linux/scripts
Linus Torvalds ce114c8668 Just when you thought that all the speculation bugs were addressed and
solved and the nightmare is complete, here's the next one: speculating
 after RET instructions and leaking privileged information using the now
 pretty much classical covert channels.
 
 It is called RETBleed and the mitigation effort and controlling
 functionality has been modelled similar to what already existing
 mitigations provide.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmLKqAgACgkQEsHwGGHe
 VUoM5w/8CSvwPZ3otkhmu8MrJPtWc7eLDPjYN4qQP+19e+bt094MoozxeeWG2wmp
 hkDJAYHT2Oik/qDuEdhFgNYwS7XGgbV3Py3B8syO4//5SD5dkOSG+QqFXvXMdFri
 YsVqqNkjJOWk/YL9Ql5RS/xQewsrr0OqEyWWocuI6XAvfWV4kKvlRSd+6oPqtZEO
 qYlAHTXElyIrA/gjmxChk1HTt5HZtK3uJLf4twNlUfzw7LYFf3+sw3bdNuiXlyMr
 WcLXMwGpS0idURwP3mJa7JRuiVBzb4+kt8mWwWqA02FkKV45FRRRFhFUsy667r00
 cdZBaWdy+b7dvXeliO3FN/x1bZwIEUxmaNy1iAClph4Ifh0ySPUkxAr8EIER7YBy
 bstDJEaIqgYg8NIaD4oF1UrG0ZbL0ImuxVaFdhG1hopQsh4IwLSTLgmZYDhfn/0i
 oSqU0Le+A7QW9s2A2j6qi7BoAbRW+gmBuCgg8f8ECYRkFX1ZF6mkUtnQxYrU7RTq
 rJWGW9nhwM9nRxwgntZiTjUUJ2HtyXEgYyCNjLFCbEBfeG5QTg7XSGFhqDbgoymH
 85vsmSXYxgTgQ/kTW7Fs26tOqnP2h1OtLJZDL8rg49KijLAnISClEgohYW01CWQf
 ZKMHtz3DM0WBiLvSAmfGifScgSrLB5AjtvFHT0hF+5/okEkinVk=
 =09fW
 -----END PGP SIGNATURE-----

Merge tag 'x86_bugs_retbleed' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 retbleed fixes from Borislav Petkov:
 "Just when you thought that all the speculation bugs were addressed and
  solved and the nightmare is complete, here's the next one: speculating
  after RET instructions and leaking privileged information using the
  now pretty much classical covert channels.

  It is called RETBleed and the mitigation effort and controlling
  functionality has been modelled similar to what already existing
  mitigations provide"

* tag 'x86_bugs_retbleed' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (54 commits)
  x86/speculation: Disable RRSBA behavior
  x86/kexec: Disable RET on kexec
  x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
  x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
  x86/bugs: Add Cannon lake to RETBleed affected CPU list
  x86/retbleed: Add fine grained Kconfig knobs
  x86/cpu/amd: Enumerate BTC_NO
  x86/common: Stamp out the stepping madness
  KVM: VMX: Prevent RSB underflow before vmenter
  x86/speculation: Fill RSB on vmexit for IBRS
  KVM: VMX: Fix IBRS handling after vmexit
  KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
  KVM: VMX: Convert launched argument to flags
  KVM: VMX: Flatten __vmx_vcpu_run()
  objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
  x86/speculation: Remove x86_spec_ctrl_mask
  x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
  x86/speculation: Fix SPEC_CTRL write on SMT state change
  x86/speculation: Fix firmware entry SPEC_CTRL handling
  x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
  ...
