From edddcb032302383bfae2f30c49db33e5e924fc9f Mon Sep 17 00:00:00 2001 From: Jan200101 Date: Sat, 23 Jul 2022 16:01:35 +0200 Subject: kernel 5.18.13 --- SOURCES/Patchlist.changelog | 27 +++ SOURCES/kernel-aarch64-debug-fedora.config | 2 +- SOURCES/kernel-aarch64-fedora.config | 2 +- SOURCES/kernel-armv7hl-debug-fedora.config | 2 +- SOURCES/kernel-armv7hl-fedora.config | 2 +- SOURCES/kernel-armv7hl-lpae-debug-fedora.config | 2 +- SOURCES/kernel-armv7hl-lpae-fedora.config | 2 +- SOURCES/kernel-ppc64le-debug-fedora.config | 2 +- SOURCES/kernel-ppc64le-fedora.config | 2 +- SOURCES/kernel-s390x-debug-fedora.config | 2 +- SOURCES/kernel-s390x-fedora.config | 2 +- SOURCES/patch-5.18-redhat.patch | 269 ++++++++++++++++++++---- 12 files changed, 265 insertions(+), 51 deletions(-) (limited to 'SOURCES') diff --git a/SOURCES/Patchlist.changelog b/SOURCES/Patchlist.changelog index 823e52d..7e37484 100644 --- a/SOURCES/Patchlist.changelog +++ b/SOURCES/Patchlist.changelog @@ -1,3 +1,30 @@ +"https://gitlab.com/cki-project/kernel-ark/-/commit"/f014b0b869404c24a955539ae044dae72f639cce + f014b0b869404c24a955539ae044dae72f639cce um: Add missing apply_returns() + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/0aabd44e8df94774bcadbd06c88a49257f5b27f3 + 0aabd44e8df94774bcadbd06c88a49257f5b27f3 x86/bugs: Remove apostrophe typo + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/7095e33ea429177c0b44b7194efeb334af5fd897 + 7095e33ea429177c0b44b7194efeb334af5fd897 tools headers cpufeatures: Sync with the kernel sources + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/44a6c2ee845e197336ad8993d9369d11a342b9b3 + 44a6c2ee845e197336ad8993d9369d11a342b9b3 tools arch x86: Sync the msr-index.h copy with the kernel sources + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/d93f9a7a81a4fcfad3c03b2d3aee7f3ce15b73dc + d93f9a7a81a4fcfad3c03b2d3aee7f3ce15b73dc KVM: emulate: do not adjust size of fastop and setcc subroutines + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/eda959dfce68b14c64ed2a46be10c3ad190dfec9 + eda959dfce68b14c64ed2a46be10c3ad190dfec9 x86/kvm: fix FASTOP_SIZE when return thunks are enabled + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/ea3cd1bd63d9f4f574c2859b5b0d8ffabc430bef + ea3cd1bd63d9f4f574c2859b5b0d8ffabc430bef efi/x86: use naked RET on mixed mode call wrapper + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/0b667f92cd5ec5d23426696cf698af4464954c8b + 0b667f92cd5ec5d23426696cf698af4464954c8b x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current + +"https://gitlab.com/cki-project/kernel-ark/-/commit"/9fb40753adacf689d8bf16ddccafec7a9cb506c0 + 9fb40753adacf689d8bf16ddccafec7a9cb506c0 x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit + "https://gitlab.com/cki-project/kernel-ark/-/commit"/124840092adcbd2b256ecb6ec277d90a52e9ca35 124840092adcbd2b256ecb6ec277d90a52e9ca35 x86/static_call: Serialize __static_call_fixup() properly diff --git a/SOURCES/kernel-aarch64-debug-fedora.config b/SOURCES/kernel-aarch64-debug-fedora.config index 638f983..12d79a4 100644 --- a/SOURCES/kernel-aarch64-debug-fedora.config +++ b/SOURCES/kernel-aarch64-debug-fedora.config @@ -2175,7 +2175,7 @@ CONFIG_FAULT_INJECTION=y # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-aarch64-fedora.config b/SOURCES/kernel-aarch64-fedora.config index 4e2a99d..2c7fa0d 100644 --- a/SOURCES/kernel-aarch64-fedora.config +++ b/SOURCES/kernel-aarch64-fedora.config @@ -2159,7 +2159,7 @@ CONFIG_FAT_KUNIT_TEST=m # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-armv7hl-debug-fedora.config b/SOURCES/kernel-armv7hl-debug-fedora.config index 5e1a23d..7354b4f 100644 --- a/SOURCES/kernel-armv7hl-debug-fedora.config +++ b/SOURCES/kernel-armv7hl-debug-fedora.config @@ -2205,7 +2205,7 @@ CONFIG_FAULT_INJECTION=y # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-armv7hl-fedora.config b/SOURCES/kernel-armv7hl-fedora.config index 5630d15..acb7468 100644 --- a/SOURCES/kernel-armv7hl-fedora.config +++ b/SOURCES/kernel-armv7hl-fedora.config @@ -2190,7 +2190,7 @@ CONFIG_FAT_KUNIT_TEST=m # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-armv7hl-lpae-debug-fedora.config b/SOURCES/kernel-armv7hl-lpae-debug-fedora.config index 7b5c0bf..8379cd2 100644 --- a/SOURCES/kernel-armv7hl-lpae-debug-fedora.config +++ b/SOURCES/kernel-armv7hl-lpae-debug-fedora.config @@ -2159,7 +2159,7 @@ CONFIG_FAULT_INJECTION=y # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-armv7hl-lpae-fedora.config b/SOURCES/kernel-armv7hl-lpae-fedora.config index b60b576..2e15971 100644 --- a/SOURCES/kernel-armv7hl-lpae-fedora.config +++ b/SOURCES/kernel-armv7hl-lpae-fedora.config @@ -2144,7 +2144,7 @@ CONFIG_FAT_KUNIT_TEST=m # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_DA8XX is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-ppc64le-debug-fedora.config b/SOURCES/kernel-ppc64le-debug-fedora.config index 88d44a0..0a8cd3d 100644 --- a/SOURCES/kernel-ppc64le-debug-fedora.config +++ b/SOURCES/kernel-ppc64le-debug-fedora.config @@ -1724,7 +1724,7 @@ CONFIG_FAULT_INJECTION=y # CONFIG_FB_CARMINE is not set # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-ppc64le-fedora.config b/SOURCES/kernel-ppc64le-fedora.config index cdabb22..2ef9c58 100644 --- a/SOURCES/kernel-ppc64le-fedora.config +++ b/SOURCES/kernel-ppc64le-fedora.config @@ -1707,7 +1707,7 @@ CONFIG_FAT_KUNIT_TEST=m # CONFIG_FB_CARMINE is not set # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-s390x-debug-fedora.config b/SOURCES/kernel-s390x-debug-fedora.config index 9b34ade..4a1da83 100644 --- a/SOURCES/kernel-s390x-debug-fedora.config +++ b/SOURCES/kernel-s390x-debug-fedora.config @@ -1733,7 +1733,7 @@ CONFIG_FAULT_INJECTION=y # CONFIG_FB_CARMINE is not set # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/kernel-s390x-fedora.config b/SOURCES/kernel-s390x-fedora.config index aeb3c17..4f446d8 100644 --- a/SOURCES/kernel-s390x-fedora.config +++ b/SOURCES/kernel-s390x-fedora.config @@ -1716,7 +1716,7 @@ CONFIG_FAT_KUNIT_TEST=m # CONFIG_FB_CARMINE is not set # CONFIG_FB_CIRRUS is not set # CONFIG_FB_CYBER2000 is not set -# CONFIG_FB_EFI is not set +CONFIG_FB_EFI=y # CONFIG_FB_FOREIGN_ENDIAN is not set # CONFIG_FB_HYPERV is not set # CONFIG_FB_I740 is not set diff --git a/SOURCES/patch-5.18-redhat.patch b/SOURCES/patch-5.18-redhat.patch index 522818b..9cbca1c 100644 --- a/SOURCES/patch-5.18-redhat.patch +++ b/SOURCES/patch-5.18-redhat.patch @@ -5,6 +5,7 @@ arch/s390/include/asm/ipl.h | 1 + arch/s390/kernel/ipl.c | 5 + arch/s390/kernel/setup.c | 4 + + arch/um/kernel/um_arch.c | 4 + arch/x86/Kconfig | 103 ++++- arch/x86/Makefile | 6 + arch/x86/boot/header.S | 4 + @@ -22,7 +23,7 @@ arch/x86/include/asm/efi.h | 5 + arch/x86/include/asm/linkage.h | 8 + arch/x86/include/asm/msr-index.h | 13 + - arch/x86/include/asm/nospec-branch.h | 68 ++- + arch/x86/include/asm/nospec-branch.h | 69 ++- arch/x86/include/asm/static_call.h | 19 +- arch/x86/include/asm/traps.h | 2 +- arch/x86/include/asm/unwind_hints.h | 14 +- @@ -35,6 +36,7 @@ arch/x86/kernel/cpu/hygon.c | 6 + arch/x86/kernel/cpu/scattered.c | 1 + arch/x86/kernel/ftrace.c | 7 +- + arch/x86/kernel/head_32.S | 1 + arch/x86/kernel/head_64.S | 5 + arch/x86/kernel/module.c | 8 +- arch/x86/kernel/process.c | 2 +- @@ -44,7 +46,7 @@ arch/x86/kernel/static_call.c | 51 ++- arch/x86/kernel/traps.c | 19 +- arch/x86/kernel/vmlinux.lds.S | 9 +- - arch/x86/kvm/emulate.c | 28 +- + arch/x86/kvm/emulate.c | 35 +- arch/x86/kvm/svm/vmenter.S | 18 + arch/x86/kvm/vmx/capabilities.h | 4 +- arch/x86/kvm/vmx/nested.c | 2 +- @@ -58,6 +60,7 @@ arch/x86/lib/retpoline.S | 79 +++- arch/x86/mm/mem_encrypt_boot.S | 10 +- arch/x86/net/bpf_jit_comp.c | 26 +- + arch/x86/platform/efi/efi_thunk_64.S | 5 +- arch/x86/xen/setup.c | 6 +- arch/x86/xen/xen-asm.S | 30 +- arch/x86/xen/xen-head.S | 1 + @@ -105,7 +108,9 @@ security/lockdown/Kconfig | 13 + security/lockdown/lockdown.c | 1 + security/security.c | 6 + - tools/arch/x86/include/asm/msr-index.h | 9 + + tools/arch/x86/include/asm/cpufeatures.h | 12 +- + tools/arch/x86/include/asm/disabled-features.h | 21 +- + tools/arch/x86/include/asm/msr-index.h | 13 + tools/include/linux/objtool.h | 9 +- tools/objtool/arch/x86/decode.c | 5 + tools/objtool/builtin-check.c | 4 +- @@ -116,7 +121,7 @@ tools/objtool/include/objtool/elf.h | 1 + tools/objtool/include/objtool/objtool.h | 1 + tools/objtool/objtool.c | 1 + - 118 files changed, 2609 insertions(+), 614 deletions(-) + 123 files changed, 2656 insertions(+), 622 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index c4893782055b..eb92195ca015 100644 @@ -162,7 +167,7 @@ index c4893782055b..eb92195ca015 100644 Not specifying this option is equivalent to spectre_v2=auto. diff --git a/Makefile b/Makefile -index 323032d60ac3..bbb113602cc8 100644 +index 1f3c753cb28d..89ed649fae1b 100644 --- a/Makefile +++ b/Makefile @@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \ @@ -260,6 +265,21 @@ index 2cef49983e9e..c50998b4b554 100644 /* Have one command line that is parsed and saved in /proc/cmdline */ /* boot_command_line has been already set up in early.c */ *cmdline_p = boot_command_line; +diff --git a/arch/um/kernel/um_arch.c b/arch/um/kernel/um_arch.c +index 0760e24f2eba..9838967d0b2f 100644 +--- a/arch/um/kernel/um_arch.c ++++ b/arch/um/kernel/um_arch.c +@@ -432,6 +432,10 @@ void apply_retpolines(s32 *start, s32 *end) + { + } + ++void apply_returns(s32 *start, s32 *end) ++{ ++} ++ + void apply_alternatives(struct alt_instr *start, struct alt_instr *end) + { + } diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index b2c65f573353..4d1d87f76a74 100644 --- a/arch/x86/Kconfig @@ -1148,10 +1168,18 @@ index 4425d6773183..ad084326f24c 100644 #define MSR_F16H_L2I_PERF_CTL 0xc0010230 #define MSR_F16H_L2I_PERF_CTR 0xc0010231 diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h -index da251a5645b0..bb05ed4f46bd 100644 +index da251a5645b0..10a3bfc1eb23 100644 --- a/arch/x86/include/asm/nospec-branch.h +++ b/arch/x86/include/asm/nospec-branch.h -@@ -75,6 +75,23 @@ +@@ -11,6 +11,7 @@ + #include + #include + #include ++#include + + #define RETPOLINE_THUNK_SIZE 32 + +@@ -75,6 +76,23 @@ .popsection .endm @@ -1175,7 +1203,7 @@ index da251a5645b0..bb05ed4f46bd 100644 /* * JMP_NOSPEC and CALL_NOSPEC macros can be used instead of a simple * indirect jmp/call which may be susceptible to the Spectre variant 2 -@@ -105,10 +122,34 @@ +@@ -105,10 +123,34 @@ * monstrosity above, manually. */ .macro FILL_RETURN_BUFFER reg:req nr:req ftr:req @@ -1211,7 +1239,7 @@ index da251a5645b0..bb05ed4f46bd 100644 #endif .endm -@@ -120,17 +161,20 @@ +@@ -120,17 +162,20 @@ _ASM_PTR " 999b\n\t" \ ".popsection\n\t" @@ -1236,7 +1264,7 @@ index da251a5645b0..bb05ed4f46bd 100644 #ifdef CONFIG_X86_64 /* -@@ -193,6 +237,7 @@ enum spectre_v2_mitigation { +@@ -193,6 +238,7 @@ enum spectre_v2_mitigation { SPECTRE_V2_EIBRS, SPECTRE_V2_EIBRS_RETPOLINE, SPECTRE_V2_EIBRS_LFENCE, @@ -1244,17 +1272,17 @@ index da251a5645b0..bb05ed4f46bd 100644 }; /* The indirect branch speculation control variants */ -@@ -235,6 +280,9 @@ static inline void indirect_branch_prediction_barrier(void) +@@ -235,6 +281,9 @@ static inline void indirect_branch_prediction_barrier(void) /* The Intel SPEC CTRL MSR base value cache */ extern u64 x86_spec_ctrl_base; -+extern u64 x86_spec_ctrl_current; ++DECLARE_PER_CPU(u64, x86_spec_ctrl_current); +extern void write_spec_ctrl_current(u64 val, bool force); +extern u64 spec_ctrl_current(void); /* * With retpoline, we must use IBRS to restrict branch prediction -@@ -244,18 +292,16 @@ extern u64 x86_spec_ctrl_base; +@@ -244,18 +293,16 @@ extern u64 x86_spec_ctrl_base; */ #define firmware_restrict_branch_speculation_start() \ do { \ @@ -1564,7 +1592,7 @@ index 0c0b09796ced..35d5288394cb 100644 } diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c -index a8a9f6406331..f6dfa26ed88b 100644 +index a8a9f6406331..0b64e894b383 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -38,6 +38,8 @@ @@ -1948,7 +1976,7 @@ index a8a9f6406331..f6dfa26ed88b 100644 + if (retbleed_mitigation == RETBLEED_MITIGATION_UNRET) { + if (mode != SPECTRE_V2_USER_STRICT && + mode != SPECTRE_V2_USER_STRICT_PREFERRED) -+ pr_info("Selecting STIBP always-on mode to complement retbleed mitigation'\n"); ++ pr_info("Selecting STIBP always-on mode to complement retbleed mitigation\n"); + mode = SPECTRE_V2_USER_STRICT_PREFERRED; + } + @@ -2451,6 +2479,18 @@ index 1e31c7d21597..6892ca67d9c6 100644 /* No need to test direct calls on created trampolines */ if (ops->flags & FTRACE_OPS_FL_SAVE_REGS) { +diff --git a/arch/x86/kernel/head_32.S b/arch/x86/kernel/head_32.S +index eb8656bac99b..9b7acc9c7874 100644 +--- a/arch/x86/kernel/head_32.S ++++ b/arch/x86/kernel/head_32.S +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + #include + #include + #include diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index b8e3019547a5..3178fd81f93f 100644 --- a/arch/x86/kernel/head_64.S @@ -2898,10 +2938,36 @@ index 7fda7f27e762..071faf2c8a77 100644 #ifdef CONFIG_X86_KERNEL_IBT diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c -index 89b11e7dca8a..db96bf7d1122 100644 +index 89b11e7dca8a..f8382abe22ff 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c -@@ -325,13 +325,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop); +@@ -189,9 +189,6 @@ + #define X8(x...) X4(x), X4(x) + #define X16(x...) X8(x), X8(x) + +-#define NR_FASTOP (ilog2(sizeof(ulong)) + 1) +-#define FASTOP_SIZE (8 * (1 + HAS_KERNEL_IBT)) +- + struct opcode { + u64 flags; + u8 intercept; +@@ -306,9 +303,15 @@ static void invalidate_registers(struct x86_emulate_ctxt *ctxt) + * Moreover, they are all exactly FASTOP_SIZE bytes long, so functions for + * different operand sizes can be reached by calculation, rather than a jump + * table (which would be bigger than the code). ++ * ++ * The 16 byte alignment, considering 5 bytes for the RET thunk, 3 for ENDBR ++ * and 1 for the straight line speculation INT3, leaves 7 bytes for the ++ * body of the function. Currently none is larger than 4. + */ + static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop); + ++#define FASTOP_SIZE 16 ++ + #define __FOP_FUNC(name) \ + ".align " __stringify(FASTOP_SIZE) " \n\t" \ + ".type " name ", @function \n\t" \ +@@ -325,13 +328,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop); #define FOP_RET(name) \ __FOP_RET(#name) @@ -2919,7 +2985,7 @@ index 89b11e7dca8a..db96bf7d1122 100644 #define FOP_END \ ".popsection") -@@ -435,16 +437,15 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop); +@@ -435,17 +440,12 @@ static int fastop(struct x86_emulate_ctxt *ctxt, fastop_t fop); /* * Depending on .config the SETcc functions look like: * @@ -2937,14 +3003,12 @@ index 89b11e7dca8a..db96bf7d1122 100644 */ -#define SETCC_LENGTH (ENDBR_INSN_SIZE + 4 + IS_ENABLED(CONFIG_SLS)) -#define SETCC_ALIGN (4 << IS_ENABLED(CONFIG_SLS) << HAS_KERNEL_IBT) -+#define RET_LENGTH (1 + (4 * IS_ENABLED(CONFIG_RETHUNK)) + \ -+ IS_ENABLED(CONFIG_SLS)) -+#define SETCC_LENGTH (ENDBR_INSN_SIZE + 3 + RET_LENGTH) -+#define SETCC_ALIGN (4 << ((SETCC_LENGTH > 4) & 1) << ((SETCC_LENGTH > 8) & 1)) - static_assert(SETCC_LENGTH <= SETCC_ALIGN); +-static_assert(SETCC_LENGTH <= SETCC_ALIGN); ++#define SETCC_ALIGN 16 #define FOP_SETCC(op) \ -@@ -453,9 +454,10 @@ static_assert(SETCC_LENGTH <= SETCC_ALIGN); + ".align " __stringify(SETCC_ALIGN) " \n\t" \ +@@ -453,9 +453,10 @@ static_assert(SETCC_LENGTH <= SETCC_ALIGN); #op ": \n\t" \ ASM_ENDBR \ #op " %al \n\t" \ @@ -3498,10 +3562,10 @@ index 5e7f41225780..5cfc49ddb1b4 100644 asmlinkage void vmread_error(unsigned long field, bool fault); __attribute__((regparm(0))) void vmread_error_trampoline(unsigned long field, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 558d1f2ab5b4..9caa902f0de1 100644 +index 828f5cf1af45..53b6fdf30c99 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c -@@ -12531,9 +12531,9 @@ void kvm_arch_end_assignment(struct kvm *kvm) +@@ -12533,9 +12533,9 @@ void kvm_arch_end_assignment(struct kvm *kvm) } EXPORT_SYMBOL_GPL(kvm_arch_end_assignment); @@ -3716,6 +3780,29 @@ index 4c71fa04e784..2dab2816b3f7 100644 /* Make sure the trampoline generation logic doesn't overflow */ if (WARN_ON_ONCE(prog > (u8 *)image_end - BPF_INSN_SAFETY)) { ret = -EFAULT; +diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S +index 854dd81804b7..bc740a7c438c 100644 +--- a/arch/x86/platform/efi/efi_thunk_64.S ++++ b/arch/x86/platform/efi/efi_thunk_64.S +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + .text + .code64 +@@ -75,7 +76,9 @@ STACK_FRAME_NON_STANDARD __efi64_thunk + 1: movq 0x20(%rsp), %rsp + pop %rbx + pop %rbp +- RET ++ ANNOTATE_UNRET_SAFE ++ ret ++ int3 + + .code32 + 2: pushl $__KERNEL_CS diff --git a/arch/x86/xen/setup.c b/arch/x86/xen/setup.c index 81aa46f770c5..cfa99e8f054b 100644 --- a/arch/x86/xen/setup.c @@ -3830,7 +3917,7 @@ index caa9bc2fa100..6b4fdf6b9542 100644 #endif /* CONFIG_IA32_EMULATION */ diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S -index 3a2cd93bf059..fa884fc73e07 100644 +index 13af6fe453e3..ffaa62167f6e 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S @@ -26,6 +26,7 @@ SYM_CODE_START(hypercall_page) @@ -4559,7 +4646,7 @@ index 000000000000..de0a3714a5d4 + } +} diff --git a/drivers/firmware/sysfb.c b/drivers/firmware/sysfb.c -index 2bfbb05f7d89..a504f7234f35 100644 +index 1f276f108cc9..7039ad9bdf7f 100644 --- a/drivers/firmware/sysfb.c +++ b/drivers/firmware/sysfb.c @@ -34,6 +34,22 @@ @@ -4582,18 +4669,18 @@ index 2bfbb05f7d89..a504f7234f35 100644 +} +early_param("nvidia-drm.modeset", simpledrm_disable); + - static __init int sysfb_init(void) - { - struct screen_info *si = &screen_info; -@@ -45,7 +61,7 @@ static __init int sysfb_init(void) + static struct platform_device *pd; + static DEFINE_MUTEX(disable_lock); + static bool disabled; +@@ -83,7 +99,7 @@ static __init int sysfb_init(void) /* try to create a simple-framebuffer device */ compatible = sysfb_parse_mode(si, &mode); - if (compatible) { + if (compatible && !skip_simpledrm) { - ret = sysfb_create_simplefb(si, &mode); - if (!ret) - return 0; + pd = sysfb_create_simplefb(si, &mode); + if (!IS_ERR(pd)) + goto unlock_mutex; diff --git a/drivers/gpu/drm/i915/display/intel_psr.c b/drivers/gpu/drm/i915/display/intel_psr.c index 6c9e6e7f0afd..f0ff2f1f5fcb 100644 --- a/drivers/gpu/drm/i915/display/intel_psr.c @@ -5121,7 +5208,7 @@ index 857d4c2fd1a2..9353941f3a97 100644 * Changes the default domain of an iommu group that has *only* one device * diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c -index a2862a56fadc..1cddbc757925 100644 +index c9831daafbc6..5c4bb1e9ba0a 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -240,6 +240,9 @@ static void nvme_delete_ctrl_sync(struct nvme_ctrl *ctrl) @@ -5235,10 +5322,10 @@ index d464fdf978fb..acdaab3d7697 100644 if (!ctrl->max_namespaces || diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h -index a2b53ca63335..021e51c64cde 100644 +index 337ae1e3ad25..727cc7fb542e 100644 --- a/drivers/nvme/host/nvme.h +++ b/drivers/nvme/host/nvme.h -@@ -800,6 +800,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys); +@@ -801,6 +801,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys); void