From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 22 Jul 2022 08:50:15 +0000 (+0200)
Subject: 5.18-stable patches
X-Git-Tag: v5.15.57~4
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5084510f573185b4794a9c077fd4c396521713fe;p=thirdparty%2Fkernel%2Fstable-queue.git

5.18-stable patches

added patches:
	tools-arch-x86-sync-the-msr-index.h-copy-with-the-kernel-sources.patch
	tools-headers-cpufeatures-sync-with-the-kernel-sources.patch
	um-add-missing-apply_returns.patch
	x86-bugs-remove-apostrophe-typo.patch
---

diff --git a/queue-5.18/series b/queue-5.18/series
index 8fbf112b228..e1655b8e588 100644
--- a/queue-5.18/series
+++ b/queue-5.18/series
@@ -64,3 +64,7 @@ x86-speculation-use-declare_per_cpu-for-x86_spec_ctrl_current.patch
 efi-x86-use-naked-ret-on-mixed-mode-call-wrapper.patch
 x86-kvm-fix-fastop_size-when-return-thunks-are-enabled.patch
 kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch
+tools-arch-x86-sync-the-msr-index.h-copy-with-the-kernel-sources.patch
+tools-headers-cpufeatures-sync-with-the-kernel-sources.patch
+x86-bugs-remove-apostrophe-typo.patch
+um-add-missing-apply_returns.patch
diff --git a/queue-5.18/tools-arch-x86-sync-the-msr-index.h-copy-with-the-kernel-sources.patch b/queue-5.18/tools-arch-x86-sync-the-msr-index.h-copy-with-the-kernel-sources.patch
new file mode 100644
index 00000000000..2e0a1aa0476
--- /dev/null
+++ b/queue-5.18/tools-arch-x86-sync-the-msr-index.h-copy-with-the-kernel-sources.patch
@@ -0,0 +1,61 @@
+From 91d248c3b903b46a58cbc7e8d38d684d3e4007c2 Mon Sep 17 00:00:00 2001
+From: Arnaldo Carvalho de Melo <acme@redhat.com>
+Date: Thu, 1 Jul 2021 13:32:18 -0300
+Subject: tools arch x86: Sync the msr-index.h copy with the kernel sources
+
+From: Arnaldo Carvalho de Melo <acme@redhat.com>
+
+commit 91d248c3b903b46a58cbc7e8d38d684d3e4007c2 upstream.
+
+To pick up the changes from these csets:
+
+  4ad3278df6fe2b08 ("x86/speculation: Disable RRSBA behavior")
+  d7caac991feeef1b ("x86/cpu/amd: Add Spectral Chicken")
+
+That cause no changes to tooling:
+
+  $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > before
+  $ cp arch/x86/include/asm/msr-index.h tools/arch/x86/include/asm/msr-index.h
+  $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > after
+  $ diff -u before after
+  $
+
+Just silences this perf build warning:
+
+  Warning: Kernel ABI header at 'tools/arch/x86/include/asm/msr-index.h' differs from latest version at 'arch/x86/include/asm/msr-index.h'
+  diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h
+
+Cc: Adrian Hunter <adrian.hunter@intel.com>
+Cc: Borislav Petkov <bp@suse.de>
+Cc: Ian Rogers <irogers@google.com>
+Cc: Jiri Olsa <jolsa@kernel.org>
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Link: https://lore.kernel.org/lkml/YtQTm9wsB3hxQWvy@kernel.org
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/arch/x86/include/asm/msr-index.h |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/tools/arch/x86/include/asm/msr-index.h
++++ b/tools/arch/x86/include/asm/msr-index.h
+@@ -93,6 +93,7 @@
+ #define MSR_IA32_ARCH_CAPABILITIES	0x0000010a
+ #define ARCH_CAP_RDCL_NO		BIT(0)	/* Not susceptible to Meltdown */
+ #define ARCH_CAP_IBRS_ALL		BIT(1)	/* Enhanced IBRS support */
