diff --git a/debian/changelog b/debian/changelog index e8b1dae6a..3b67206b0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,7 @@ linux (4.19.67-2+deb10u2) UNRELEASED; urgency=medium - x86/tsx: Add "auto" option to the tsx= cmdline parameter - x86/speculation/taa: Add documentation for TSX Async Abort - x86/tsx: Add config options to set tsx=on|off|auto + - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs TSX is now disabled by default; see Documentation/admin-guide/hw-vuln/tsx_async_abort.rst * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change diff --git a/debian/patches/bugfix/x86/taa/0010-x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch b/debian/patches/bugfix/x86/taa/0010-x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch new file mode 100644 index 000000000..e2a39e5cf --- /dev/null +++ b/debian/patches/bugfix/x86/taa/0010-x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch @@ -0,0 +1,49 @@ +From: Josh Poimboeuf +Date: Wed, 6 Nov 2019 20:26:46 -0600 +Subject: x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs +Origin: https://git.kernel.org/linus/012206a822a8b6ac09125bfaa210a95b9eb8f1c1 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11135 + +For new IBRS_ALL CPUs, the Enhanced IBRS check at the beginning of +cpu_bugs_smt_update() causes the function to return early, unintentionally +skipping the MDS and TAA logic. + +This is not a problem for MDS, because there appears to be no overlap +between IBRS_ALL and MDS-affected CPUs. So the MDS mitigation would be +disabled and nothing would need to be done in this function anyway. + +But for TAA, the TAA_MSG_SMT string will never get printed on Cascade +Lake and newer. + +The check is superfluous anyway: when 'spectre_v2_enabled' is +SPECTRE_V2_IBRS_ENHANCED, 'spectre_v2_user' is always +SPECTRE_V2_USER_NONE, and so the 'spectre_v2_user' switch statement +handles it appropriately by doing nothing. So just remove the check. + +Fixes: 1b42f017415b ("x86/speculation/taa: Add mitigation for TSX Async Abort") +Signed-off-by: Josh Poimboeuf +Signed-off-by: Thomas Gleixner +Reviewed-by: Tyler Hicks +Reviewed-by: Borislav Petkov +--- + arch/x86/kernel/cpu/bugs.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c +index 8237b86ba6dc..10d11586f805 100644 +--- a/arch/x86/kernel/cpu/bugs.c ++++ b/arch/x86/kernel/cpu/bugs.c +@@ -886,10 +886,6 @@ static void update_mds_branch_idle(void) + + void arch_smt_update(void) + { +- /* Enhanced IBRS implies STIBP. No update required. */ +- if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) +- return; +- + mutex_lock(&spec_ctrl_mutex); + + switch (spectre_v2_user) { +-- +2.24.0 + diff --git a/debian/patches/series b/debian/patches/series index 9b65b8dc2..7052e4b61 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -267,6 +267,7 @@ bugfix/x86/taa/0006-kvm-x86-Export-MDS_NO-0-to-guests-when-TSX-is-enable.patch bugfix/x86/taa/0007-x86-tsx-Add-auto-option-to-the-tsx-cmdline-parameter.patch bugfix/x86/taa/0008-x86-speculation-taa-Add-documentation-for-TSX-Async-.patch bugfix/x86/taa/0009-x86-tsx-Add-config-options-to-set-tsx-on-off-auto.patch +bugfix/x86/taa/0010-x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch bugfix/x86/itlb_multihit/0010-KVM-x86-adjust-kvm_mmu_page-member-to-save-8-bytes.patch bugfix/x86/itlb_multihit/0011-kvm-Convert-kvm_lock-to-a-mutex.patch bugfix/x86/itlb_multihit/0012-kvm-x86-Do-not-release-the-page-inside-mmu_set_spte.patch