nvme_mpath_start_freeze(struct nvme_subsystem *subsys); void nvme_mpath_default_iopolicy(struct nvme_subsystem *subsys); void nvme_failover_req(struct request *req); @@ -5246,7 +5333,7 @@ index a2b53ca63335..021e51c64cde 100644 void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl); int nvme_mpath_alloc_disk(struct nvme_ctrl *ctrl,struct nvme_ns_head *head); void nvme_mpath_add_disk(struct nvme_ns *ns, struct nvme_id_ns *id); -@@ -836,6 +837,9 @@ static inline bool nvme_ctrl_use_ana(struct nvme_ctrl *ctrl) +@@ -837,6 +838,9 @@ static inline bool nvme_ctrl_use_ana(struct nvme_ctrl *ctrl) static inline void nvme_failover_req(struct request *req) { } @@ -5695,8 +5782,90 @@ index aaf6566deb9f..86926966c15d 100644 #ifdef CONFIG_PERF_EVENTS int security_perf_event_open(struct perf_event_attr *attr, int type) { +diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h +index e17de69faa54..5d09ded0c491 100644 +--- a/tools/arch/x86/include/asm/cpufeatures.h ++++ b/tools/arch/x86/include/asm/cpufeatures.h +@@ -203,8 +203,8 @@ + #define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */ + /* FREE! ( 7*32+10) */ + #define X86_FEATURE_PTI ( 7*32+11) /* Kernel Page Table Isolation enabled */ +-#define X86_FEATURE_RETPOLINE ( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */ +-#define X86_FEATURE_RETPOLINE_LFENCE ( 7*32+13) /* "" Use LFENCE for Spectre variant 2 */ ++#define X86_FEATURE_KERNEL_IBRS ( 7*32+12) /* "" Set/clear IBRS on kernel entry/exit */ ++#define X86_FEATURE_RSB_VMEXIT ( 7*32+13) /* "" Fill RSB on VM-Exit */ + #define X86_FEATURE_INTEL_PPIN ( 7*32+14) /* Intel Processor Inventory Number */ + #define X86_FEATURE_CDP_L2 ( 7*32+15) /* Code and Data Prioritization L2 */ + #define X86_FEATURE_MSR_SPEC_CTRL ( 7*32+16) /* "" MSR SPEC_CTRL is implemented */ +@@ -295,6 +295,12 @@ + #define X86_FEATURE_PER_THREAD_MBA (11*32+ 7) /* "" Per-thread Memory Bandwidth Allocation */ + #define X86_FEATURE_SGX1 (11*32+ 8) /* "" Basic SGX */ + #define X86_FEATURE_SGX2 (11*32+ 9) /* "" SGX Enclave Dynamic Memory Management (EDMM) */ ++#define X86_FEATURE_ENTRY_IBPB (11*32+10) /* "" Issue an IBPB on kernel entry */ ++#define X86_FEATURE_RRSBA_CTRL (11*32+11) /* "" RET prediction control */ ++#define X86_FEATURE_RETPOLINE (11*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */ ++#define X86_FEATURE_RETPOLINE_LFENCE (11*32+13) /* "" Use LFENCE for Spectre variant 2 */ ++#define X86_FEATURE_RETHUNK (11*32+14) /* "" Use REturn THUNK */ ++#define X86_FEATURE_UNRET (11*32+15) /* "" AMD BTB untrain return */ + + /* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */ + #define X86_FEATURE_AVX_VNNI (12*32+ 4) /* AVX VNNI instructions */ +@@ -315,6 +321,7 @@ + #define X86_FEATURE_VIRT_SSBD (13*32+25) /* Virtualized Speculative Store Bypass Disable */ + #define X86_FEATURE_AMD_SSB_NO (13*32+26) /* "" Speculative Store Bypass is fixed in hardware. */ + #define X86_FEATURE_CPPC (13*32+27) /* Collaborative Processor Performance Control */ ++#define X86_FEATURE_BTC_NO (13*32+29) /* "" Not vulnerable to Branch Type Confusion */ + + /* Thermal and Power Management Leaf, CPUID level 0x00000006 (EAX), word 14 */ + #define X86_FEATURE_DTHERM (14*32+ 0) /* Digital