++#define ARCH_CAP_RSBA			BIT(2)	/* RET may use alternative branch predictors */
+ #define ARCH_CAP_SKIP_VMENTRY_L1DFLUSH	BIT(3)	/* Skip L1D flush on vmentry */
+ #define ARCH_CAP_SSB_NO			BIT(4)	/*
+ 						 * Not susceptible to Speculative Store Bypass
+@@ -561,6 +562,9 @@
+ /* Fam 17h MSRs */
+ #define MSR_F17H_IRPERF			0xc00000e9
+ 
++#define MSR_ZEN2_SPECTRAL_CHICKEN	0xc00110e3
++#define MSR_ZEN2_SPECTRAL_CHICKEN_BIT	BIT_ULL(1)
++
+ /* Fam 16h MSRs */
+ #define MSR_F16H_L2I_PERF_CTL		0xc0010230
+ #define MSR_F16H_L2I_PERF_CTR		0xc0010231
diff --git a/queue-5.18/tools-headers-cpufeatures-sync-with-the-kernel-sources.patch b/queue-5.18/tools-headers-cpufeatures-sync-with-the-kernel-sources.patch
new file mode 100644
index 00000000000..d4d42b33f51
--- /dev/null
+++ b/queue-5.18/tools-headers-cpufeatures-sync-with-the-kernel-sources.patch
@@ -0,0 +1,130 @@
+From f098addbdb44c8a565367f5162f3ab170ed9404a Mon Sep 17 00:00:00 2001
+From: Arnaldo Carvalho de Melo <acme@redhat.com>
+Date: Thu, 1 Jul 2021 13:39:15 -0300
+Subject: tools headers cpufeatures: Sync with the kernel sources
+
+From: Arnaldo Carvalho de Melo <acme@redhat.com>
+
+commit f098addbdb44c8a565367f5162f3ab170ed9404a upstream.
+
+To pick the changes from:
+
+  f43b9876e857c739 ("x86/retbleed: Add fine grained Kconfig knobs")
+  a149180fbcf336e9 ("x86: Add magic AMD return-thunk")
+  15e67227c49a5783 ("x86: Undo return-thunk damage")
+  369ae6ffc41a3c11 ("x86/retpoline: Cleanup some #ifdefery")
+  4ad3278df6fe2b08 x86/speculation: Disable RRSBA behavior
+  26aae8ccbc197223 x86/cpu/amd: Enumerate BTC_NO
+  9756bba28470722d x86/speculation: Fill RSB on vmexit for IBRS
+  3ebc170068885b6f x86/bugs: Add retbleed=ibpb
+  2dbb887e875b1de3 x86/entry: Add kernel IBRS implementation
+  6b80b59b35557065 x86/bugs: Report AMD retbleed vulnerability
+  a149180fbcf336e9 x86: Add magic AMD return-thunk
+  15e67227c49a5783 x86: Undo return-thunk damage
+  a883d624aed463c8 x86/cpufeatures: Move RETPOLINE flags to word 11
+  51802186158c74a0 x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
+
+This only causes these perf files to be rebuilt:
+
+  CC       /tmp/build/perf/bench/mem-memcpy-x86-64-asm.o
+  CC       /tmp/build/perf/bench/mem-memset-x86-64-asm.o
+
+And addresses this perf build warning:
+
+  Warning: Kernel ABI header at 'tools/arch/x86/include/asm/cpufeatures.h' differs from latest version at 'arch/x86/include/asm/cpufeatures.h'
+  diff -u tools/arch/x86/include/asm/cpufeatures.h arch/x86/include/asm/cpufeatures.h
+  Warning: Kernel ABI header at 'tools/arch/x86/include/asm/disabled-features.h' differs from latest version at 'arch/x86/include/asm/disabled-features.h'
+  diff -u tools/arch/x86/include/asm/disabled-features.h arch/x86/include/asm/disabled-features.h
+
+Cc: Adrian Hunter <adrian.hunter@intel.com>
+Cc: Borislav Petkov <bp@suse.de>
+Cc: Ian Rogers <irogers@google.com>
+Cc: Jiri Olsa <jolsa@kernel.org>
+Cc: Namhyung Kim <namhyung@kernel.org>
+Cc: Peter Zijlstra <peterz@infradead.org
+Link: https://lore.kernel.org/lkml/YtQM40VmiLTkPND2@kernel.org
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ tools/arch/x86/include/asm/cpufeatures.h       |   12 ++++++++++--
+ tools/arch/x86/include/asm/disabled-features.h |   21 ++++++++++++++++++++-
