation
   'Mitigation: Enhanced IBRS + Retpolines'  Hardware-focused + Retpolines
-  'Mitigation: Enhanced IBRS + LFENCE'      Hardware-focused + LFENCE
   ========================================  =================================
 
   - Firmware status: Show if Indirect Branch Restricted Speculation (IBRS) is
@@ -640,13 +638,10 @@ kernel command line.
 
 		Specific mitigations can also be selected manually:
 
-                retpoline               auto pick between generic,lfence
+                retpoline               Retpolines
                 retpoline,generic       Retpolines
-                retpoline,lfence        LFENCE; indirect branch
-                retpoline,amd           alias for retpoline,lfence
                 eibrs                   Enhanced/Auto IBRS
                 eibrs,retpoline         Enhanced/Auto IBRS + Retpolines
-                eibrs,lfence            Enhanced/Auto IBRS + LFENCE
                 ibrs                    use IBRS to protect kernel
 
 		Not specifying this option is equivalent to
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 902ecd92a29f..edbfba7299e7 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -6099,13 +6099,10 @@
 
 			Specific mitigations can also be selected manually:
 
-			retpoline	  - replace indirect branches
+			retpoline	  - Retpolines
 			retpoline,generic - Retpolines
-			retpoline,lfence  - LFENCE; indirect branch
-			retpoline,amd     - alias for retpoline,lfence
 			eibrs		  - Enhanced/Auto IBRS
 			eibrs,retpoline   - Enhanced/Auto IBRS + Retpolines
-			eibrs,lfence      - Enhanced/Auto IBRS + LFENCE
 			ibrs		  - use IBRS to protect kernel
 
 			Not specifying this option is equivalent to

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