2022-07-11 18:15:25 -07:00
..
atomic locking/atomic: Add generic try_cmpxchg64 support 2022-05-18 00:08:27 +02:00
basic randstruct: Move seed generation into scripts/basic/ 2022-05-08 01:33:07 -07:00
clang-tools gen_compile_commands: handle multiple lines per .mod file 2022-06-29 11:43:13 +09:00
coccinelle drop fen.cocci 2022-01-15 12:15:35 +01:00
dtc h8300: remove stale bindings and symlink 2022-05-20 22:40:56 +02:00
dummy-tools scripts: dummy-tools, add pahole 2022-05-08 03:16:59 +09:00
gcc-plugins gcc-plugins: use KERNELVERSION for plugin version 2022-05-24 08:25:16 -07:00
gdb scripts/gdb: change kernel config dumping method 2022-06-11 18:31:53 +09:00
genksyms genksyms: adjust the output format to modpost 2022-05-24 16:33:20 +09:00
kconfig scripts: kconfig: nconf: make nconfig accept jk keybindings 2022-06-05 06:20:57 +09:00
ksymoops
mod modpost: fix section mismatch check for exported init/exit sections 2022-06-20 08:18:03 +09:00
package objtool: Add CONFIG_OBJTOOL 2022-04-22 12:32:03 +02:00
selinux selinux: declare data arrays const 2022-05-03 15:53:49 -04:00
tracing scripts/tracing: fix the bug that can't parse raw_trace_func 2021-08-04 17:49:26 -04:00
.gitignore certs: move scripts/extract-cert to certs/ 2022-01-08 18:28:21 +09:00
adjust_autoksyms.sh kbuild: split the second line of *.mod into *.usyms 2022-05-08 03:16:59 +09:00
as-version.sh kbuild: Switch to 'f' variants of integrated assembler flag 2021-09-03 08:17:20 +09:00
asn1_compiler.c
bin2c.c
bloat-o-meter scripts/bloat-o-meter: filter out vermagic as it is not relevant 2022-04-29 14:37:57 -07:00
bootgraph.pl
bpf_doc.py bpf: Add verifier support for dynptrs 2022-05-23 14:30:17 -07:00
cc-can-link.sh
cc-version.sh kbuild: collect minimum tool versions into scripts/min-tool-version.sh 2021-04-25 05:14:26 +09:00
check_extable.sh scripts: check_extable: fix typo in user error message 2021-09-08 11:50:28 -07:00
check-blacklist-hashes.awk certs: Check that builtin blacklist hashes are valid 2022-05-23 18:47:49 +03:00
check-local-export scripts/check-local-export: avoid 'wait $!' for process substitution 2022-06-10 03:47:13 +09:00
check-sysctl-docs
checkdeclares.pl scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
checkincludes.pl
checkkconfigsymbols.py checkkconfigsymbols.py: Remove skipping of help lines in parse_kconfig_file 2021-09-19 10:13:03 +09:00
checkpatch.pl checkpatch: add new alloc functions to alloc with multiplies check 2022-04-26 01:30:33 -05:00
checkstack.pl
checksyscalls.sh checksyscalls: ignore -Wunused-macros 2022-05-08 03:16:59 +09:00
checkversion.pl scripts: checkversion: modernize linux/version.h search strings 2021-08-05 20:55:39 +09:00
cleanfile
cleanpatch
coccicheck scripts: coccicheck: fix troubles on non-English builds 2021-05-18 11:09:59 +02:00
config
const_structs.checkpatch const_structs.checkpatch: add frequently used ops structs 2022-01-20 08:52:54 +02:00
decode_stacktrace.sh scripts/decode_stacktrace.sh: support old bash version 2022-04-29 14:37:57 -07:00
decodecode scripts/decodecode: fix faulting instruction no print when opps.file is DOS format 2021-11-06 13:30:32 -07:00
depmod.sh
dev-needs.sh
diffconfig
documentation-file-ref-check scripts: documentation-file-ref-check: fix bpf selftests path 2021-10-26 09:42:29 -06:00
export_report.pl
extract_xc3028.pl
extract-ikconfig