+ 2 files changed, 30 insertions(+), 3 deletions(-)
+
+--- a/tools/arch/x86/include/asm/cpufeatures.h
++++ b/tools/arch/x86/include/asm/cpufeatures.h
+@@ -203,8 +203,8 @@
+ #define X86_FEATURE_PROC_FEEDBACK	( 7*32+ 9) /* AMD ProcFeedbackInterface */
+ /* FREE!                                ( 7*32+10) */
+ #define X86_FEATURE_PTI			( 7*32+11) /* Kernel Page Table Isolation enabled */
+-#define X86_FEATURE_RETPOLINE		( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */
+-#define X86_FEATURE_RETPOLINE_LFENCE	( 7*32+13) /* "" Use LFENCE for Spectre variant 2 */
++#define X86_FEATURE_KERNEL_IBRS		( 7*32+12) /* "" Set/clear IBRS on kernel entry/exit */
++#define X86_FEATURE_RSB_VMEXIT		( 7*32+13) /* "" Fill RSB on VM-Exit */
+ #define X86_FEATURE_INTEL_PPIN		( 7*32+14) /* Intel Processor Inventory Number */
+ #define X86_FEATURE_CDP_L2		( 7*32+15) /* Code and Data Prioritization L2 */
+ #define X86_FEATURE_MSR_SPEC_CTRL	( 7*32+16) /* "" MSR SPEC_CTRL is implemented */
+@@ -295,6 +295,12 @@
+ #define X86_FEATURE_PER_THREAD_MBA	(11*32+ 7) /* "" Per-thread Memory Bandwidth Allocation */
+ #define X86_FEATURE_SGX1		(11*32+ 8) /* "" Basic SGX */
+ #define X86_FEATURE_SGX2		(11*32+ 9) /* "" SGX Enclave Dynamic Memory Management (EDMM) */
++#define X86_FEATURE_ENTRY_IBPB		(11*32+10) /* "" Issue an IBPB on kernel entry */
++#define X86_FEATURE_RRSBA_CTRL		(11*32+11) /* "" RET prediction control */
++#define X86_FEATURE_RETPOLINE		(11*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */
++#define X86_FEATURE_RETPOLINE_LFENCE	(11*32+13) /* "" Use LFENCE for Spectre variant 2 */
++#define X86_FEATURE_RETHUNK		(11*32+14) /* "" Use REturn THUNK */
++#define X86_FEATURE_UNRET		(11*32+15) /* "" AMD BTB untrain return */
+ 
+ /* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */
+ #define X86_FEATURE_AVX_VNNI		(12*32+ 4) /* AVX VNNI instructions */
+@@ -315,6 +321,7 @@
+ #define X86_FEATURE_VIRT_SSBD		(13*32+25) /* Virtualized Speculative Store Bypass Disable */
+ #define X86_FEATURE_AMD_SSB_NO		(13*32+26) /* "" Speculative Store Bypass is fixed in hardware. */
+ #define X86_FEATURE_CPPC		(13*32+27) /* Collaborative Processor Performance Control */
++#define X86_FEATURE_BTC_NO		(13*32+29) /* "" Not vulnerable to Branch Type Confusion */
+ 
+ /* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */
+ #define X86_FEATURE_DTHERM		(14*32+ 0) /* Digital Thermal Sensor */
+@@ -444,5 +451,6 @@
+ #define X86_BUG_ITLB_MULTIHIT		X86_BUG(23) /* CPU may incur MCE during certain page attribute changes */
+ #define X86_BUG_SRBDS			X86_BUG(24) /* CPU may leak RNG bits if not mitigated */
+ #define X86_BUG_MMIO_STALE_DATA		X86_BUG(25) /* CPU is affected by Processor MMIO Stale Data vulnerabilities */
++#define X86_BUG_RETBLEED		X86_BUG(26) /* CPU is affected by RETBleed */
+ 
+ #endif /* _ASM_X86_CPUFEATURES_H */
+--- a/tools/arch/x86/include/asm/disabled-features.h
++++ b/tools/arch/x86/include/asm/disabled-features.h
+@@ -56,6 +56,25 @@
+ # define DISABLE_PTI		(1 << (X86_FEATURE_PTI & 31))
+ #endif
+ 
++#ifdef CONFIG_RETPOLINE
++# define DISABLE_RETPOLINE	0
++#else
++# define DISABLE_RETPOLINE	((1 << (X86_FEATURE_RETPOLINE & 31)) | \
++				 (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31)))
++#endif
++
++#ifdef CONFIG_RETHUNK