Thermal Sensor */ +@@ -444,5 +451,6 @@ + #define X86_BUG_ITLB_MULTIHIT X86_BUG(23) /* CPU may incur MCE during certain page attribute changes */ + #define X86_BUG_SRBDS X86_BUG(24) /* CPU may leak RNG bits if not mitigated */ + #define X86_BUG_MMIO_STALE_DATA X86_BUG(25) /* CPU is affected by Processor MMIO Stale Data vulnerabilities */ ++#define X86_BUG_RETBLEED X86_BUG(26) /* CPU is affected by RETBleed */ + + #endif /* _ASM_X86_CPUFEATURES_H */ +diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h +index 1231d63f836d..f7be189e9723 100644 +--- a/tools/arch/x86/include/asm/disabled-features.h ++++ b/tools/arch/x86/include/asm/disabled-features.h +@@ -56,6 +56,25 @@ + # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) + #endif + ++#ifdef CONFIG_RETPOLINE ++# define DISABLE_RETPOLINE 0 ++#else ++# define DISABLE_RETPOLINE ((1 << (X86_FEATURE_RETPOLINE & 31)) | \ ++ (1 << (X86_FEATURE_RETPOLINE_LFENCE & 31))) ++#endif ++ ++#ifdef CONFIG_RETHUNK ++# define DISABLE_RETHUNK 0 ++#else ++# define DISABLE_RETHUNK (1 << (X86_FEATURE_RETHUNK & 31)) ++#endif ++ ++#ifdef CONFIG_CPU_UNRET_ENTRY ++# define DISABLE_UNRET 0 ++#else ++# define DISABLE_UNRET (1 << (X86_FEATURE_UNRET & 31)) ++#endif ++ + #ifdef CONFIG_INTEL_IOMMU_SVM + # define DISABLE_ENQCMD 0 + #else +@@ -82,7 +101,7 @@ + #define DISABLED_MASK8 0 + #define DISABLED_MASK9 (DISABLE_SMAP|DISABLE_SGX) + #define DISABLED_MASK10 0 +-#define DISABLED_MASK11 0 ++#define DISABLED_MASK11 (DISABLE_RETPOLINE|DISABLE_RETHUNK|DISABLE_UNRET) + #define DISABLED_MASK12 0 + #define DISABLED_MASK13 0 + #define DISABLED_MASK14 0 diff --git a/tools/arch/x86/include/asm/msr-index.h b/tools/arch/x86/include/asm/msr-index.h -index 4425d6773183..8a0a53cf360d 100644 +index 4425d6773183..ad084326f24c 100644 --- a/tools/arch/x86/include/asm/msr-index.h +++ b/tools/arch/x86/include/asm/msr-index.h @@ -51,6 +51,8 @@ @@ -5708,7 +5877,15 @@ index 4425d6773183..8a0a53cf360d 100644 #define MSR_IA32_PRED_CMD 0x00000049 /* Prediction Command */ #define PRED_CMD_IBPB BIT(0) /* Indirect Branch Prediction Barrier */ -@@ -138,6 +140,13 @@ +@@ -91,6 +93,7 @@ + #define MSR_IA32_ARCH_CAPABILITIES 0x0000010a + #define ARCH_CAP_RDCL_NO BIT(0) /* Not susceptible to Meltdown */ + #define ARCH_CAP_IBRS_ALL BIT(1) /* Enhanced IBRS support */ ++#define ARCH_CAP_RSBA BIT(2) /* RET may use alternative branch predictors */ + #define ARCH_CAP_SKIP_VMENTRY_L1DFLUSH BIT(3) /* Skip L1D flush on vmentry */ + #define ARCH_CAP_SSB_NO BIT(4) /* + * Not susceptible to Speculative Store Bypass +@@ -138,6 +141,13 @@ * bit available to control VERW * behavior. */ @@ -5722,6 +5899,16 @@ index 4425d6773183..8a0a53cf360d 100644 #define MSR_IA32_FLUSH_CMD 0x0000010b #define L1D_FLUSH BIT(0) /* +@@ -552,6 +562,9 @@ + /* Fam 17h MSRs */ + #define MSR_F17H_IRPERF 0xc00000e9 + ++#define MSR_ZEN2_SPECTRAL_CHICKEN 0xc00110e3 ++#define MSR_ZEN2_SPECTRAL_CHICKEN_BIT BIT_ULL(1) ++ + /* Fam 16h MSRs */ + #define MSR_F16H_L2I_PERF_CTL 0xc0010230 + #define MSR_F16H_L2I_PERF_CTR 0xc0010231 diff --git a/tools/include/linux/objtool.h b/tools/include/linux/objtool.h index c81ea2264ad8..376110ead758 100644 --- a/tools/include/linux/objtool.h -- cgit v1.2.3