+95
−36
Loading
Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more
commit 1e19da8522c81bf46b335f84137165741e0d82b7 upstream.
Thanks to the chaps at VUsec it is now clear that eIBRS is not
sufficient, therefore allow enabling of retpolines along with eIBRS.
Add spectre_v2=eibrs, spectre_v2=eibrs,lfence and
spectre_v2=eibrs,retpoline options to explicitly pick your preferred
means of mitigation.
Since there's new mitigations there's also user visible changes in
/sys/devices/system/cpu/vulnerabilities/spectre_v2 to reflect these
new mitigations.
[ bp: Massage commit message, trim error messages,
do more precise eIBRS mode checking. ]
Co-developed-by:
Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by:
Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by:
Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by:
Borislav Petkov <bp@suse.de>
Reviewed-by:
Patrick Colp <patrick.colp@oracle.com>
Reviewed-by:
Thomas Gleixner <tglx@linutronix.de>
[fllinden@amazon.com: backported to 4.19 (no Hygon)]
Signed-off-by:
Frank van der Linden <fllinden@amazon.com>
Signed-off-by:
Ben Hutchings <ben@decadent.org.uk>
Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>