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux
faddr2line faddr2line: Fix overlapping text section failures, the sequel 2022-06-06 11:50:11 -07:00
file-size.sh
find-unused-docs.sh
gcc-goto.sh
gcc-ld
gcc-x86_32-has-stack-protector.sh
gcc-x86_64-has-stack-protector.sh
gen_autoksyms.sh kbuild: Ignore __this_module in gen_autoksyms.sh 2022-06-26 06:15:05 +09:00
gen_ksymdeps.sh kbuild: redo fake deps at include/ksym/*.h 2021-09-03 08:17:21 +09:00
gen-randstruct-seed.sh randstruct: Move seed generation into scripts/basic/ 2022-05-08 01:33:07 -07:00
generate_initcall_order.pl
get_abi.pl scripts/get_abi: Fix wrong script file name in the help message 2022-04-24 10:38:44 +02:00
get_dvb_firmware
get_feat.pl scripts/get_feat.pl: allow output the parsed file names 2022-03-28 13:53:46 -06:00
get_maintainer.pl get_maintainer: Honor mailmap for in file emails 2022-04-29 14:38:00 -07:00
gfp-translate
headerdep.pl
headers_install.sh
insert-sys-cert.c
install.sh kbuild: factor out the common installation code into scripts/install.sh 2022-05-11 21:45:53 +09:00
jobserver-exec scripts/jobserver-exec: Fix a typo ("envirnoment") 2021-05-17 12:10:03 +09:00
kallsyms.c scripts/kallsyms: update usage message of the kallsyms program 2022-05-27 15:51:48 +09:00
Kbuild.include kbuild: add cmd_and_savecmd macro 2022-06-01 23:07:29 +09:00
Kconfig.include kbuild: check the minimum assembler version in Kconfig 2021-04-25 05:14:41 +09:00
kernel-doc scripts/kernel-doc: change the line number meta info 2022-03-28 13:53:46 -06:00
ld-version.sh kbuild: collect minimum tool versions into scripts/min-tool-version.sh 2021-04-25 05:14:26 +09:00
leaking_addresses.pl leaking_addresses: Always print a trailing newline 2021-10-15 11:25:13 +02:00
Lindent
link-vmlinux.sh kbuild: factor out the common objtool arguments 2022-06-05 06:20:57 +09:00
Makefile kbuild: Allow kernel installation packaging to override pkg-config 2022-04-05 17:03:31 +09:00
Makefile.asm-generic
Makefile.build kbuild: avoid regex RS for POSIX awk 2022-06-08 01:27:26 +09:00
Makefile.clang um: Allow builds with Clang 2022-03-21 08:13:03 -07:00
Makefile.clean kbuild: drop $(objtree)/ prefix support for clean-files 2022-05-08 03:17:00 +09:00
Makefile.compiler kbuild: remove TMPO from try-run 2021-04-25 05:25:56 +09:00
Makefile.debug kbuild: split DEBUG_CFLAGS out to scripts/Makefile.debug 2021-10-24 13:48:33 +09:00
Makefile.dtbinst
Makefile.extrawarn kbuild: support W=e to make build abort in case of warning 2022-05-08 03:16:59 +09:00
Makefile.gcc-plugins randstruct: Split randstruct Makefile and CFLAGS 2022-05-08 01:33:06 -07:00
Makefile.headersinst
Makefile.host
Makefile.kasan kasan: always respect CONFIG_KASAN_STACK 2021-09-24 16:13:35 -07:00
Makefile.kcov
Makefile.kcsan kcsan: Ignore GCC 11+ warnings about TSan runtime support 2021-12-09 16:42:27 -08:00
Makefile.lib x86/retbleed: Add fine grained Kconfig knobs 2022-06-29 17:43:41 +02:00
Makefile.modfinal kbuild: do not create *.prelink.o for Clang LTO or IBT 2022-05-29 18:39:35 +09:00
Makefile.modinst kbuild: remove unused cmd_none in scripts/Makefile.modinst 2022-07-10 21:25:15 +09:00
Makefile.modpost kbuild: do not create *.prelink.o for Clang LTO or IBT 2022-05-29 18:39:35 +09:00
Makefile.package kbuild: Add make tarzst-pkg build option 2021-10-12 11:50:46 +09:00
Makefile.randstruct randstruct: Enable Clang support 2022-05-08 01:33:07 -07:00