++# define DISABLE_RETHUNK	0
++#else
++# define DISABLE_RETHUNK	(1 << (X86_FEATURE_RETHUNK & 31))
++#endif
++
++#ifdef CONFIG_CPU_UNRET_ENTRY
++# define DISABLE_UNRET		0
++#else
++# define DISABLE_UNRET		(1 << (X86_FEATURE_UNRET & 31))
++#endif
++
+ #ifdef CONFIG_INTEL_IOMMU_SVM
+ # define DISABLE_ENQCMD		0
+ #else
+@@ -82,7 +101,7 @@
+ #define DISABLED_MASK8	0
+ #define DISABLED_MASK9	(DISABLE_SMAP|DISABLE_SGX)
+ #define DISABLED_MASK10	0
+-#define DISABLED_MASK11	0
++#define DISABLED_MASK11	(DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET)
+ #define DISABLED_MASK12	0
+ #define DISABLED_MASK13	0
+ #define DISABLED_MASK14	0
diff --git a/queue-5.18/um-add-missing-apply_returns.patch b/queue-5.18/um-add-missing-apply_returns.patch
new file mode 100644
index 00000000000..5b34d641460
--- /dev/null
+++ b/queue-5.18/um-add-missing-apply_returns.patch
@@ -0,0 +1,35 @@
+From 564d998106397394b6aad260f219b882b3347e62 Mon Sep 17 00:00:00 2001
+From: Peter Zijlstra <peterz@infradead.org>
+Date: Thu, 14 Jul 2022 12:20:19 +0200
+Subject: um: Add missing apply_returns()
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+commit 564d998106397394b6aad260f219b882b3347e62 upstream.
+
+Implement apply_returns() stub for UM, just like all the other patching
+routines.
+
+Fixes: 15e67227c49a ("x86: Undo return-thunk damage")
+Reported-by: Randy Dunlap <rdunlap@infradead.org)
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Link: https://lore.kernel.org/r/Ys%2Ft45l%2FgarIrD0u@worktop.programming.kicks-ass.net
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/um/kernel/um_arch.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/arch/um/kernel/um_arch.c
++++ b/arch/um/kernel/um_arch.c
+@@ -432,6 +432,10 @@ void apply_retpolines(s32 *start, s32 *e
+ {
+ }
+ 
++void apply_returns(s32 *start, s32 *end)
++{
++}
++
+ void apply_alternatives(struct alt_instr *start, struct alt_instr *end)
+ {
+ }
diff --git a/queue-5.18/x86-bugs-remove-apostrophe-typo.patch b/queue-5.18/x86-bugs-remove-apostrophe-typo.patch
new file mode 100644
index 00000000000..09fdbe67ad3
--- /dev/null
+++ b/queue-5.18/x86-bugs-remove-apostrophe-typo.patch
@@ -0,0 +1,30 @@
+From bcf163150cd37348a0cb59e95c916a83a9344b0e Mon Sep 17 00:00:00 2001
+From: Kim Phillips <kim.phillips@amd.com>
+Date: Fri, 8 Jul 2022 16:21:28 -0500
+Subject: x86/bugs: Remove apostrophe typo
+
+From: Kim Phillips <kim.phillips@amd.com>
+
+commit bcf163150cd37348a0cb59e95c916a83a9344b0e upstream.
+
+Remove a superfluous ' in the mitigation string.
+
+Fixes: e8ec1b6e08a2 ("x86/bugs: Enable STIBP for JMP2RET")
+Signed-off-by: Kim Phillips <kim.phillips@amd.com>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kernel/cpu/bugs.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/kernel/cpu/bugs.c
++++ b/arch/x86/kernel/cpu/bugs.c
+@@ -1174,7 +1174,7 @@ spectre_v2_user_select_mitigation(void)
+ 	if (retbleed_mitigation == RETBLEED_MITIGATION_UNRET) {
+ 		if (mode != SPECTRE_V2_USER_STRICT &&
+ 		    mode != SPECTRE_V2_USER_STRICT_PREFERRED)
+-			pr_info("Selecting STIBP always-on mode to complement retbleed mitigation'\n");
++			pr_info("Selecting STIBP always-on mode to complement retbleed mitigation\n");
+ 		mode = SPECTRE_V2_USER_STRICT_PREFERRED;
+ 	}
+