Linux Fixes Spectre V1 SWAPGS Mitigation After Being Partially Borked Since Last Year
Thanks to an Alibaba engineer, Lai Jiangshan, are some important fixes around the Spectre V1 SWAPGS mitigation that are landing today in the mainline kernel.
First up is a patch for a missing fence for the kernel entry SWAPGS within the paranoid_entry path. A change to the mainline kernel last year ended up regressing the Spectre V1 SWAPGS mitigations with a missing fence in this path. That linked patch has all of the details. More background information on the Spectre V1 SWAPGS mitigation handling for the Linux kernel is outlined in the original code from 2019 when the Spectre V1 SWAPGS mitigations were merged after CVE-2019-1125 and friends were made public.
Also part of today's pull request is this fix over using the correct fence macro. The proper fence macro is now used for making sure speculation is blocked.
A third patch today by Lai Jiangshan has an important Xen fix too for potential stack clobbering that was discovered along the SWAPGS path.
The SWAPGS fencing issues along with other x86 fixes were sent in this morning as part of this pull request. The Spectre V1 SWAPGS vulnerability/mitigation affects Intel CPUs from Ivy Bridge and newer with Alder Lake still relying on the SWAPGS/usercopy barriers.