Makefile.ubsan ubsan: remove CONFIG_UBSAN_OBJECT_SIZE 2022-01-20 08:52:55 +02:00
Makefile.userprogs
Makefile.vmlinux kbuild: link symbol CRCs at final link, removing CONFIG_MODULE_REL_CRCS 2022-05-24 16:33:20 +09:00
Makefile.vmlinux_o x86/retbleed: Add fine grained Kconfig knobs 2022-06-29 17:43:41 +02:00
makelst
markup_oops.pl
min-tool-version.sh scripts/min-tool-version.sh: raise minimum clang version to 14.0.0 for s390 2022-05-17 15:16:29 +02:00
mkcompile_h sched/preempt: Tell about PREEMPT_DYNAMIC on kernel headers 2022-03-11 15:36:35 +01:00
mksysmap
mkuboot.sh
module.lds.S module: combine constructors in module linker script 2021-07-19 14:51:40 +02:00
modules-check.sh kbuild: check module name conflict for external modules as well 2021-04-25 05:22:42 +09:00
nsdeps scripts/nsdeps: adjust to the format change of *.mod files 2022-06-08 20:14:13 +09:00
objdiff kbuild: clean .tmp_* pattern by make clean 2022-06-05 06:20:57 +09:00
objdump-func scripts: Create objdump-func helper script 2022-05-12 10:08:43 -07:00
pahole-flags.sh scripts/pahole-flags.sh: Parse DWARF and generate BTF with multithreading. 2022-02-22 14:32:44 -08:00
pahole-version.sh kbuild: Add CONFIG_PAHOLE_VERSION 2022-02-02 11:19:33 +01:00
parse-maintainers.pl
patch-kernel
profile2linkerlist.pl
prune-kernel scripts/prune-kernel: Use kernel-install if available 2022-05-11 21:46:38 +09:00
recordmcount.c
recordmcount.h recordmcount: Correct st_shndx handling 2021-06-18 09:09:17 -04:00
recordmcount.pl nds32: Remove the architecture 2022-03-07 13:54:59 +01:00
remove-stale-files Kbuild updates for v5.17 2022-01-19 11:15:19 +02:00
setlocalversion kbuild: do not quote string values in include/config/auto.conf 2022-01-08 18:03:57 +09:00
show_delta
sign-file.c cert host tools: Stop complaining about deprecated OpenSSL functions 2022-06-08 13:18:39 -07:00
sorttable.c LoongArch: Add ELF-related definitions 2022-06-03 20:09:27 +08:00
sorttable.h script/sorttable: Fix some initialization problems 2022-01-18 10:17:18 -05:00
spdxcheck-test.sh docs: move Linux logo into a new images folder 2022-06-01 09:32:45 -06:00
spdxcheck.py scripts/spdxcheck: Put excluded files and directories into a separate file 2022-05-18 15:34:33 +02:00
spdxexclude scripts/spdxcheck: Exclude top-level README 2022-05-18 15:35:42 +02:00
spelling.txt scripts/spelling.txt: add more spellings to spelling.txt 2022-03-22 15:57:00 -07:00
sphinx-pre-install scripts: sphinx-pre-install: Fix ctex support on Debian 2022-01-07 09:33:13 -07:00
split-man.pl
stackdelta
stackusage
subarch.include LoongArch: Add build infrastructure 2022-06-03 20:09:27 +08:00
syscallhdr.sh scripts: check duplicated syscall number in syscall table 2021-07-09 04:00:39 +09:00
syscallnr.sh scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
syscalltbl.sh scripts: check duplicated syscall number in syscall table 2021-07-09 04:00:39 +09:00
tags.sh scripts/tags.sh: Invoke 'realpath' via 'xargs' 2022-05-19 18:54:40 +02:00
test_fortify.sh fortify: Update compile-time tests for Clang 14 2022-02-13 16:50:06 -08:00
tools-support-relr.sh Makefile: fix GDB warning with CONFIG_RELR 2021-06-08 13:09:34 +01:00
unifdef.c
ver_linux Removed the oprofiled version option 2021-05-03 17:23:06 -06:00
xen-hypercalls.sh scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
xz_wrap.sh